last executing test programs:

4m50.57037431s ago: executing program 3 (id=4):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00')
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
bind$netlink(r0, &(0x7f0000000580)={0x10, 0x0, 0x25dfdbfd}, 0xc)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r5, 0x52b242d)
keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x3})
readv(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)=ANY=[], 0x4c}}, 0x0)
close(0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x50)

4m49.460186996s ago: executing program 3 (id=6):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000dc0)={[{@umask}, {@nls={'nls', 0x3d, 'maccenteuro'}}, {@part={'part', 0x3d, 0x4}}, {@nobarrier}, {@force}, {@gid}, {@gid}, {}]}, 0x44, 0x70f, &(0x7f00000005c0)="$eJzs3U1sHGcZAOB31uuNN5XcbZu0BSHFakQEDSS2l5IgIRGqCvlQQSQuvS6J01heu8F2kRMh4gCFI5xQDj0UIXPoCfWAVMQBUc5ISFxR7pF6jziwaP7Wu/5Zr+u/JH0eaXa+mfl+3nk983k9m2gD+NyaeStG1yKJmfNvrqbbD9ab7QfrzYWyHBEnIqISUc1XkSxGJJ9EXIl8iS+kO4vukp3Gee3hx++fu/9hM9+qFktWvzKo3YbOgBHWiiUmImKkWMfYnjJR3am/a/F63l+Pu3vqOunGnSbsbJk4OG6dLdb20nyI+xZ43N2NGBndZn8j4mTxqzR9HxDF7FA54vAO3J5mOQAAAHg8jexW4dlH8ShWY/xowgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICnQ5J/Z2BSLJWyPBFJ+f3/tWJfqlY75ngH+9oux9+7cUSBAAAAAAAAAMCh+Kj44P7Mo3gUqzFe7u8k2Wf+r2Qbp7LXZ+LdWI7ZWIoLsRqtWImVWIqpiNHxng5rq62VlaWprS1/F2nLTqdzt2g5HRGNLS2ndwi0csAnDgAAAAAAAABPp5/HTIwfdxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAriRjJV9lyqiw3olKNiLGIqKX11iL+WpafZH877gAAAADg8NWL9Xjyv7zQSbK/+V/M/u4fi3djMVZiLlaiHbNxPXsWkP/VX/nXWrP9YL25kC5bO/7up3uKI+sxIkbi3g4jT2Y1TndbzMT34odxPibiaizFXPwkWrESszER9fQkohVJNOr504tGGef28V7p27raLXXysz2zKdaXs0jqcSPmstguxLVa5I9NsnNIx3y5Z7Q/1yI2jXgvzU7yncKQObre8/P6bfFcpoz02SH7OByN7MxHuxmZTHNfZOO5wbkfeJ38eNeRpqLSfQZ1amOUdHPzSGXOf7SXnJ/MV2Ppy6/6c37QBjxKG91m3+ZMTEeluPoiXuzP+a0v33++v/FX//33qzcri/M3byyfP8RT2o+J3Sp0k7I5E82eTLw0+OorMtFOM7E2fCa2/DzGhm15uGpFNrKpaMjZ8o2s1IpXei7Bd+J6zMalmIypuByT8a2Yjmb3CkuX0315rTYX+nOS3WuVrfNbfUDwZ7/SU+nXu1Q+WmlenuvJa+9M18iOFXuu/CYme66+5wdfffc+feMHeWnIGSkd/4tFOR3jF93fOI+DvkwUc3MZ3QuDM/H7Tvq63F6cX7rZujXkeOeKdXrbvtc/N/9h+Kg3/3bfjzKC9HpJZ9xqtpXlpF5eL+mxF7p1+/NVKz5xydtVthw73T3WiPGYi+/veKfWivdwW3vKj73Ue+w/GzNnrXh/Ux7re5cT70Q7exeyya5TNQBH7OSrJ2v1h/V/1j+o/7J+s/7m2OsnLp/4Ui1G/1H9y8ifKn+sfDt5NT6In8X4cUcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPg+Xbd+Zb7fbsUrcQY5v37LdQ23GswYWo7Fpn/ZnhOoxGxOCxkqJQO9hzfxIL9di0p/x+o/32/FFEDKhT23fwyZ6vsT0X0jwcSIedTp7UbE9nZA/Nq2Wr7etUY3ks5ltJdZs77sTGXRCN+Vb7v52+5vXouWWAp9zFlYVbF5dv3/n63ELr7dm3ZxenL1+6fKn5zalvXLwx156dzF+PO0rgMCzfvjOyze7tvnkYAAAAAAAAAAAAeEwU//p/5TP/Z4bqLnVqS8vbj3zmqE8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeELNvBWja5HE1OSFyXT7wXqznS5luahW2VglP41IPom4EvkSjZ7ukp3Gee3hx++fu/9hM9+qFktWvzKo3XDWiiUmImKkWO/uxDbdbO3vWk9/a58pvKR7hmnCzpaJg+P2/wAAAP//hd/4FA==")
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'})
socket$inet(0x2, 0x80000, 0x2)
syz_emit_ethernet(0xfdef, &(0x7f0000000e80)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6092eedd0efda1c01f00082f00fe8000000000000000000000000000bb00000000000000000000ffff000000f5242065580000001200000021000086dd080088be4305000f1000000001000000007ed032d80022eb000000002000000002000000000000000000000008006558000000003fffe1488bf357f212d9b26268de287d154bd8"], 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r1, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10, 0x0}}], 0x1, 0x8015)
sendmmsg$inet(r1, &(0x7f0000002400)=[{{&(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10, 0x0}}], 0x1, 0x4048040)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
fsync(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvfrom(r4, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)

4m48.363144951s ago: executing program 3 (id=7):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000), 0x8)
r5 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r5, &(0x7f00000002c0)="05031600d3fc140000004788031c09103328", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

4m48.323831443s ago: executing program 2 (id=3):
r0 = syz_mount_image$udf(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x14444, &(0x7f0000000280)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c766f6c756d653d3030303030303030303030300000000063686f723d30303030303030303030303030303030303030342c6e6f6164696e6963622c6769643d69676e6f72652c7569643d6967ee6f7200006769643dc7865530221d5cf1ffa33f314577d414dd0f02989f344aa1daf1517b816480770a92f1eaeab3d78957fc83df545faf189820845d1a3ae48728ee6ed8684b4f3acff28b7d51848813c91e8e6278a3cfa72eec120ebbc7baaaf78c062300000000000000", @ANYRESDEC, @ANYRESDEC], 0xfe, 0xc17, &(0x7f0000001180)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkJPBYGbfikuKsmRTpEj7+2zqNzv73ux7b9YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN97+dKZ59KjbgUAsJ+ujH/1zFn3fwD4RLnq//8BAAAAAAAAAAAAAOCgS1HE45Fi/sp6mqxedwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lz0/fKGbH1z/YXsyXh2/eqn+0tzN+YXW4mJruj4x256am2498BF2W3+7oWoA6jdfuzV9/fpi/eyz57a8fXvwvf7HTg5eHH769FPdshMjo6PjPWVqfR/50+9yrxkeR6OI05Hime/9JDUjoojdj8V9vjt77VjViaGqExMjo1VHZtrN2aXyzbHuQBQR9Z5Kje4Y7cO52JVGxHLZ/LLBQ2X3xuebC81rM636WHNhqb3UnpsdS53Wlv2pRxEXUsRKRKz13324viiiFim+c2I9XYuII91x+GI1Mfje7Sj2sI8PoGxnvS9ipTgE5+wA648iXokUP327iKlyzPJPfCHilTJ/EPFmmS9GpPKLcT7i3R2+RxxOtSjiL8rzf3E9TVfXg+515fLX6l+ZvT7XU7Z7XTn094f9dMCvTQNRRLO64q+nj/6bHQAAAAAAAAAAAAAAAAAetmNRxJOR4uX/+KNqXnFU89JPXBz+/cFf7J0z/sR9jlOWfTYilosHm5N7NE8hHktjKT3iucSfZANRxB/n+X/fetSNAQAAAAAAAAAAAAAAAAAA+EQr4seR4oV3TqWV6F1TvD17o361eW2msypsd+3f7prpGxsbG/XUyUbOyZzLOVdyruZcyxlFrp+zkXMy53LOlZyrOddyxpFcP2cj52TO5ZwrOVdzruWMWq6fs5FzMudyzpWcqznXcsYBWbsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODjpIgi3o8U3/7GeooUEY2Iyejkan+3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKPWnIr4fKep/0LizrxYRqfq341T5y/loHC3z09EYLvPFaFzK2ayy1vjWI2g/u9OXivhRpOgfeOvOCc/nv6/z6s7XIN785uarX6l18kj3zcH3+h87eeLi8OivPXGv7bRTA4Yut2dv3a5PjIyOjvfsruVP/3TPvsH8ucXD6ToRsfj6G681Z2ZaCzY+GRu1zkYtDkh79msjX6/ioLRn+0bjYDRjc+MRX5jYF+X9/91I8dvv/Gf3ht+9//9C59WdO3z87E827/8vbD/QHt3/H+/Z90L+3UhfLWJg6eZ838mIgcXX3zjdvtm80brRmj1/5syXh4e/fO5M39GIgevtmVbP1q6HCgAAAAAAAAAAAAAAAGB/pSJ+N1I0f7Se6hFxu5qvNXhx+OnTTx2JI9V8qy3ztl4dv3qp/tLczfmF1uJia7o+MduemptuPejHDVTTvSZGRvekM/d1bI/bf2zgpbn51xfaN/5wacf3jw9cura4tNCc2vntOBZFRKN3z1DV4ImR0arRM+3mbFV1bMfJdB9eXyrivyLF1Pl6+nzel+f/bZ/hv2X+//L2A+3R/L9P9ewrPzOlIn4WKX7rL5+Iz1ftPB53jVku97eRYujC53K5OFqW67ah81yBzszAsuz/RYp/fH9r2e58yMc3yz73wAN7SJTn/0Sk+P6ffzd+Pe/b+vyHnc//8e0H2qPz/5mefce3PK9g110nn//TkeLFx9+K38j7Puj5H0VsbGz8acSpXPjO8zn26Px/tmffYHQ+9zcfXvcBAAAAAAAAAAAOrb5UxN9FiqdGa+n5vO9B/v7f9PYD7dHf//rlnn3T+7Re0a4HFQAAAAAOiL5UxI8jxY2lt+7Mod46/7tn/ufvbK69PpK2vVv9Od8vVc8NeJh//tdrMH/u5O67DQAAAAAAAAAAAAAAAAAAAAdKSkU8n9dTn7zPeuqrkeLl/3kml0sny3LddeAHq18HrszNnr40MzM31VxqXptp1cfnm1Otsu5nIsX633wu1y2q9dW768131ngf2Oiuxb4QKUb/vlu2sxZ7d23yznrgnbXYy7KfihT//Q9by3bXsf7sZtmzZdm/jhRf/+edy57cLHuuLPvdSPHDr9e7ZY+XZbvPR+08k3SgFjOtZ6fmZu56FCoAAAAAAAAAAAAAAAAAAAB8WH2piD+LFP97cyWW87T/vP5/dwX+Wrfsm9/sWe9/m9vVOv+D1fr/99r+KOv/Dz60ngIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOGRoog3IsX8lfW02l++7hi43J69dXtiZHTnasdSVfNIVb78GXju7LnzX3p++EI3P7j+w/ZkvDp+9VL9pbmb8wutxcXWdH1itj01N9164CPstv7m0HUMVQNQv/narenr1xfrZ589t+Xt24Pv9T92cvDi8NOnn+qWnRgZHR3vKVPr+xCf/qEat+loFPFXkeKZ7/0k/Ut/RBG7H4v7fHf22rGqE0NVJyZGRquOzLSbs0vlm2PdgSgi6j2VGt0x2odzsSuNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv/twfVHEa5HiOyfW07/2RxzpjsMXr4x/9czZe7ej2MM+PoCynfW+iJXiEJyzA6w/ivinSPHTt0/Fv/VH1KLzE1+IeKXMH0S8WeaLEan8YpyPeHeH7xGHUy2K+P/y/F9cT2/3l9eD7nXl8tfqX5m9PtdTtntdOfT3h/10wK9NA1HED6sr/nr6d/9dAwAAAAAAAAAAAAAAABwgRfxqpHjhnVOpmh98Z05xe/ZG/Wrz2kxnWl937l93zvTGxsZGPXWykXMy53LOlZyrOddyRpHr52zknMy5nHMl52rOtZxxJNfP2cg5mXM550rO1ZxrOaOW6+ds5JzMuZxzJedqzrWccUDm7gEAAAAAAAAAAAAAAAAAAB8vRfVPim9/Yz1t9HfWl56MTq5aD/Rj7+cBAAD//1vO/Qs=")
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r0, 0x80811501, &(0x7f0000000380)={0x80})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)

4m46.318269944s ago: executing program 0 (id=1):
r0 = socket$inet(0x2, 0x3, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xe138, 0x198, 0x1c0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, '\x00', 'veth0_to_bond\x00', {}, {}, 0x21}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0xfffffffd, 0x0, 'snmp_trap\x00', 'syz0\x00', {0xfffffffffffffffc}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0xfffd, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
bpf$OBJ_PIN_PROG(0x11, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20004800)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg(r4, &(0x7f0000000140)=[{{&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0xa, 0x1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000300)='>', 0x1}], 0x1}}], 0x1, 0xc88c4)

4m46.222787389s ago: executing program 3 (id=9):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
pread64(r2, &(0x7f00000000c0)=""/30, 0x1e, 0x800000000004)

4m44.794527461s ago: executing program 2 (id=10):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x770d3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)

4m44.760061673s ago: executing program 0 (id=11):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)

4m44.460168678s ago: executing program 3 (id=12):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x200000000000000)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@block_validity}, {}, {@nombcache}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x149)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
pwrite64(r4, &(0x7f0000000000)='3', 0x1, 0x4fed0)
fallocate(r3, 0x10, 0xffff, 0x8001)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x0)
writev(r5, 0x0, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x440, 0x164)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r6, 0x40047211, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, 0x0)

4m43.511183275s ago: executing program 0 (id=13):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f00000001c0), 0x3, 0x40483)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x80)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840), 0x1, 0x793, &(0x7f0000001040)="$eJzs3F+IVGUbAPDnnN31288dHVcDIRSFrIxoXN0kg4gNAlmvAiEChdxyVrcdXdvZqN280AKpm4gFM5BEbyLoRrqJ7qSLUBLCi7qJjKKiAiusi+hmY2b2X+usTq7b0fX3gzPzvs/ZOc/7zB5ezgtzTgC3rbWVlyQiFxG7IiI/Hk8jYlG11RpxqPZ3o52n91a2JMbGtv+aVD4WBztP7504VjL+3hbVj8SWiPi4K4k1S67MWx4e6e8plYqD4/0NQ/sObCgPjzzQt69nT3FPcf9DD27e3NnZ0bHlxtX61sqdKz5/tHvz0ZWfrlr711fHk+iq1h0z6riRklmC3fORLEPT60yaMxwIDVva+sy8nPMAwM2tcp3fFBHN1ev9fDRF7eLtw1d2Xs7HI7Nepi5//MRP/+U4AQAAgOs31jQGAAAALHhJZD0CAAAAYH5N/A7gYOfpvRPbfPzOYFmd2OodEZceq+08OH5v8ehk/ubqPcQRrdESEYt/T2L6baXJLMf8N1Y/PccDzFF5W7b5LzyZbf7297PNf/LLiEOHI+JMV53zPxk//65fx4z+zHvB714xxwRz9N232eZftybb/EcHIs5U5p+uevNfOjn/RJ35p3ni2Qlz8HL71Pw32rko/jn/TeVvmmX+67rG8e9bXnt/491z79Tbf/aziEuHI+5snnq2w+gV539rNVe9/E80WGd707r19eJPvRcxdirinqiff3qu2Z8PsaG3r1TsqL3Wz//JN68X68W7W2r1L54tfxJX/f53NVh/2w8Xzh+oEx/rruVff1e9/OlVv/+m8WdsNOLU8NeD9eKF52r5d89S/7X+/282mP+LHQ+frRc/9kGDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC2k0ZELpK0MNlO00Ihoi0i7ojFaWmgPHR/78AL+3dX9kUsi5a0t69U7IiIfK2fVPobq+2p/qYZ/c6IaI+I1/L/r/YLzw6UdmddPAAAACxwuYiLO179aGXW4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NbQFhG5SNJCRKQR8WM+TQuFrEcFAAAA3Ai5iIurTp44Xmn/kc96NAAAAMB8qKz/Lx/55VxY/wMAAMCCZf0PAAAAC9/09T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDNIFfdkrQQEWm1naaFQsSSiFgWLUlvX6nYERFLI+J8vuV/lf7GrAcNAAAANCQXcXFr69bvsx4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC3hvLwSH9PqVQc1NDQ0JhsZD0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQhfLwSH9PqVQcLGc9EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALKV/pxERGW7N78u9/ylI9um712U/JmvvkfEi8e3H3upZ2hocGMl/ttkfOjt8fimrGoAAAAApptYp0+s4wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABpVHh7p7ymVioPz2Mi6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK7f3wEAAP//6TK2yA==")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}, 0x1, 0xd, 0x0, 0x80c5}, 0x20000000)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r5, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0x5)
read$FUSE(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x2, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x9, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xf, 0x1a, 0xf2, 0x10, 0x9, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xaa80, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x405, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xc0000000, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x9a7f, 0xe665, 0x3c6e, 0x3, 0x7, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x0, 0xa, 0x1b, 0x202, 0x7ff, 0x9, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0x7, 0xf, 0x8, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x8, 0x1, 0x3, 0x664, 0x4, 0x9, 0x9, 0x2, 0x8, 0xfffffffd, 0x10, 0x9, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x7ff, 0xe6, 0x6, 0x10001, 0x9, 0x68, 0x7, 0x201, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0xa, 0x40, 0x18, 0x80, 0xb5f8, 0x8bc, 0x3, 0x8000103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x5, 0x8, 0x6, 0x400, 0x40, 0x0, 0xc2, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x7, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0x200000ce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0xc, 0x1, 0x5, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80002001, 0x8, 0x8000, 0x4, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0x2, 0x89, 0x2, 0x3, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x10000004, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0x6, 0x0, 0x8, 0x40, 0xd3, 0x7, 0xffffffff, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x800001, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x5, 0x7fff, 0x103, 0x7, 0x6, 0x709, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x3, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0x3, 0xffffa9b4, 0x1, 0x4, 0x5, 0xd58, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8d, 0x1, 0x7, 0x8, 0x1, 0x89, 0x6, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0xfffffff7, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x20000005, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xfffffffc, 0x9, 0xffffa0a6, 0xc, 0x11, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x98, 0x9, 0xb, 0x800, 0x4, 0x9, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x6, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0xb, 0x0, 0x7, 0x8000000, 0x0, 0xfff, 0x8101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x4, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x2, 0x10001, 0x1, 0x7, 0xe4ce, 0x5, 0x9, 0xffffc487, 0x204, 0x10002, 0x1000, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb66d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x5, 0x3, 0xffffffff, 0x2, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x4, 0x2, 0x4, 0xfffc, 0x80000001, 0x5, 0x1, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0x0, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x193, 0x8, 0x0, 0x5, 0xf, 0x3, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x109, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x4007, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x1, 0x2, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x1, 0x3, 0x9, 0x1, 0x80000000, 0x9, 0x0, 0x5, 0x800081, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x0, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x4, 0x6, 0x9, 0x0, 0x8, 0x5, 0x3, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0x4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0xffffffff, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0xfffffffc, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x1, 0x6, 0x14827783, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xa, 0x3, 0x9, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x80, 0xd, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffe, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x1, 0x5, 0xfffffff7, 0x7, 0x9, 0x4, 0x6330, 0xff, 0x6, 0xea, 0xbb2d, 0xfff, 0x7, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0x9, 0x6, 0x5, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0xf01, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0x10000c0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x5, 0x93c, 0x6, 0x20000000, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xa3, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x2, 0x1, 0xfffffffa, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x42, 0xaa1, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x8, 0x7ff, 0x5, 0x40, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0x6, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0x3, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x401, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
syz_open_dev$evdev(0x0, 0x2, 0x8c2b01)

4m43.41098659s ago: executing program 2 (id=14):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000), 0x8)
r5 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r5, &(0x7f00000002c0)="05031600d3fc140000004788031c09103328", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

4m28.30574976s ago: executing program 32 (id=12):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x200000000000000)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@block_validity}, {}, {@nombcache}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x149)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
pwrite64(r4, &(0x7f0000000000)='3', 0x1, 0x4fed0)
fallocate(r3, 0x10, 0xffff, 0x8001)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x0)
writev(r5, 0x0, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x440, 0x164)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r6, 0x40047211, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, 0x0)

4m28.216890584s ago: executing program 33 (id=13):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f00000001c0), 0x3, 0x40483)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x80)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840), 0x1, 0x793, &(0x7f0000001040)="$eJzs3F+IVGUbAPDnnN31288dHVcDIRSFrIxoXN0kg4gNAlmvAiEChdxyVrcdXdvZqN280AKpm4gFM5BEbyLoRrqJ7qSLUBLCi7qJjKKiAiusi+hmY2b2X+usTq7b0fX3gzPzvs/ZOc/7zB5ezgtzTgC3rbWVlyQiFxG7IiI/Hk8jYlG11RpxqPZ3o52n91a2JMbGtv+aVD4WBztP7504VjL+3hbVj8SWiPi4K4k1S67MWx4e6e8plYqD4/0NQ/sObCgPjzzQt69nT3FPcf9DD27e3NnZ0bHlxtX61sqdKz5/tHvz0ZWfrlr711fHk+iq1h0z6riRklmC3fORLEPT60yaMxwIDVva+sy8nPMAwM2tcp3fFBHN1ev9fDRF7eLtw1d2Xs7HI7Nepi5//MRP/+U4AQAAgOs31jQGAAAALHhJZD0CAAAAYH5N/A7gYOfpvRPbfPzOYFmd2OodEZceq+08OH5v8ehk/ubqPcQRrdESEYt/T2L6baXJLMf8N1Y/PccDzFF5W7b5LzyZbf7297PNf/LLiEOHI+JMV53zPxk//65fx4z+zHvB714xxwRz9N232eZftybb/EcHIs5U5p+uevNfOjn/RJ35p3ni2Qlz8HL71Pw32rko/jn/TeVvmmX+67rG8e9bXnt/491z79Tbf/aziEuHI+5snnq2w+gV539rNVe9/E80WGd707r19eJPvRcxdirinqiff3qu2Z8PsaG3r1TsqL3Wz//JN68X68W7W2r1L54tfxJX/f53NVh/2w8Xzh+oEx/rruVff1e9/OlVv/+m8WdsNOLU8NeD9eKF52r5d89S/7X+/282mP+LHQ+frRc/9kGDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC2k0ZELpK0MNlO00Ihoi0i7ojFaWmgPHR/78AL+3dX9kUsi5a0t69U7IiIfK2fVPobq+2p/qYZ/c6IaI+I1/L/r/YLzw6UdmddPAAAACxwuYiLO179aGXW4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NbQFhG5SNJCRKQR8WM+TQuFrEcFAAAA3Ai5iIurTp44Xmn/kc96NAAAAMB8qKz/Lx/55VxY/wMAAMCCZf0PAAAAC9/09T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDNIFfdkrQQEWm1naaFQsSSiFgWLUlvX6nYERFLI+J8vuV/lf7GrAcNAAAANCQXcXFr69bvsx4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC3hvLwSH9PqVQc1NDQ0JhsZD0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQhfLwSH9PqVQcLGc9EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALKV/pxERGW7N78u9/ylI9um712U/JmvvkfEi8e3H3upZ2hocGMl/ttkfOjt8fimrGoAAAAApptYp0+s4wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABpVHh7p7ymVioPz2Mi6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK7f3wEAAP//6TK2yA==")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}, 0x1, 0xd, 0x0, 0x80c5}, 0x20000000)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r5, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0x5)
read$FUSE(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x2, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x9, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xf, 0x1a, 0xf2, 0x10, 0x9, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xaa80, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x405, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xc0000000, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x9a7f, 0xe665, 0x3c6e, 0x3, 0x7, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x0, 0xa, 0x1b, 0x202, 0x7ff, 0x9, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0x7, 0xf, 0x8, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x8, 0x1, 0x3, 0x664, 0x4, 0x9, 0x9, 0x2, 0x8, 0xfffffffd, 0x10, 0x9, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x7ff, 0xe6, 0x6, 0x10001, 0x9, 0x68, 0x7, 0x201, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0xa, 0x40, 0x18, 0x80, 0xb5f8, 0x8bc, 0x3, 0x8000103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x5, 0x8, 0x6, 0x400, 0x40, 0x0, 0xc2, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x7, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0x200000ce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0xc, 0x1, 0x5, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80002001, 0x8, 0x8000, 0x4, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0x2, 0x89, 0x2, 0x3, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x10000004, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0x6, 0x0, 0x8, 0x40, 0xd3, 0x7, 0xffffffff, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x800001, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x5, 0x7fff, 0x103, 0x7, 0x6, 0x709, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x3, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0x3, 0xffffa9b4, 0x1, 0x4, 0x5, 0xd58, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8d, 0x1, 0x7, 0x8, 0x1, 0x89, 0x6, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0xfffffff7, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x20000005, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xfffffffc, 0x9, 0xffffa0a6, 0xc, 0x11, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x98, 0x9, 0xb, 0x800, 0x4, 0x9, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x6, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0xb, 0x0, 0x7, 0x8000000, 0x0, 0xfff, 0x8101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x4, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x2, 0x10001, 0x1, 0x7, 0xe4ce, 0x5, 0x9, 0xffffc487, 0x204, 0x10002, 0x1000, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb66d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x5, 0x3, 0xffffffff, 0x2, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x4, 0x2, 0x4, 0xfffc, 0x80000001, 0x5, 0x1, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0x0, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x193, 0x8, 0x0, 0x5, 0xf, 0x3, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x109, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x4007, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x1, 0x2, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x1, 0x3, 0x9, 0x1, 0x80000000, 0x9, 0x0, 0x5, 0x800081, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x0, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x4, 0x6, 0x9, 0x0, 0x8, 0x5, 0x3, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0x4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0xffffffff, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0xfffffffc, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x1, 0x6, 0x14827783, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xa, 0x3, 0x9, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x80, 0xd, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffe, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x1, 0x5, 0xfffffff7, 0x7, 0x9, 0x4, 0x6330, 0xff, 0x6, 0xea, 0xbb2d, 0xfff, 0x7, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0x9, 0x6, 0x5, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0xf01, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0x10000c0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x5, 0x93c, 0x6, 0x20000000, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xa3, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x2, 0x1, 0xfffffffa, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x42, 0xaa1, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x8, 0x7ff, 0x5, 0x40, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0x6, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0x3, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x401, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
syz_open_dev$evdev(0x0, 0x2, 0x8c2b01)

4m28.138047928s ago: executing program 34 (id=14):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000), 0x8)
r5 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r5, &(0x7f00000002c0)="05031600d3fc140000004788031c09103328", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

5.035941547s ago: executing program 1 (id=485):
r0 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)="649f8bc756eb58f588aaf25f9d10b12d58c787e9ffe9ad47ddfca7125234f5ddfa8b75bf6a8b0af6a5ad7765d95e360c4031035f1218377808e3097e9cdeee486412c634a1435b8a745aed828672f764a0257dcdc418ae7f3c568fc5661df30b5cb773931fdadd39fce77cc5f1371a4745c376ae87b0d39f76538ceadde61f4e4ed8986badaf7c850bdddc6a0b8effd721", 0x91, r0)

4.874619625s ago: executing program 1 (id=486):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x808400, 0x0)
preadv(r0, &(0x7f0000003b80)=[{&(0x7f0000003800)=""/27, 0x1b}, {0x0}, {0x0}], 0x3, 0x0, 0xfffff61a)

4.806103088s ago: executing program 1 (id=489):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, &(0x7f0000000080)='7', 0x1)
write$char_usb(r0, &(0x7f0000000280)='L', 0x1)

2.194647759s ago: executing program 6 (id=508):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="430325bd7000fcffffff0c00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0)

2.19058528s ago: executing program 5 (id=509):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x627, 0x4c1, 0x43, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.126037903s ago: executing program 6 (id=510):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
r1 = syz_open_dev$sndpcmc(&(0x7f0000000d00), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000000000/0x3000)=nil, 0x1000, 0x1, 0x13, r1, 0x81000000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})

2.018479108s ago: executing program 6 (id=511):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0xa4, &(0x7f0000000440)=[@in6={0xa, 0x4e20, 0x401, @mcast1, 0x10000fff}, @in={0x2, 0x4e21, @private=0xa010100}, @in={0x2, 0x4e20, @rand_addr=0x64010101}, @in={0x2, 0x4e22, @empty}, @in6={0xa, 0x4e20, 0x8000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7fff}, @in6={0xa, 0x4e23, 0xe, @empty, 0x1fb2d4af}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e20, @private=0xa010100}]}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="7b87f20f"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.858309656s ago: executing program 5 (id=513):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)

1.676513966s ago: executing program 5 (id=518):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_80211_join_ibss(0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0xf6b8, 0x1000, 0x0, 0x8000028d}, &(0x7f0000000340), &(0x7f0000000040))
writev(r1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000020000300", @ANYRES32=r4, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}}, 0x28000)

1.510995314s ago: executing program 6 (id=520):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0})

1.454602147s ago: executing program 1 (id=521):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x2})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2c, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x18addbae, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.454337517s ago: executing program 5 (id=522):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='vegas', 0x5)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

1.389172s ago: executing program 5 (id=524):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0)
pipe2(0x0, 0x80800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x143102)
writev(r0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)

1.258636027s ago: executing program 6 (id=527):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000200)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000540)={@fd={0x66642a85, 0x0, r2}, @flat=@handle={0x77682a85, 0x1100, 0x1}, @fda={0x66646185, 0x3, 0x1, 0x30}}, &(0x7f00000004c0)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

1.166654181s ago: executing program 1 (id=528):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000140)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)={0x5, 0x830, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x2b, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x100003, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {0x3, 0xfff9}, {0xd}}}, 0x24}}, 0x0)

1.151586862s ago: executing program 7 (id=529):
r0 = syz_io_uring_setup(0x7537, &(0x7f0000000000)={0x0, 0x80aa, 0x400, 0x0, 0x9c}, &(0x7f0000000080), &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000003a00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003100)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x40}}], 0x2, 0x80)

1.135931403s ago: executing program 6 (id=531):
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008800}, 0x44)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d"], 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

994.48779ms ago: executing program 7 (id=532):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x41}}}, 0x0, 0x0, 0x3e, 0x0, "bb02a3c364ca41d6357e544508474004000b42a20000000000000010208a0e2f964e0000c534a632cd6193fcf19b2df3eea18afaa4ff1f56c54dc46d8b6d2ccd00a0cf0a007bbe00"}, 0xd8)
r0 = socket$kcm(0x23, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000240)=0x6, 0x4)
listen(r0, 0x800)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000"], 0x78)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x4, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0xe, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x47, 0x4c74, 0x80000000, 0x242, 0x3, 0x4, 0x0, 0x80008071, 0x7, 0x8, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0xffff, 0x3, 0x5, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x7, 0x209, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x8000047, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x81, 0x24f, 0x42, 0x3], [0x7, 0x408, 0x2, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x3, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x0, 0x4, 0x2950bfaf, 0x1000, 0x4b2760ed, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x1, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2eb, 0x0, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x1, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x201, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x6b, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x9, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x400007, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

994.24123ms ago: executing program 4 (id=533):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c0000000a0601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

965.722362ms ago: executing program 1 (id=534):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xc, {"a2e3ad2107c752f91b25470987f70e06d038e7ff7fc6e5539b3264078b089b3b083468060890e0878f0e1ac6e70a9b3365959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7dafbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194ba6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3df8fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f5f71d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810930500ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab974c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc660db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d154d8a5ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21e5ec68cb068ea88067d905ea917bb03eefdaebdeabf2c0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000001b0700", 0x1000}}, 0x1006)
r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d10009050700000000000009058973"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
openat$mice(0xffffff9c, &(0x7f0000000000), 0x1ad201)

890.292035ms ago: executing program 4 (id=535):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='scalable', 0x8)
shutdown(r0, 0x1)

738.671903ms ago: executing program 7 (id=536):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0x4}]}, 0x10)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x4e, &(0x7f0000000140)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x18, 0x11, 0x0, @local, @mcast2, {[], {0x4000, 0xe22, 0x18, 0x0, @opaque="03e6c6c583de1ef67514ae402cede04d"}}}}}}, 0x0)

725.956483ms ago: executing program 4 (id=537):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x1, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14)

641.396798ms ago: executing program 7 (id=538):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x200, 0x101, 0x4})
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x0, 0x0, 0xa, 0x1ff, 0x1})

562.467372ms ago: executing program 4 (id=539):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f024})
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000180)={0x2, @vbi={0x9, 0xdc, 0x2, 0x32314142, [0x1, 0x1], [0x8, 0x5], 0x1}})
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000300)=0x1, 0x4)
connect$inet(r2, &(0x7f00000006c0)={0x2, 0x1, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r3, &(0x7f0000002180)=[{{0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000000a40)="db", 0x1}], 0x1}}], 0x1, 0x4008440)
write$cgroup_int(r2, &(0x7f0000000100)=0x8, 0x12)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f00000021c0)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e3", @ANYRES8, @ANYRES8=r0, @ANYRESDEC=r2], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x1, 0x0, {0xa}}, 0x14}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x11, 0x0, &(0x7f0000000000)="06ff03076844268cb89e14f008004ee0ff", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = syz_kvm_setup_syzos_vm$x86(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r8, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r8, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r8, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r8, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r8, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r9 = syz_kvm_add_vcpu$x86(r7, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_SET_LAPIC(r9, 0x4400ae8f, &(0x7f00000005c0)={"827111ae5f158a9cec929ec5f2f66d42bbd6ee16f0da1bc1a1cf93d80b39a555be11cb44b3023b0ca5495c2017dc236cf9c8d2106d85b322ad2ac84977d743907acf1205f549d1661639dc221717dbef9a94e559801a502bec62a1c6ddbcc29fbe038e382e7f6e193e68770bb9830a69686f5740995768b7e67e7b56ced2e66ef0f8ab52b0643c496750e270f4c48a11746286f684ee79a484d315a999fda598a8af5ac1d9521286c8eb85cbcfe62e4a1dcd905494fe24b81db8928098392ef59376463c43c119680b2725ad809dfbcbaf3d6508cc535f6f543524ea6e4a4ebcabd4fd05b3ca3e1ec02b24a27c6b06a39ae165c05ad89a99fdf3cb784cbefea27148780dc65c81c9cd81ffccd1dbf2ca69f13e77e5a2b8e44d814f494f0adcf27aa6a596c71da84f5f5909f294abf85a6ea33012c613a918545102fc0e6ca1503e25264a95cbcd9a05ef41f4e187cfede314b0b4fae4e63b0b71aeca9231a33ee96f29a69876eb02a00b5a6646d54f742dda917abde0e0fc6e8c9fbb6748b7366d6487b6d87cfef0172161e26ea61d514c40e28374184099a84d48d54e3c99a69482ce8cd8b952065831044985a006839c65c74076cae071a3ec2d47b3a221f0c2ed01f88b64ad5f356a8770c754b7d1ef443ef9034886cd962994f1e1a137b128e1d0f53352901651ff94da6235f19524a9b19f9d1de2f9536b1ce056660c071d4a18d2a156d05d211db8c5475aef8997904364d0b20428fb9a6e9f1701ed228d7d4f3ab19ff45e02a251c1b5e2de3ebfb733458a6ba5f2b045746853becb38de6e1844b0300b678476119e3575d4739a91ffea0c138e5722d4e67e7653987d4df89e4da18d83ac2e02def9856820ba2ec38aeb484709c40edab1b02457a094282f169d2006c919efcaadb6988ab5b0fe3f74f53c8b9eab1ae06bd8bab13697205f45d8cd467f56d3846f60ec2a2c343a79dc4ea729e43f68faf8e106483fc4872a9df5bfe5e31ed91bf8e7cbbe0b8960192d9b4ff31c94deb1c05643adc2a8c99a97ee5e3f91ed1d799988b66bb2ab13aed754e3adf614e966a82ed807ce9a447f6b8af1b0a4aae4d937ebc684b129d5ae9eadd1c50fee15b39d50fe755082ffdecc8726ea1a10502047ee3c126a9d60f3851c8d110f4893278dbf0b039f8a13bcbce610c98a661ed4e7f0d459616619432e721c4bc9095a4fef5e5c331846bb139ec5468ddd5bd822a0b759691d016f8b7083f05972d12d7d4b2d03625a9a60d4595108f0b7691d17cd455c1cb10f375842dcb1c91e1e6bf2c6bb2339dbf4d624890ac00a26a39b5cd44d5f899e1aabd11440bdb3818bc7824f01928f6815a4641f74c5922c854bc3603eb755bd6d9f19a55ad5a0e152ab79d65f3082f479ede8d005174ee434b53f932efd60ff0fe9ac1e0c079ed8393b664ee8c400"})
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x6e0, 0x0, 0x200000000000000}]})

546.943263ms ago: executing program 7 (id=540):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x67, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x485, 0x0, 0x20000165}]})

513.267224ms ago: executing program 5 (id=541):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
r2 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f00000000c0)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x8000}}, 0x10)

336.008333ms ago: executing program 7 (id=542):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00'})
bind$can_raw(0xffffffffffffffff, 0x0, 0x0)
write$tun(r0, 0x0, 0x340a)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000540)={0x44, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0d, &(0x7f0000000040))

243.101888ms ago: executing program 4 (id=543):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
syz_emit_vhci(&(0x7f0000000700)=ANY=[@ANYRES16=r0], 0x7)

0s ago: executing program 4 (id=544):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x2, 0x0}, @multicast1}, {0x22, 0x7f, 0x0, @local}}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

kernel console output (not intermixed with test programs):

im4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  123.174927][ T4640] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  123.183880][ T4640] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  123.193097][ T4640] device vxlan0 entered promiscuous mode
[  123.209448][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  123.265988][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  123.898827][ T4377] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.728583][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  124.736226][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  124.784767][ T4374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.071258][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  125.156623][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  125.609817][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  125.642946][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  125.720134][ T4359] device veth0_vlan entered promiscuous mode
[  125.742014][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  125.782467][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.721362][ T4359] device veth1_vlan entered promiscuous mode
[  126.776290][ T4669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.57'.
[  126.908547][ T4679] loop4: detected capacity change from 0 to 8
[  126.947465][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  126.967257][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.993761][ T4359] device veth0_macvtap entered promiscuous mode
[  127.039213][ T4359] device veth1_macvtap entered promiscuous mode
[  127.650023][ T4688] netlink: 56 bytes leftover after parsing attributes in process `syz.1.59'.
[  128.593936][ T4377] device veth0_vlan entered promiscuous mode
[  128.641033][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  128.865272][ T4695] loop1: detected capacity change from 0 to 2048
[  129.576197][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  129.705566][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  129.735897][ T4695] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  129.750382][ T4695] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  129.939828][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  130.113653][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  130.143562][ T4349] udevd[4349]: incorrect ext4 checksum on /dev/loop1
[  130.270122][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.461998][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.691629][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.906702][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.115680][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.314906][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.396365][ T4349] udevd[4349]: incorrect ext4 checksum on /dev/loop1
[  131.488096][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.703265][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.898566][ T4359] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.983813][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  132.028991][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  132.096982][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  132.164489][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  132.507926][ T4276] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.625781][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.656588][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.763888][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.793874][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.804295][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.820874][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.827266][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  133.196496][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.226899][ T4359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.237890][ T4359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.249904][ T4359] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.289938][ T4276] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.488699][ T4717] loop1: detected capacity change from 0 to 2048
[  133.515027][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  133.533876][ T4717] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  133.547663][ T4717] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  133.988350][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  134.052016][ T4720] process 'syz.4.64' launched '/dev/fd/-1' with NULL argv: empty string added
[  134.837906][ T4377] device veth1_vlan entered promiscuous mode
[  134.847396][ T4194] udevd[4194]: incorrect ext4 checksum on /dev/loop1
[  134.858727][ T4359] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.881919][ T4359] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.921556][ T4359] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.003369][ T4359] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.403272][ T4374] device veth0_vlan entered promiscuous mode
[  135.410030][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  135.437506][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  135.469624][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  135.512423][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  135.762903][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  135.781387][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.778164][ T4276] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.833724][ T4374] device veth1_vlan entered promiscuous mode
[  137.046049][ T4735] loop4: detected capacity change from 0 to 1024
[  137.059274][ T4276] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.070375][ T4737] loop1: detected capacity change from 0 to 1024
[  137.175156][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  137.197233][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  137.211642][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  137.275980][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  137.302178][ T4374] device veth0_macvtap entered promiscuous mode
[  137.334904][ T4377] device veth0_macvtap entered promiscuous mode
[  137.364401][ T4742] hfsplus: b-tree write err: -5, ino 2
[  138.614641][ T4374] device veth1_macvtap entered promiscuous mode
[  138.667992][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  138.676325][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  138.747441][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  139.305831][ T4377] device veth1_macvtap entered promiscuous mode
[  139.384566][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.402564][ T1216] hfsplus: b-tree write err: -5, ino 25
[  139.412102][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.417559][ T1216] hfsplus: b-tree write err: -5, ino 4
[  139.423553][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.439461][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.439797][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.470742][ T1216] hfsplus: b-tree write err: -5, ino 2
[  139.476588][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.490184][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.502227][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.514892][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.526223][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.536371][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.548983][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.567067][ T4377] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.581642][ T4355] hfsplus: b-tree write err: -5, ino 25
[  139.597206][ T4355] hfsplus: b-tree write err: -5, ino 4
[  139.648207][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  139.657854][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  140.231229][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  140.265984][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.339818][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.434638][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.458104][ T4761] loop1: detected capacity change from 0 to 2048
[  140.474281][ T4761] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  140.487362][ T4761] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  140.595786][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.708320][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.807502][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.834614][ T4349] udevd[4349]: incorrect ext4 checksum on /dev/loop1
[  140.910164][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.021295][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.302837][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.906288][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.067828][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  142.117986][ T4349] udevd[4349]: incorrect ext4 checksum on /dev/loop1
[  142.193635][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.373802][ T4374] batman_adv: batadv0: Interface activated: batadv_slave_0
[  142.476565][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.625228][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.718367][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.830411][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.870463][ T4767] loop4: detected capacity change from 0 to 8
[  142.912834][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.084898][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.192526][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.230376][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.240498][ T4377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.251257][ T4377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.262945][ T4377] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.279688][ T4377] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.288951][ T4377] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.298761][ T4377] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.307694][ T4377] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.412188][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  143.433906][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  143.472371][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  143.483029][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  143.605508][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.657741][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.116710][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.127890][ T4773] loop1: detected capacity change from 0 to 64
[  144.181874][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.286576][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.297323][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.307465][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.318068][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.328133][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.339804][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.349930][ T4374] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.366237][ T4374] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.432808][ T4374] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.445144][ T4278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.465554][ T4278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.503800][ T4276] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.526175][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.554837][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.589135][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  144.627654][ T4358] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.648376][ T4358] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.673238][ T4374] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.692857][ T4374] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.703275][ T4374] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.718790][ T4374] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.740139][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  144.875377][ T4276] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.484220][ T4782] loop1: detected capacity change from 0 to 1024
[  145.761811][ T4276] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.470608][ T4244] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.542592][ T4244] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.603417][ T4276] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.754989][ T4797] loop4: detected capacity change from 0 to 2048
[  147.030764][ T4802] loop5: detected capacity change from 0 to 8
[  147.677428][ T4782] hfsplus: b-tree write err: -5, ino 2
[  147.730552][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  147.783886][ T4802] squashfs: Unknown parameter 'e3Ō�����t�!�!);�Q�ڵ����E�B���>'
[  147.810656][ T4797] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  147.899363][ T4797] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.108808][ T4244] hfsplus: b-tree write err: -5, ino 25
[  148.114631][ T4244] hfsplus: b-tree write err: -5, ino 4
[  151.155959][ T4819] ODEBUG: Out of memory. ODEBUG disabled
[  151.356625][ T4834] overlayfs: failed to resolve './file0/file0': -2
[  153.525717][ T4860] Cannot find add_set index 65532 as target
[  154.329911][ T4461] Bluetooth: hci4: command 0x0409 tx timeout
[  154.419876][ T4458] Bluetooth: hci5: command 0x0409 tx timeout
[  154.609765][ T4863] loop1: detected capacity change from 0 to 1024
[  156.033466][ T4863] EXT4-fs (loop1): Ignoring removed orlov option
[  156.165677][ T4863] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  156.336724][ T4233] Bluetooth: hci4: command 0x041b tx timeout
[  156.499422][ T4458] Bluetooth: hci5: command 0x041b tx timeout
[  156.849115][ T4830] chnl_net:caif_netlink_parms(): no params data found
[  156.917264][ T4873] Cannot find add_set index 65532 as target
[  158.181877][ T4880] Cannot find add_set index 65532 as target
[  159.102928][ T4458] Bluetooth: hci4: command 0x040f tx timeout
[  159.157870][ T4883] loop4: detected capacity change from 0 to 8
[  159.166638][ T4458] Bluetooth: hci5: command 0x040f tx timeout
[  159.370884][ T4826] chnl_net:caif_netlink_parms(): no params data found
[  161.422910][ T4458] Bluetooth: hci5: command 0x0419 tx timeout
[  161.500616][ T4458] Bluetooth: hci4: command 0x0419 tx timeout
[  161.640504][ T4906] loop1: detected capacity change from 0 to 1024
[  161.695654][ T4906] EXT4-fs (loop1): Ignoring removed orlov option
[  161.866320][ T4830] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.892810][ T4830] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.925194][ T4906] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  162.074824][ T4830] device bridge_slave_0 entered promiscuous mode
[  163.078309][ T4830] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.085635][ T4830] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.207743][ T4830] device bridge_slave_1 entered promiscuous mode
[  163.237863][ T4826] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.244976][ T4826] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.259657][ T4826] device bridge_slave_0 entered promiscuous mode
[  163.637302][ T4826] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.654669][ T4826] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.690665][ T4826] device bridge_slave_1 entered promiscuous mode
[  163.764700][ T4830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.815065][ T4826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.949790][ T4830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.988433][ T4826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.716617][ T4929] loop4: detected capacity change from 0 to 2048
[  165.091078][ T4929] EXT4-fs warning (device loop4): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  165.105703][ T4929] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  165.136407][ T4830] team0: Port device team_slave_0 added
[  165.598967][ T4830] team0: Port device team_slave_1 added
[  165.641646][ T4809] udevd[4809]: incorrect ext4 checksum on /dev/loop4
[  165.915210][ T4826] team0: Port device team_slave_0 added
[  165.922100][ T4830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.930132][ T4830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.967403][ T4830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.140061][ T4826] team0: Port device team_slave_1 added
[  167.146298][ T4926] netlink: 8 bytes leftover after parsing attributes in process `syz.5.97'.
[  167.314657][ T4938] loop1: detected capacity change from 0 to 1024
[  167.387907][ T4938] EXT4-fs (loop1): Ignoring removed orlov option
[  167.436782][ T4830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.497056][ T4830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.552804][ T4938] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  167.922769][ T4830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.098311][ T4826] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.116674][ T4826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.215310][ T4938] syz.1.98 (4938) used greatest stack depth: 20304 bytes left
[  168.364399][ T4952] Cannot find add_set index 65532 as target
[  168.610830][ T4826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.259361][ T4826] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.286611][ T4826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.466566][ T4826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.787784][ T4972] loop5: detected capacity change from 0 to 2048
[  170.805862][ T4826] device hsr_slave_0 entered promiscuous mode
[  170.833378][ T4972] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  170.854971][ T4826] device hsr_slave_1 entered promiscuous mode
[  170.979921][ T4972] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.083985][ T4830] device hsr_slave_0 entered promiscuous mode
[  171.091186][ T4830] device hsr_slave_1 entered promiscuous mode
[  171.098654][ T4830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  171.107489][ T4830] Cannot create hsr debugfs directory
[  172.318766][ T4826] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.856606][ T4826] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.848855][ T4826] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.923910][ T4276] device hsr_slave_0 left promiscuous mode
[  173.951617][ T4276] device hsr_slave_1 left promiscuous mode
[  173.972405][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.996554][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.028256][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.066646][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.085434][ T4276] device bridge_slave_1 left promiscuous mode
[  174.106280][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.136970][ T4276] device bridge_slave_0 left promiscuous mode
[  174.163893][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.203903][ T4276] device hsr_slave_0 left promiscuous mode
[  174.220427][ T4276] device hsr_slave_1 left promiscuous mode
[  174.246963][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  174.280548][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.311767][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.322667][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.342917][ T4276] device bridge_slave_1 left promiscuous mode
[  174.360338][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.394193][ T4276] device bridge_slave_0 left promiscuous mode
[  174.411596][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.473706][ T4276] device veth1_macvtap left promiscuous mode
[  174.484491][ T4276] device veth0_macvtap left promiscuous mode
[  174.500833][ T4276] device veth1_vlan left promiscuous mode
[  174.513583][ T4276] device veth0_vlan left promiscuous mode
[  174.529300][ T4276] device veth1_macvtap left promiscuous mode
[  174.546671][ T4276] device veth0_macvtap left promiscuous mode
[  174.556987][ T4276] device veth1_vlan left promiscuous mode
[  174.571372][ T4276] device veth0_vlan left promiscuous mode
[  174.775565][ T5022] loop4: detected capacity change from 0 to 1024
[  175.408679][ T5022] hfsplus: b-tree write err: -5, ino 2
[  176.635547][  T154] hfsplus: b-tree write err: -5, ino 25
[  176.641627][  T154] hfsplus: b-tree write err: -5, ino 4
[  176.714066][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  176.751743][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  176.786094][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.824268][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.933162][ T4276] bond0 (unregistering): Released all slaves
[  177.017596][   T26] audit: type=1326 audit(1773882451.043:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.063140][   T26] audit: type=1326 audit(1773882451.043:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.139123][   T26] audit: type=1326 audit(1773882451.043:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.233019][   T26] audit: type=1326 audit(1773882451.043:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.323222][   T26] audit: type=1326 audit(1773882451.043:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.394373][   T26] audit: type=1326 audit(1773882451.043:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.417163][   T26] audit: type=1326 audit(1773882451.043:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.439630][   T26] audit: type=1326 audit(1773882451.043:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.461737][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.468001][   T26] audit: type=1326 audit(1773882451.053:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.469034][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  177.490160][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.490603][   T26] audit: type=1326 audit(1773882451.053:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5031 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f7ab2317799 code=0x7ffc0000
[  177.526029][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.535808][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  177.550618][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.566965][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.677534][ T4276] bond0 (unregistering): Released all slaves
[  177.752613][ T5010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.110'.
[  178.709221][ T5030] netlink: 4 bytes leftover after parsing attributes in process `syz.5.112'.
[  178.942995][ T5030] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  178.951993][ T5030] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  178.960894][ T5030] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  178.969677][ T5030] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  180.388099][ T5030] device vxlan0 entered promiscuous mode
[  180.719340][ T4826] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.976569][ T4253] Bluetooth: hci0: command 0x0406 tx timeout
[  180.984793][ T4253] Bluetooth: hci1: command 0x0406 tx timeout
[  181.463369][ T5057] netlink: 4 bytes leftover after parsing attributes in process `syz.4.116'.
[  181.556127][ T5075] loop1: detected capacity change from 0 to 1024
[  182.407483][ T4830] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.572500][ T5086] netlink: 56 bytes leftover after parsing attributes in process `syz.4.122'.
[  183.878599][ T5089] hfsplus: b-tree write err: -5, ino 2
[  184.166576][ T4830] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.331586][ T1216] hfsplus: b-tree write err: -5, ino 25
[  184.340916][ T1216] hfsplus: b-tree write err: -5, ino 4
[  184.861201][ T5097] Cannot find add_set index 65532 as target
[  185.779085][ T4830] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.895991][ T5106] loop4: detected capacity change from 0 to 1024
[  186.733590][ T5110] loop5: detected capacity change from 0 to 8
[  187.934328][ T5110] squashfs: Unknown parameter 'e3Ō�����t�!�!);�Q�ڵ����E�B���>'
[  188.121326][ T4830] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.009636][  T144] hfsplus: b-tree write err: -5, ino 25
[  191.036657][  T144] hfsplus: b-tree write err: -5, ino 4
[  191.057550][  T144] hfsplus: b-tree write err: -5, ino 2
[  191.066733][ T4830] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  191.102235][ T4830] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  191.212373][ T4830] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  191.267894][ T5140] loop4: detected capacity change from 0 to 8
[  191.318336][ T4826] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  191.839809][ T4830] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  192.300748][ T4826] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  192.328655][ T5148] loop5: detected capacity change from 0 to 8
[  193.788388][ T4826] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  193.877659][ T4826] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  194.073724][ T5160] loop4: detected capacity change from 0 to 1024
[  194.091052][ T5160] EXT4-fs (loop4): Ignoring removed orlov option
[  194.269254][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  194.275689][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  196.152129][ T5160] EXT4-fs (loop4): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  196.176758][    C1] vkms_vblank_simulate: vblank timer overrun
[  196.560012][ T5164] loop5: detected capacity change from 0 to 2048
[  196.580874][ T5164] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  196.594418][ T5164] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  198.306010][ T4830] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.772079][ T4830] 8021q: adding VLAN 0 to HW filter on device team0
[  198.867293][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  198.896135][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  198.916957][ T5169] loop5: detected capacity change from 0 to 4096
[  200.315942][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  200.393427][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  200.466206][ T1216] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.473361][ T1216] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.593026][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  200.671129][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  200.742694][ T1216] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.749857][ T1216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.991674][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  201.019280][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  201.094424][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  201.233239][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  201.260989][ T5173] loop4: detected capacity change from 0 to 1024
[  201.279632][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  201.288709][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  201.298349][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  201.312754][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  201.337919][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  201.361251][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  201.375218][ T5173] EXT4-fs (loop4): Ignoring removed orlov option
[  201.388331][ T5169] ntfs3: Unknown parameter 'windows_names'
[  201.639199][ T5184] loop1: detected capacity change from 0 to 2048
[  201.921759][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  201.965582][ T5184] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  201.979205][ T5184] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  202.867254][ T5173] EXT4-fs warning (device loop4): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop4.
[  202.917906][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  203.089363][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  203.418380][ T4826] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.436702][ T5189] loop1: detected capacity change from 0 to 1024
[  203.550667][ T4826] 8021q: adding VLAN 0 to HW filter on device team0
[  203.637812][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  203.689356][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  203.753363][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  203.780359][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  205.542207][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.549363][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.631620][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  205.656918][ T4368] hfsplus: b-tree write err: -5, ino 25
[  205.662842][ T4368] hfsplus: b-tree write err: -5, ino 4
[  205.772049][ T4368] hfsplus: b-tree write err: -5, ino 2
[  206.661980][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  206.684676][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  206.694564][ T4817] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.701712][ T4817] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.754492][ T5210] loop4: detected capacity change from 0 to 8
[  206.966601][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  206.976930][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  208.030162][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  208.123423][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  208.292592][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  208.414112][ T5220] loop4: detected capacity change from 0 to 8
[  209.677249][ T5220] squashfs: Unknown parameter 'e3Ō�����t�!�!);�Q�ڵ����E�B���>'
[  211.393271][ T5231] loop4: detected capacity change from 0 to 2048
[  213.416507][ T5231] EXT4-fs warning (device loop4): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  213.481654][ T5231] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  213.545545][ T4808] udevd[4808]: incorrect ext4 checksum on /dev/loop4
[  213.592089][ T4809] udevd[4809]: incorrect ext4 checksum on /dev/loop4
[  214.570657][ T5237] chnl_net:caif_netlink_parms(): no params data found
[  214.997013][ T5234] chnl_net:caif_netlink_parms(): no params data found
[  215.089637][   T26] kauditd_printk_skb: 62 callbacks suppressed
[  215.089652][   T26] audit: type=1326 audit(1773882489.123:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  215.286413][   T26] audit: type=1326 audit(1773882489.203:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  215.308883][    C1] vkms_vblank_simulate: vblank timer overrun
[  215.354578][ T5237] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.366630][ T5237] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.374901][ T5237] device bridge_slave_0 entered promiscuous mode
[  215.511238][   T26] audit: type=1326 audit(1773882489.523:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  215.545719][ T4463] Bluetooth: hci2: command 0x0409 tx timeout
[  215.552121][ T5237] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.616472][ T5237] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.626600][   T23] Bluetooth: hci4: command 0x0409 tx timeout
[  215.635363][ T5237] device bridge_slave_1 entered promiscuous mode
[  215.680316][   T26] audit: type=1326 audit(1773882489.523:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f36cf17b502 code=0x7ffc0000
[  215.713266][ T5278] Cannot find add_set index 65532 as target
[  216.491770][   T26] audit: type=1326 audit(1773882489.523:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f36cf17b597 code=0x7ffc0000
[  216.543526][   T26] audit: type=1326 audit(1773882489.603:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f36cf138491 code=0x7ffc0000
[  216.615732][   T26] audit: type=1326 audit(1773882489.603:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f36cf17c589 code=0x7ffc0000
[  216.637865][    C1] vkms_vblank_simulate: vblank timer overrun
[  216.680353][ T5280] loop4: detected capacity change from 0 to 8
[  216.687842][ T5234] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.695005][ T5234] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.735248][   T26] audit: type=1326 audit(1773882489.603:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f36cf1384fb code=0x7ffc0000
[  216.742819][ T5234] device bridge_slave_0 entered promiscuous mode
[  216.757770][    C1] vkms_vblank_simulate: vblank timer overrun
[  216.875357][ T5234] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.906587][ T5234] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.929665][   T26] audit: type=1326 audit(1773882489.603:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5239 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  216.950732][   T23] Bluetooth: hci3: command 0x0406 tx timeout
[  216.969174][ T5234] device bridge_slave_1 entered promiscuous mode
[  217.005225][ T5237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.032732][ T5237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.967735][ T4253] Bluetooth: hci2: command 0x041b tx timeout
[  218.003675][ T4253] Bluetooth: hci4: command 0x041b tx timeout
[  218.221593][ T5289] loop5: detected capacity change from 0 to 2048
[  218.284417][ T5289] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  218.297652][ T5289] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  218.714374][ T5234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  218.748440][ T5234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  218.767436][ T4808] udevd[4808]: incorrect ext4 checksum on /dev/loop5
[  218.794339][ T5237] team0: Port device team_slave_0 added
[  218.902501][ T5234] team0: Port device team_slave_0 added
[  218.923593][ T5237] team0: Port device team_slave_1 added
[  218.986781][ T5234] team0: Port device team_slave_1 added
[  219.085290][ T5237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.116100][ T5237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.143680][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.217937][ T5298] loop5: detected capacity change from 0 to 1024
[  219.234935][ T5298] EXT4-fs (loop5): Ignoring removed orlov option
[  219.332377][ T5298] EXT4-fs (loop5): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  219.356534][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.613751][ T5237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.017751][ T4253] Bluetooth: hci4: command 0x040f tx timeout
[  220.035847][ T4253] Bluetooth: hci2: command 0x040f tx timeout
[  220.043298][ T5298] syz.5.155 (5298) used greatest stack depth: 20208 bytes left
[  220.144400][ T5237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.156425][ T5237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.255650][ T5237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.297989][ T5234] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.315233][ T5234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.341218][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.406269][ T5234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.479800][ T5234] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.494747][ T5234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.520836][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.665875][ T5234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.719764][ T5313] loop5: detected capacity change from 0 to 1024
[  220.746679][ T5313] EXT4-fs (loop5): Ignoring removed orlov option
[  220.826739][ T5313] EXT4-fs (loop5): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  221.726733][ T5237] device hsr_slave_0 entered promiscuous mode
[  221.792570][ T5237] device hsr_slave_1 entered promiscuous mode
[  222.004514][ T5237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.072958][ T5237] Cannot create hsr debugfs directory
[  222.164704][ T5234] device hsr_slave_0 entered promiscuous mode
[  222.207074][ T5234] device hsr_slave_1 entered promiscuous mode
[  222.226875][ T5234] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.256566][ T5234] Cannot create hsr debugfs directory
[  222.264131][ T4253] Bluetooth: hci2: command 0x0419 tx timeout
[  222.270614][ T4253] Bluetooth: hci4: command 0x0419 tx timeout
[  224.743072][ T5360] loop1: detected capacity change from 0 to 2048
[  225.407330][ T5360] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  225.420440][ T5360] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  226.011803][ T5367] loop1: detected capacity change from 0 to 8
[  226.876542][ T5369] netlink: 8 bytes leftover after parsing attributes in process `syz.5.164'.
[  227.241635][ T5370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.165'.
[  228.415288][ T5385] loop4: detected capacity change from 0 to 128
[  228.608907][ T5386] loop1: detected capacity change from 0 to 128
[  230.669201][ T5386] EXT4-fs (loop1): Test dummy encryption mode enabled
[  231.094340][ T5386] EXT4-fs: failed to create workqueue
[  231.100042][ T5386] EXT4-fs (loop1): mount failed
[  231.969338][ T5395] loop1: detected capacity change from 0 to 1024
[  231.985540][ T5395] EXT4-fs (loop1): Ignoring removed orlov option
[  232.106261][ T5395] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  232.677865][ T5405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.171'.
[  233.975175][ T5412] loop1: detected capacity change from 0 to 2048
[  234.034624][ T5412] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  234.048356][ T5412] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  235.497790][ T5234] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  235.537881][ T5421] loop5: detected capacity change from 0 to 1024
[  235.664844][ T5234] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  236.584057][ T5234] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  236.600750][ T5234] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  242.560642][ T5437] loop1: detected capacity change from 0 to 128
[  242.594512][ T4244] hfsplus: b-tree write err: -5, ino 25
[  242.651221][ T4244] hfsplus: b-tree write err: -5, ino 4
[  242.682386][ T4244] hfsplus: b-tree write err: -5, ino 2
[  242.763804][ T5237] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  242.877287][ T5237] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  242.888129][ T5444] loop4: detected capacity change from 0 to 1024
[  243.182185][ T5450] loop5: detected capacity change from 0 to 2048
[  243.199787][ T5450] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  243.213159][ T5450] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  244.000113][ T5237] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  244.531774][ T5237] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  244.608500][ T5463] hfsplus: b-tree write err: -5, ino 2
[  245.280517][ T5234] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.090734][  T144] hfsplus: b-tree write err: -5, ino 25
[  246.199714][  T144] hfsplus: b-tree write err: -5, ino 4
[  246.277537][ T5475] loop1: detected capacity change from 0 to 1024
[  246.343619][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  246.442062][ T5475] EXT4-fs (loop1): Ignoring removed orlov option
[  246.491682][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  246.682349][ T5237] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.705505][ T5475] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  247.103355][ T5234] 8021q: adding VLAN 0 to HW filter on device team0
[  247.185960][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  247.313671][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  247.734520][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.741865][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.772339][ T5237] 8021q: adding VLAN 0 to HW filter on device team0
[  247.787073][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  247.795677][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.805662][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.814788][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.821947][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.831288][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  247.841122][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  247.861495][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  248.126930][ T5490] loop4: detected capacity change from 0 to 1024
[  248.457684][ T5494] netlink: 4 bytes leftover after parsing attributes in process `syz.5.186'.
[  248.519723][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  248.599032][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  248.722639][ T4284] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.729866][ T4284] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.914325][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  248.978660][ T4284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  249.901963][ T5501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.188'.
[  249.913497][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  249.938395][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  249.977458][ T4365] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.984573][ T4365] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.186981][ T4328] hfsplus: b-tree write err: -5, ino 25
[  250.194782][ T4328] hfsplus: b-tree write err: -5, ino 4
[  250.243330][ T4328] hfsplus: b-tree write err: -5, ino 2
[  251.127433][ T5514] loop1: detected capacity change from 0 to 1024
[  251.578902][ T5514] EXT4-fs (loop1): Ignoring removed orlov option
[  251.815448][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  251.943444][ T5514] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  251.976148][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  252.155620][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  252.385003][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  252.393801][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  252.402758][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  252.411289][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  252.420592][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  252.429930][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  252.439010][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  253.677729][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  253.705872][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  254.550892][ T5234] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  254.701924][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  255.351803][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  255.401356][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  255.417379][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  255.490885][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  255.499708][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  255.516916][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  255.545070][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  255.560161][ T5536] loop4: detected capacity change from 0 to 2048
[  255.614700][ T5536] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  255.642490][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  255.717519][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.766679][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.907147][ T5545] loop5: detected capacity change from 0 to 2048
[  257.105489][ T5545] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  257.118719][ T5545] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  258.035714][ T5557] loop4: detected capacity change from 0 to 1024
[  258.095628][ T5557] EXT4-fs (loop4): Ignoring removed orlov option
[  259.601251][ T5554] loop1: detected capacity change from 0 to 1024
[  259.663197][ T5557] EXT4-fs (loop4): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  260.345129][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  260.364121][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  260.652915][ T5237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.673296][ T5573] loop5: detected capacity change from 0 to 1024
[  260.755603][ T5573] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  260.777350][ T5573] EXT4-fs error (device loop5): ext4_get_journal_inode:5185: inode #8: comm syz.5.200: inode has both inline data and extents flags
[  260.793536][ T5573] EXT4-fs (loop5): no journal found
[  261.325931][ T5554] hfsplus: b-tree write err: -5, ino 2
[  262.434317][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  262.537327][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  262.550577][ T5234] 8021q: adding VLAN 0 to HW filter on device batadv0
[  262.896457][ T5586] loop5: detected capacity change from 0 to 1024
[  262.926685][ T1216] hfsplus: b-tree write err: -5, ino 25
[  262.932461][ T1216] hfsplus: b-tree write err: -5, ino 4
[  262.941561][ T4276] device hsr_slave_0 left promiscuous mode
[  262.951137][ T5586] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  262.962208][ T5586] EXT4-fs error (device loop5): ext4_get_journal_inode:5185: inode #8: comm syz.5.202: inode has both inline data and extents flags
[  262.982367][ T5586] EXT4-fs (loop5): no journal found
[  263.071720][ T4276] device hsr_slave_1 left promiscuous mode
[  263.092124][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.266299][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.413957][ T4276] device bridge_slave_1 left promiscuous mode
[  263.584082][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.077076][ T4276] device bridge_slave_0 left promiscuous mode
[  265.083360][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.343970][ T4276] device hsr_slave_0 left promiscuous mode
[  266.139103][ T4276] device hsr_slave_1 left promiscuous mode
[  266.152147][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.305139][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.316716][ T4276] device bridge_slave_1 left promiscuous mode
[  266.323130][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.337134][ T4276] device bridge_slave_0 left promiscuous mode
[  266.345276][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.363111][ T4276] device hsr_slave_0 left promiscuous mode
[  266.369886][ T4276] device hsr_slave_1 left promiscuous mode
[  266.376433][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.384065][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.392305][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.400232][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.410120][ T4276] device bridge_slave_1 left promiscuous mode
[  266.431233][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.234326][ T4276] device bridge_slave_0 left promiscuous mode
[  267.246603][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.337331][ T4276] device hsr_slave_0 left promiscuous mode
[  267.361375][ T4276] device hsr_slave_1 left promiscuous mode
[  267.379254][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.394823][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.403815][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  267.411827][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  267.420870][ T4276] device bridge_slave_1 left promiscuous mode
[  267.427905][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.472126][ T4276] device bridge_slave_0 left promiscuous mode
[  267.483601][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.687120][ T5620] loop5: detected capacity change from 0 to 2048
[  267.736924][ T5620] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  267.750448][ T5620] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  267.843654][ T4276] device veth1_macvtap left promiscuous mode
[  267.922430][ T4276] device veth0_macvtap left promiscuous mode
[  267.988630][ T4276] device veth1_vlan left promiscuous mode
[  268.046606][ T4276] device veth0_vlan left promiscuous mode
[  268.071144][ T4809] udevd[4809]: incorrect ext4 checksum on /dev/loop5
[  268.120714][ T4276] device veth1_macvtap left promiscuous mode
[  268.168333][ T4276] device veth0_macvtap left promiscuous mode
[  268.222721][ T4276] device veth1_vlan left promiscuous mode
[  268.264849][ T4276] device veth0_vlan left promiscuous mode
[  268.780547][ T5628] loop5: detected capacity change from 0 to 1024
[  268.872769][ T5628] EXT4-fs (loop5): Ignoring removed orlov option
[  268.950843][ T5628] EXT4-fs (loop5): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  270.104820][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  270.141815][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  270.184648][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.215423][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.384205][ T4276] bond0 (unregistering): Released all slaves
[  271.536523][ T4457] Bluetooth: hci6: command 0x0409 tx timeout
[  271.624422][ T4253] Bluetooth: hci5: command 0x0409 tx timeout
[  271.982206][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  272.002605][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  272.024020][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.062983][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.161037][ T4276] bond0 (unregistering): Released all slaves
[  272.403009][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  272.420098][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  272.434101][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.449473][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.515426][ T4276] bond0 (unregistering): Released all slaves
[  272.667867][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  272.680977][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  272.696289][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.713580][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.782550][ T4276] bond0 (unregistering): Released all slaves
[  272.816277][ T5589] netlink: 36 bytes leftover after parsing attributes in process `syz.4.204'.
[  272.835682][ T5602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.203'.
[  273.962446][ T4233] Bluetooth: hci6: command 0x041b tx timeout
[  273.976714][ T4233] Bluetooth: hci5: command 0x041b tx timeout
[  274.620223][ T5663] loop5: detected capacity change from 0 to 128
[  274.876920][ T5663] EXT4-fs (loop5): Test dummy encryption mode enabled
[  275.752304][ T5663] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  275.769115][ T5663] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  276.638663][ T4463] Bluetooth: hci5: command 0x040f tx timeout
[  276.651589][ T4463] Bluetooth: hci6: command 0x040f tx timeout
[  277.202039][ T5665] loop4: detected capacity change from 0 to 2048
[  277.242255][ T5632] chnl_net:caif_netlink_parms(): no params data found
[  277.273671][ T5665] EXT4-fs warning (device loop4): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  277.286913][ T5665] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  277.313673][ T4808] udevd[4808]: incorrect ext4 checksum on /dev/loop4
[  278.498345][ T5679] loop1: detected capacity change from 0 to 8
[  278.589292][ T5677] netlink: 4 bytes leftover after parsing attributes in process `syz.5.215'.
[  278.873934][ T4463] Bluetooth: hci5: command 0x0419 tx timeout
[  278.884771][ T4463] Bluetooth: hci6: command 0x0419 tx timeout
[  279.955215][ T5694] loop4: detected capacity change from 0 to 1024
[  279.994001][ T5632] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.046435][ T5632] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.083671][ T5632] device bridge_slave_0 entered promiscuous mode
[  280.119630][ T5632] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.880414][ T5698] loop1: detected capacity change from 0 to 2048
[  282.002296][ T5632] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.021038][ T5698] EXT4-fs warning (device loop1): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  282.034318][ T5698] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  282.247189][ T5632] device bridge_slave_1 entered promiscuous mode
[  282.810307][ T5624] chnl_net:caif_netlink_parms(): no params data found
[  282.863524][ T4808] udevd[4808]: incorrect ext4 checksum on /dev/loop1
[  283.101921][ T5706] hfsplus: b-tree write err: -5, ino 2
[  284.834800][ T5711] loop5: detected capacity change from 0 to 2048
[  284.884080][ T5711] EXT4-fs warning (device loop5): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  284.897317][ T5711] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  285.494624][ T4809] udevd[4809]: incorrect ext4 checksum on /dev/loop5
[  285.632425][ T4368] hfsplus: b-tree write err: -5, ino 25
[  285.649949][ T4368] hfsplus: b-tree write err: -5, ino 4
[  287.249036][ T5632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  287.331818][ T5720] loop1: detected capacity change from 0 to 8
[  287.353740][ T5632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.931565][ T5624] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.152557][ T5624] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.227794][ T5624] device bridge_slave_0 entered promiscuous mode
[  289.404435][ T5632] team0: Port device team_slave_0 added
[  289.420427][ T5632] team0: Port device team_slave_1 added
[  289.465988][ T5624] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.510404][ T5624] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.584785][ T5624] device bridge_slave_1 entered promiscuous mode
[  290.052015][ T5624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.067546][ T5743] netlink: 8 bytes leftover after parsing attributes in process `syz.5.227'.
[  290.208180][ T5624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  290.228892][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.262257][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.321273][ T5632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  290.411516][ T5624] team0: Port device team_slave_0 added
[  290.446244][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_1
[  290.497849][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.524113][    C1] vkms_vblank_simulate: vblank timer overrun
[  290.757542][ T5632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  291.267498][ T5624] team0: Port device team_slave_1 added
[  291.517735][ T5755] netlink: 4 bytes leftover after parsing attributes in process `syz.4.229'.
[  292.574001][ T5632] device hsr_slave_0 entered promiscuous mode
[  292.597885][ T5763] loop5: detected capacity change from 0 to 8
[  292.610171][ T5632] device hsr_slave_1 entered promiscuous mode
[  292.670555][ T5764] loop4: detected capacity change from 0 to 1024
[  292.706883][ T5624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.722863][ T5624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.750550][ T5624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.512691][ T5624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.696609][ T5769] hfsplus: b-tree write err: -5, ino 2
[  294.760211][ T5624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.789583][    C1] vkms_vblank_simulate: vblank timer overrun
[  295.015661][ T5624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.218448][ T5773] loop5: detected capacity change from 0 to 32768
[  295.319705][ T5773] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.233 (5773)
[  295.353351][ T5773] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  295.362145][ T5773] BTRFS info (device loop5): using free space tree
[  295.368858][ T5773] BTRFS info (device loop5): has skinny extents
[  295.434931][ T5624] device hsr_slave_0 entered promiscuous mode
[  295.461408][ T5624] device hsr_slave_1 entered promiscuous mode
[  295.500049][ T5624] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  295.539808][ T5624] Cannot create hsr debugfs directory
[  296.473217][   T26] audit: type=1326 audit(1773882569.723:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.496822][  T581] hfsplus: b-tree write err: -5, ino 25
[  296.527122][  T581] hfsplus: b-tree write err: -5, ino 4
[  296.564115][   T26] audit: type=1326 audit(1773882569.723:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.586406][    C1] vkms_vblank_simulate: vblank timer overrun
[  296.595382][   T26] audit: type=1326 audit(1773882569.743:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.617686][    C1] vkms_vblank_simulate: vblank timer overrun
[  296.648835][   T26] audit: type=1326 audit(1773882569.743:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.674210][   T26] audit: type=1326 audit(1773882569.743:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.700385][   T26] audit: type=1326 audit(1773882569.743:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.723954][   T26] audit: type=1326 audit(1773882569.743:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.747253][   T26] audit: type=1326 audit(1773882569.753:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.773489][   T26] audit: type=1326 audit(1773882569.753:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  296.811566][ T5773] BTRFS info (device loop5): enabling ssd optimizations
[  296.819167][   T26] audit: type=1326 audit(1773882569.753:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5776 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f36cf17b799 code=0x7ffc0000
[  297.885699][ T5820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.236'.
[  298.540291][ T5821] loop4: detected capacity change from 0 to 1024
[  298.771359][ T5818] Process accounting resumed
[  298.908247][ T5828] loop1: detected capacity change from 0 to 128
[  299.282515][ T5828] EXT4-fs (loop1): Test dummy encryption mode enabled
[  299.472206][ T5828] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  299.488601][ T5828] ext4 filesystem being mounted at /80/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  300.530618][ T5839] hfsplus: b-tree write err: -5, ino 2
[  301.063955][ T4817] hfsplus: b-tree write err: -5, ino 25
[  301.081667][ T4817] hfsplus: b-tree write err: -5, ino 4
[  301.383087][ T5858] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  301.487386][ T5862] loop5: detected capacity change from 0 to 8
[  301.618924][ T5862] squashfs: Unknown parameter 'e3Ō�����t�!�!);�Q�ڵ����E�B���>'
[  302.319381][ T5858] CIFS mount error: No usable UNC path provided in device string!
[  302.319381][ T5858] 
[  302.330598][ T5858] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  302.742679][ T5871] loop1: detected capacity change from 0 to 8
[  303.142918][ T5874] netlink: 4 bytes leftover after parsing attributes in process `syz.5.242'.
[  304.427855][ T5876] loop4: detected capacity change from 0 to 256
[  305.808248][ T5632] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  306.045737][ T5886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'.
[  306.083156][ T5632] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  306.135621][ T5632] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  306.264476][ T5632] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  306.324989][ T5624] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  306.400697][ T5624] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  306.477501][ T5624] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  306.536613][ T5624] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  306.686574][ T5632] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.816009][ T5624] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.868987][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  306.885516][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  306.927871][ T5632] 8021q: adding VLAN 0 to HW filter on device team0
[  306.954355][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  306.987183][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  307.047367][ T5624] 8021q: adding VLAN 0 to HW filter on device team0
[  307.067960][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  307.083965][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  307.113976][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.121121][ T4371] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.191673][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  307.229969][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  307.265970][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.273143][ T4371] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.338108][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  307.447427][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  307.462818][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  307.603892][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  307.658837][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  307.699007][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  307.772694][ T5632] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  307.814022][ T5632] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  307.889052][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  307.924373][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  307.957049][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  307.996991][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.041870][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  308.084447][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  308.124648][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.131923][ T4371] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.172769][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  308.196693][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  308.218501][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  308.240039][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  308.275115][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.282269][ T4371] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.326872][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  308.366092][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  308.395974][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  308.417164][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  308.441261][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  308.468228][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  308.490559][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  308.525886][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.547421][ T5907] netlink: 8 bytes leftover after parsing attributes in process `syz.5.248'.
[  308.573230][ T5624] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  308.631195][ T5624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  309.570758][ T5918] loop4: detected capacity change from 0 to 1024
[  309.588740][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  309.621612][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  309.690581][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  309.705926][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  309.814955][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.969302][ T5928] loop5: detected capacity change from 0 to 128
[  310.242042][ T5928] EXT4-fs (loop5): Test dummy encryption mode enabled
[  310.463779][ T5928] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  310.480427][ T5928] ext4 filesystem being mounted at /62/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  311.982235][ T5927] hfsplus: b-tree write err: -5, ino 2
[  312.294992][ T5948] loop1: detected capacity change from 0 to 8
[  312.461864][  T581] hfsplus: b-tree write err: -5, ino 25
[  312.497013][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  312.504721][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  312.506712][  T581] hfsplus: b-tree write err: -5, ino 4
[  312.555328][ T5624] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.758186][ T5632] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.765796][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  312.805158][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  313.032777][ T5964] netlink: 8 bytes leftover after parsing attributes in process `syz.5.255'.
[  313.261838][ T5980] loop4: detected capacity change from 0 to 1024
[  313.293722][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  313.310306][ T5980] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  313.323366][ T5980] EXT4-fs error (device loop4): ext4_get_journal_inode:5185: inode #8: comm syz.4.254: inode has both inline data and extents flags
[  313.337548][ T5980] EXT4-fs (loop4): no journal found
[  313.337706][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  313.435314][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  313.454142][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  313.495514][ T5624] device veth0_vlan entered promiscuous mode
[  313.512564][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  313.544302][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  313.626501][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  313.841807][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  314.347409][ T5624] device veth1_vlan entered promiscuous mode
[  314.437731][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  314.449578][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  314.669158][ T5624] device veth0_macvtap entered promiscuous mode
[  314.682833][ T5632] device veth0_vlan entered promiscuous mode
[  316.721224][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  316.731497][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  316.757637][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  316.812876][ T5624] device veth1_macvtap entered promiscuous mode
[  316.886178][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.917166][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.944358][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.975714][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  317.043754][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  317.064779][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  317.094596][ T5624] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.153405][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  317.164993][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  318.117654][ T6005] loop5: detected capacity change from 0 to 1024
[  318.174888][ T6005] EXT4-fs (loop5): Ignoring removed orlov option
[  318.234108][ T6004] loop4: detected capacity change from 0 to 1024
[  318.284903][ T6005] EXT4-fs (loop5): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  318.569538][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.694999][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.831125][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  318.977190][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  319.026617][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.037985][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.048777][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.059901][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.080237][ T5624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.105999][ T5624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.584277][ T6013] hfsplus: b-tree write err: -5, ino 2
[  319.868936][ T5624] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.880034][ T5632] device veth1_vlan entered promiscuous mode
[  319.900256][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  319.922915][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  319.938150][ T6016] loop1: detected capacity change from 0 to 2048
[  319.969923][ T5624] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.981428][ T5624] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.998590][ T5624] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.018194][ T5624] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.021544][ T6016] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  320.041753][  T581] hfsplus: b-tree write err: -5, ino 25
[  320.054242][  T581] hfsplus: b-tree write err: -5, ino 4
[  320.090837][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  320.127657][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  320.158602][ T6016] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  320.445189][ T5632] device veth0_macvtap entered promiscuous mode
[  320.585379][ T6026] netlink: 8 bytes leftover after parsing attributes in process `syz.5.262'.
[  320.628824][ T4328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.733631][ T4328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.843306][ T5632] device veth1_macvtap entered promiscuous mode
[  320.899597][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  320.917154][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  320.958270][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  321.006238][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.066478][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.104432][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.392101][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.436539][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.464918][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.496453][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.544726][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.552509][ T6027] loop4: detected capacity change from 0 to 2048
[  321.556478][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.582674][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.595199][ T4328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.612889][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.617078][ T4328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.641124][ T6027] EXT4-fs warning (device loop4): ext4_fill_super:4022: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  321.654042][ T6027] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  321.691171][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.711568][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.723979][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.743523][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.755167][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.820465][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.874531][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.885395][ T4809] udevd[4809]: incorrect ext4 checksum on /dev/loop4
[  322.676420][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  322.737177][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  322.746237][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  322.789830][ T6048] loop1: detected capacity change from 0 to 8
[  322.800105][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  322.813366][  T581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  322.909389][ T6049] loop5: detected capacity change from 0 to 1024
[  324.041279][ T5632] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.087057][ T6049] EXT4-fs (loop5): Ignoring removed orlov option
[  324.313286][ T5632] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.482627][ T5632] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.146715][ T5632] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.834780][ T6054] loop4: detected capacity change from 0 to 1024
[  326.073061][ T6049] EXT4-fs (loop5): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  326.097236][    C1] vkms_vblank_simulate: vblank timer overrun
[  326.180513][ T6065] loop7: detected capacity change from 0 to 128
[  327.770078][ T6066] loop1: detected capacity change from 0 to 1024
[  330.860708][ T6066] EXT4-fs (loop1): Ignoring removed orlov option
[  331.066584][ T4817] hfsplus: b-tree write err: -5, ino 25
[  331.081132][ T4817] hfsplus: b-tree write err: -5, ino 4
[  331.095005][ T6066] EXT4-fs (loop1): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  331.408369][ T1216] hfsplus: b-tree write err: -5, ino 2
[  331.454066][ T6066] syz.1.268 (6066) used greatest stack depth: 19696 bytes left
[  331.896782][ T6081] tipc: Started in network mode
[  331.927441][ T6081] tipc: Node identity 7e8a3da60963, cluster identity 4711
[  331.956611][ T6081] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  332.010006][ T6093] fuse: Bad value for 'fd'
[  332.155692][ T6091] device syzkaller0 entered promiscuous mode
[  332.256918][ T6088] tipc: Started in network mode
[  332.262107][ T6088] tipc: Node identity ea360ec19973, cluster identity 4711
[  332.272951][ T6088] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  332.294448][ T4276] device hsr_slave_0 left promiscuous mode
[  332.312079][ T4276] device hsr_slave_1 left promiscuous mode
[  332.380540][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  332.413900][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  332.431157][ T4276] device bridge_slave_1 left promiscuous mode
[  332.445549][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.476098][ T4276] device bridge_slave_0 left promiscuous mode
[  332.506503][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.582984][ T4276] device hsr_slave_0 left promiscuous mode
[  332.604885][ T4276] device hsr_slave_1 left promiscuous mode
[  332.617542][ T5473] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  332.634534][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  332.657193][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  332.675613][ T4276] device bridge_slave_1 left promiscuous mode
[  332.682324][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.710406][ T4276] device bridge_slave_0 left promiscuous mode
[  332.726990][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.053722][ T5473] usb 2-1: config index 0 descriptor too short (expected 56802, got 36)
[  333.065277][ T5473] usb 2-1: config 27 has too many interfaces: 239, using maximum allowed: 32
[  333.081329][ T5473] usb 2-1: config 27 has an invalid descriptor of length 92, skipping remainder of the config
[  333.101291][ T5473] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 239
[  333.114823][ T5473] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  333.132809][ T5473] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.199666][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  333.256046][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  333.296976][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.334491][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.476682][ T5473] usb 2-1: string descriptor 0 read error: -71
[  333.493483][ T5473] usb 2-1: USB disconnect, device number 2
[  333.538162][ T4276] bond0 (unregistering): Released all slaves
[  333.649047][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  333.666072][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  333.681063][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.694527][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.766254][ T4276] bond0 (unregistering): Released all slaves
[  333.834271][ T6082] tipc: Resetting bearer <eth:syzkaller0>
[  333.842673][ T6081] tipc: Resetting bearer <eth:syzkaller0>
[  333.862596][ T6081] tipc: Disabling bearer <eth:syzkaller0>
[  333.872860][ T6079] tipc: Disabling bearer <eth:syzkaller0>
[  333.890079][ T5847] tipc: Node number set to 2011774374
[  333.897924][ T4234] tipc: Node number set to 1933905601
[  334.346424][ T4463] Bluetooth: hci2: command 0x0409 tx timeout
[  334.528658][ T6101] chnl_net:caif_netlink_parms(): no params data found
[  334.793100][ T6101] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.806628][ T6101] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.815043][ T6101] device bridge_slave_0 entered promiscuous mode
[  334.840674][ T6101] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.849980][ T6101] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.858725][ T6101] device bridge_slave_1 entered promiscuous mode
[  334.902287][ T6101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.955820][ T6101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.092319][ T6101] team0: Port device team_slave_0 added
[  335.177383][ T6101] team0: Port device team_slave_1 added
[  335.282743][ T6101] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.330474][ T6101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.405593][ T6101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.446684][ T6101] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.474616][ T6101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.501278][    C1] vkms_vblank_simulate: vblank timer overrun
[  335.545205][ T6211] syz.5.311 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  335.595181][ T6101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.796051][ T6101] device hsr_slave_0 entered promiscuous mode
[  335.846022][ T6101] device hsr_slave_1 entered promiscuous mode
[  335.881046][ T6101] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  335.904916][ T6101] Cannot create hsr debugfs directory
[  336.415211][ T6101] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.416824][ T5847] Bluetooth: hci2: command 0x041b tx timeout
[  336.654628][ T6101] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.806981][ T6101] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.000692][ T6101] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.330058][ T6101] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  337.373492][ T6101] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  337.432595][ T6101] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  337.478213][ T6101] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  337.756900][ T6101] 8021q: adding VLAN 0 to HW filter on device bond0
[  337.822240][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  337.847069][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  337.889935][ T6101] 8021q: adding VLAN 0 to HW filter on device team0
[  337.943653][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  337.961640][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  338.017765][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.024931][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.063219][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  338.089850][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  338.107425][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  338.130472][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.137706][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.189992][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  338.229279][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  338.272525][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  338.318894][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  338.359314][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  338.419575][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  338.462822][ T6101] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  338.543419][ T6101] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  338.576443][ T4234] Bluetooth: hci2: command 0x040f tx timeout
[  338.623664][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  338.636055][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  338.670720][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  338.702004][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  338.733757][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  338.793819][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  339.302507][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  339.320984][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  339.373252][ T6101] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.219754][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  340.307518][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  340.385969][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  340.437145][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  340.480611][ T6101] device veth0_vlan entered promiscuous mode
[  340.504912][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  340.523365][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  340.588087][ T6101] device veth1_vlan entered promiscuous mode
[  340.656781][ T4253] Bluetooth: hci2: command 0x0419 tx timeout
[  340.748824][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  340.760707][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  340.793303][ T6101] device veth0_macvtap entered promiscuous mode
[  340.845562][ T6101] device veth1_macvtap entered promiscuous mode
[  340.929675][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.980848][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.020047][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.055784][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.112037][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.158725][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.203539][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.239782][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.261532][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.289877][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.310922][ T6101] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.314123][ T6506] syz.7.416 uses obsolete (PF_INET,SOCK_PACKET)
[  341.330506][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.349957][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.360811][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.371644][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.392590][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.408015][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.429279][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.451710][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.464221][ T6101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.481549][ T6101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.506149][ T6101] batman_adv: batadv0: Interface activated: batadv_slave_1
[  341.538413][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  341.551208][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  341.592478][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  341.605601][ T6519] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  341.612185][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  341.646126][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  341.663598][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  341.707514][ T6101] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  341.754601][ T6101] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.769331][ T6101] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  341.778400][ T6101] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.003616][ T6534] netlink: 48 bytes leftover after parsing attributes in process `syz.7.423'.
[  342.230266][ T4370] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.255172][ T4370] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.306413][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  342.475467][ T4365] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.536363][ T4365] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.612688][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  343.142284][ T6564] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18'.
[  343.361041][ T6584] loop2: detected capacity change from 0 to 7
[  343.413948][ T6584]  loop2: p1
[  343.441826][ T6584] loop2: partition table partially beyond EOD, truncated
[  343.454657][ T6587] netlink: 60 bytes leftover after parsing attributes in process `syz.4.438'.
[  343.517383][ T6584] loop2: p1 size 1952408940 extends beyond EOD, truncated
[  343.529591][ T4276] device hsr_slave_0 left promiscuous mode
[  343.543110][ T4276] device hsr_slave_1 left promiscuous mode
[  343.570507][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.598951][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.620975][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.644849][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.664764][ T4276] device bridge_slave_1 left promiscuous mode
[  343.691196][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.751675][ T4276] device bridge_slave_0 left promiscuous mode
[  343.781397][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.786177][ T4809] udevd[4809]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  343.872459][ T4276] device veth1_macvtap left promiscuous mode
[  343.893481][ T4276] device veth0_macvtap left promiscuous mode
[  343.925625][ T4276] device veth1_vlan left promiscuous mode
[  343.949447][ T4276] device veth0_vlan left promiscuous mode
[  344.130558][ T6610] Zero length message leads to an empty skb
[  344.376463][ T4458] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  344.427965][ T6613] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  344.473276][ T6613] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  344.639573][ T4458] usb 5-1: Using ep0 maxpacket: 8
[  344.792239][ T4458] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  344.815287][ T4458] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  344.835685][ T4458] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  344.863907][ T4458] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  344.890857][ T4458] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  344.905381][ T4458] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  344.914989][ T4458] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.083600][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  345.131063][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  345.155555][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.177566][ T4458] usb 5-1: GET_CAPABILITIES returned 0
[  345.183360][ T4458] usbtmc 5-1:16.0: can't read capabilities
[  345.227224][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.382604][ T4276] bond0 (unregistering): Released all slaves
[  345.387908][ T4265] usb 5-1: USB disconnect, device number 2
[  345.866622][ T4233] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  346.051380][ T6654] ipt_CLUSTERIP: Please specify destination IP
[  346.073807][ T6663] device syzkaller0 entered promiscuous mode
[  346.136481][ T4233] usb 2-1: Using ep0 maxpacket: 8
[  346.256868][ T4233] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  346.279906][ T4233] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.357102][ T6675] 9pnet_virtio: no channels available for device syz
[  346.369227][ T4233] pvrusb2: Hardware description: Terratec Grabster AV400
[  346.393592][ T4233] pvrusb2: **********
[  346.407771][ T4233] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  346.465386][ T6677] 9pnet_virtio: no channels available for device syz
[  346.470855][ T4233] pvrusb2: Important functionality might not be entirely working.
[  346.491046][ T4233] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  346.512823][ T4233] pvrusb2: **********
[  346.584561][ T2423] pvrusb2: Invalid write control endpoint
[  346.793295][ T2423] pvrusb2: Invalid write control endpoint
[  346.840101][ T2423] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  346.886591][ T4265] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  346.887588][ T2423] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  346.946408][ T2423] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  346.965413][ T4253] usb 2-1: USB disconnect, device number 3
[  346.976902][ T2423] pvrusb2: Device being rendered inoperable
[  347.010986][ T2423] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  347.032623][ T2423] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  347.075510][ T2423] pvrusb2: Attached sub-driver cx25840
[  347.112083][ T2423] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  347.163942][ T2423] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  347.266615][ T4265] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.296473][ T4265] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.316882][ T4265] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  347.361066][ T4265] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  347.396497][ T4238] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  347.406398][ T4265] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.450998][ T4265] usb 5-1: config 0 descriptor??
[  347.836624][ T4238] usb 7-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  347.876386][ T4238] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  347.889926][ T4233] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  347.917085][ T4238] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  347.944764][ T4238] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.977326][ T4238] usb 7-1: config 0 descriptor??
[  347.984079][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.006391][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.019204][ T4238] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  348.066371][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.073944][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.110226][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.126427][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.133995][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.156386][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.163865][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.196423][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.203882][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.236388][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.243981][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.273694][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.293119][ T4233] usb 2-1: config index 0 descriptor too short (expected 39, got 27)
[  348.296407][ T4265] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  348.309203][ T4233] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  348.336382][ T4233] usb 2-1: config 0 interface 0 has no altsetting 0
[  348.351146][ T4265] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  348.467634][ T4265] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  348.514559][ T4265] usb 5-1: USB disconnect, device number 3
[  348.526660][ T4233] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  348.546681][ T6725] binder: BINDER_SET_CONTEXT_MGR already set
[  348.566483][ T4233] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  348.586540][ T6725] binder: 6724:6725 ioctl 4018620d 200000004a80 returned -16
[  348.605211][ T4233] usb 2-1: Product: syz
[  348.636399][ T4233] usb 2-1: Manufacturer: syz
[  348.661726][ T4233] usb 2-1: SerialNumber: syz
[  348.664437][ T6727] fido_id[6727]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  348.697592][ T4233] usb 2-1: config 0 descriptor??
[  348.757255][ T4233] hub 2-1:0.0: bad descriptor, ignoring hub
[  348.763566][ T4233] hub: probe of 2-1:0.0 failed with error -5
[  348.859505][ T4233] usb 2-1: selecting invalid altsetting 0
[  349.236603][ T4238] usb 2-1: USB disconnect, device number 4
[  349.792980][ T6774] kvm [6763]: vcpu0, guest rIP: 0x9137 disabled perfctr wrmsr: 0xc1 data 0x0
[  349.824449][ T6774] kvm [6763]: vcpu0, guest rIP: 0x9137 disabled perfctr wrmsr: 0xc2 data 0x0
[  349.889465][ T6774] kvm [6763]: vcpu0, guest rIP: 0x9137 ignored wrmsr: 0x11e data 0xbe702111
[  350.042974][ T4463] usb 7-1: USB disconnect, device number 2
[  350.477677][ T4234] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  350.516069][ T6801] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  350.559728][ T4463] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  350.658697][ T4265] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  350.679531][ T4265] Bluetooth: hci5: Injecting HCI hardware error event
[  350.719549][ T4200] Bluetooth: hci5: hardware error 0x00
[  350.786727][ T4234] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  350.846450][ T4463] usb 7-1: Using ep0 maxpacket: 8
[  350.892786][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.915289][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.957341][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  350.980624][ T4463] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.006561][ T4463] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.026351][ T4463] usb 7-1: config 0 interface 0 has no altsetting 0
[  351.033030][ T4463] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  351.039733][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.056365][ T4463] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.068330][ T4463] usb 7-1: config 0 descriptor??
[  351.069575][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.096454][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.116545][ T4265] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  351.176586][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.196703][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.234444][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.313998][ T6834] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.498'.
[  351.329194][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.349326][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.381152][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.476605][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.495694][ T4265] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  351.504693][ T4265] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.521391][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.543694][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.569472][ T4463] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  351.576746][ T4463] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  351.589072][ T4463] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  351.608795][ T4463] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  351.616001][ T4463] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  351.619515][ T4265] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  351.632742][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.642021][ T4463] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[  351.652553][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.652588][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.654534][ T4265] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  351.685319][ T4265] usb 5-1: Manufacturer: syz
[  351.712055][ T4265] usb 5-1: config 0 descriptor??
[  351.726595][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.735876][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.753913][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.800752][ T4463] usb 7-1: USB disconnect, device number 3
[  351.837806][ T4234] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.853999][ T4234] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.866539][ T4265] rc_core: IR keymap rc-hauppauge not found
[  351.876757][ T4265] Registered IR keymap rc-empty
[  351.889590][ T4234] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.897040][ T4265] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  351.918698][ T4265] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input5
[  352.078109][ T4234] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  352.096004][ T6811] udc-core: couldn't find an available UDC or it's busy
[  352.103910][ T4234] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  352.108119][ T6811] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  352.123743][ T4234] usb 2-1: Product: syz
[  352.128144][ T4234] usb 2-1: Manufacturer: syz
[  352.140038][ T4234] usb 2-1: SerialNumber: syz
[  352.151738][ T5473] usb 5-1: USB disconnect, device number 4
[  352.167125][ T4234] usb 2-1: config 0 descriptor??
[  352.222992][ T4234] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  352.493691][ T6880] device syzkaller0 entered promiscuous mode
[  352.946074][ T6895] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  353.070677][ T6910] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  353.140453][ T6905] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  353.186464][ T6905] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  353.382835][ T6926] netlink: 'syz.5.518': attribute type 3 has an invalid length.
[  353.446358][    C1] usb 2-1: yurex_control_callback - control failed: -2
[  353.472222][ T4265] usb 2-1: USB disconnect, device number 5
[  353.497746][ T4265] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  353.660658][ T6942] netlink: 4 bytes leftover after parsing attributes in process `syz.5.524'.
[  353.825076][ T6954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.528'.
[  354.166483][ T4233] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  354.336845][ T4463] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  354.446458][ T4233] usb 7-1: Using ep0 maxpacket: 8
[  354.564590][ T6983] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3695335479 (236501470656 ns) > initial count (87349860352 ns). Using initial count to start timer.
[  354.613699][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  354.616515][ T4233] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  354.631759][ T4463] usb 2-1: Using ep0 maxpacket: 16
[  354.635356][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  354.652026][ T4233] usb 7-1: config 0 has no interfaces?
[  354.687602][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  354.687628][ T4233] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  354.710008][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  354.747564][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  354.748975][ T4233] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.766679][ T4463] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  354.783858][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  354.786473][ T4463] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 64, changing to 10
[  354.815098][ T4233] usb 7-1: config 0 descriptor??
[  354.825046][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  354.833134][ T4463] usb 2-1: config 0 interface 0 has no altsetting 0
[  354.871955][ T4203] Bluetooth: hci0: Received unexpected HCI Event 00000000
[  355.036086][ T4463] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  355.054582][ T4463] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.077663][ T4463] usb 2-1: Product: syz
[  355.081853][ T4203] Bluetooth: hci2: Unknown advertising packet type: 0x3131
[  355.081971][ T4463] usb 2-1: Manufacturer: syz
[  355.082083][ T4203] ==================================================================
[  355.089561][ T4463] usb 2-1: SerialNumber: syz
[  355.094194][ T4203] BUG: KASAN: slab-out-of-bounds in hci_le_meta_evt+0x133f/0x3c90
[  355.094227][ T4203] Read of size 1 at addr ffff8880781dac09 by task kworker/u5:7/4203
[  355.113469][ T4463] usb 2-1: config 0 descriptor??
[  355.114772][ T4203] 
[  355.114782][ T4203] CPU: 1 PID: 4203 Comm: kworker/u5:7 Not tainted syzkaller #0
[  355.114804][ T4203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  355.130198][ T4462] usb 7-1: USB disconnect, device number 4
[  355.130338][ T4203] Workqueue: hci2 hci_rx_work
[  355.158536][ T4203] Call Trace:
[  355.161858][ T4203]  <TASK>
[  355.164810][ T4203]  dump_stack_lvl+0x188/0x250
[  355.169530][ T4203]  ? show_regs_print_info+0x20/0x20
[  355.174767][ T4203]  ? load_image+0x400/0x400
[  355.179392][ T4203]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  355.184893][ T4203]  print_address_description+0x60/0x2d0
[  355.190659][ T4203]  ? hci_le_meta_evt+0x133f/0x3c90
[  355.195803][ T4203]  kasan_report+0xdf/0x130
[  355.200267][ T4203]  ? hci_le_meta_evt+0x133f/0x3c90
[  355.205527][ T4203]  hci_le_meta_evt+0x133f/0x3c90
[  355.210606][ T4203]  ? hci_remote_host_features_evt+0x280/0x280
[  355.216703][ T4203]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  355.222632][ T4203]  ? mark_lock+0x94/0x320
[  355.227001][ T4203]  ? mutex_unlock+0x10/0x10
[  355.231535][ T4203]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  355.237552][ T4203]  ? lock_chain_count+0x20/0x20
[  355.242441][ T4203]  ? __rwlock_init+0x140/0x140
[  355.247263][ T4203]  hci_event_packet+0xe48/0x1370
[  355.252236][ T4203]  ? lockdep_hardirqs_on+0x94/0x140
[  355.257469][ T4203]  ? rcu_lock_release+0x20/0x20
[  355.262359][ T4203]  ? hci_send_to_monitor+0x9c/0x4a0
[  355.267587][ T4203]  hci_rx_work+0x255/0xa10
[  355.272017][ T4203]  process_one_work+0x85f/0x1010
[  355.276976][ T4203]  ? worker_detach_from_pool+0x240/0x240
[  355.282610][ T4203]  ? lockdep_hardirqs_off+0x70/0x100
[  355.287914][ T4203]  ? _raw_spin_lock_irq+0xb7/0xf0
[  355.292961][ T4203]  ? _raw_spin_lock_irqsave+0x100/0x100
[  355.298613][ T4203]  ? wq_worker_running+0x97/0x170
[  355.303759][ T4203]  worker_thread+0xaa6/0x1290
[  355.308513][ T4203]  ? lockdep_hardirqs_on+0x94/0x140
[  355.313757][ T4203]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  355.319968][ T4203]  kthread+0x436/0x520
[  355.324050][ T4203]  ? rcu_lock_release+0x20/0x20
[  355.329016][ T4203]  ? kthread_blkcg+0xd0/0xd0
[  355.333621][ T4203]  ret_from_fork+0x1f/0x30
[  355.338101][ T4203]  </TASK>
[  355.341149][ T4203] 
[  355.343489][ T4203] Allocated by task 6960:
[  355.347918][ T4203]  __kasan_kmalloc+0xb5/0xf0
[  355.352597][ T4203]  __alloc_skb+0x22c/0x750
[  355.357036][ T4203]  vhci_write+0xbc/0x450
[  355.361321][ T4203]  vfs_write+0x745/0xd60
[  355.365583][ T4203]  ksys_write+0x152/0x260
[  355.369940][ T4203]  do_syscall_64+0x4c/0xa0
[  355.374473][ T4203]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  355.380388][ T4203] 
[  355.382737][ T4203] The buggy address belongs to the object at ffff8880781da800
[  355.382737][ T4203]  which belongs to the cache kmalloc-1k of size 1024
[  355.396994][ T4203] The buggy address is located 9 bytes to the right of
[  355.396994][ T4203]  1024-byte region [ffff8880781da800, ffff8880781dac00)
[  355.410877][ T4203] The buggy address belongs to the page:
[  355.416498][ T4203] page:ffffea0001e07600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x781d8
[  355.426738][ T4203] head:ffffea0001e07600 order:3 compound_mapcount:0 compound_pincount:0
[  355.435058][ T4203] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  355.438528][ T4463] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input6
[  355.443074][ T4203] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888016c41dc0
[  355.443096][ T4203] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  355.443107][ T4203] page dumped because: kasan: bad access detected
[  355.443117][ T4203] page_owner tracks the page as allocated
[  355.443125][ T4203] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4188, ts 64385212305, free_ts 64379222793
[  355.502122][ T4203]  get_page_from_freelist+0x1bbd/0x1ca0
[  355.507867][ T4203]  __alloc_pages+0x1ee/0x480
[  355.512490][ T4203]  new_slab+0xc0/0x4b0
[  355.516581][ T4203]  ___slab_alloc+0x80a/0xdd0
[  355.521297][ T4203]  __kmalloc_node_track_caller+0x1fc/0x3a0
[  355.527243][ T4203]  __alloc_skb+0x22c/0x750
[  355.531677][ T4203]  rtmsg_fib+0xe7/0x4b0
[  355.535831][ T4203]  fib_table_insert+0xd36/0x1bb0
[  355.540756][ T4203]  fib_magic+0x2e1/0x3c0
[  355.544992][ T4203]  fib_add_ifaddr+0x140/0x5e0
[  355.549655][ T4203]  fib_inetaddr_event+0x13c/0x1c0
[  355.554757][ T4203]  blocking_notifier_call_chain+0x103/0x1b0
[  355.560822][ T4203]  __inet_insert_ifa+0x9f7/0xbe0
[  355.565875][ T4203]  inet_rtm_newaddr+0x99a/0x1890
[  355.570843][ T4203]  rtnetlink_rcv_msg+0x844/0xf30
[  355.576031][ T4203]  netlink_rcv_skb+0x1f5/0x440
[  355.580803][ T4203] page last free stack trace:
[  355.585486][ T4203]  free_unref_page_prepare+0x637/0x6c0
[  355.590946][ T4203]  free_unref_page+0x8f/0x2a0
[  355.595734][ T4203]  __unfreeze_partials+0x1a5/0x200
[  355.600838][ T4203]  put_cpu_partial+0x12d/0x190
[  355.605610][ T4203]  qlist_free_all+0x35/0x90
[  355.610105][ T4203]  kasan_quarantine_reduce+0x150/0x160
[  355.615558][ T4203]  __kasan_slab_alloc+0x2f/0xd0
[  355.620405][ T4203]  slab_post_alloc_hook+0x4c/0x380
[  355.625611][ T4203]  kmem_cache_alloc_trace+0x103/0x2a0
[  355.630978][ T4203]  __ipv6_dev_mc_inc+0x3fa/0xa90
[  355.635938][ T4203]  addrconf_dad_work+0x3d1/0x1540
[  355.641088][ T4203]  process_one_work+0x85f/0x1010
[  355.646047][ T4203]  worker_thread+0xaa6/0x1290
[  355.650945][ T4203]  kthread+0x436/0x520
[  355.655042][ T4203]  ret_from_fork+0x1f/0x30
[  355.659460][ T4203] 
[  355.661780][ T4203] Memory state around the buggy address:
[  355.667410][ T4203]  ffff8880781dab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  355.675554][ T4203]  ffff8880781dab80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  355.683613][ T4203] >ffff8880781dac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  355.691850][ T4203]                       ^
[  355.696186][ T4203]  ffff8880781dac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  355.704418][ T4203]  ffff8880781dad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  355.712474][ T4203] ==================================================================
[  355.720527][ T4203] Disabling lock debugging due to kernel taint
[  355.726931][    C1] vkms_vblank_simulate: vblank timer overrun
[  355.742415][ T4203] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  355.749753][ T4203] CPU: 1 PID: 4203 Comm: kworker/u5:7 Tainted: G    B             syzkaller #0
[  355.758782][ T4203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  355.768867][ T4203] Workqueue: hci2 hci_rx_work
[  355.773586][ T4203] Call Trace:
[  355.776905][ T4203]  <TASK>
[  355.779865][ T4203]  dump_stack_lvl+0x188/0x250
[  355.784539][ T4203]  ? show_regs_print_info+0x20/0x20
[  355.789730][ T4203]  ? load_image+0x400/0x400
[  355.794230][ T4203]  panic+0x2e5/0x810
[  355.798213][ T4203]  ? bpf_jit_dump+0xd0/0xd0
[  355.802746][ T4203]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[  355.808730][ T4203]  ? _raw_spin_unlock+0x40/0x40
[  355.813589][ T4203]  ? hci_le_meta_evt+0x133f/0x3c90
[  355.818869][ T4203]  check_panic_on_warn+0x80/0xa0
[  355.823800][ T4203]  ? hci_le_meta_evt+0x133f/0x3c90
[  355.828902][ T4203]  end_report+0x6d/0xf0
[  355.833058][ T4203]  kasan_report+0x102/0x130
[  355.837590][ T4203]  ? hci_le_meta_evt+0x133f/0x3c90
[  355.842869][ T4203]  hci_le_meta_evt+0x133f/0x3c90
[  355.847909][ T4203]  ? hci_remote_host_features_evt+0x280/0x280
[  355.854261][ T4203]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  355.860059][ T4203]  ? mark_lock+0x94/0x320
[  355.864376][ T4203]  ? mutex_unlock+0x10/0x10
[  355.868893][ T4203]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  355.874876][ T4203]  ? lock_chain_count+0x20/0x20
[  355.879717][ T4203]  ? __rwlock_init+0x140/0x140
[  355.884466][ T4203]  hci_event_packet+0xe48/0x1370
[  355.889394][ T4203]  ? lockdep_hardirqs_on+0x94/0x140
[  355.894586][ T4203]  ? rcu_lock_release+0x20/0x20
[  355.899443][ T4203]  ? hci_send_to_monitor+0x9c/0x4a0
[  355.904641][ T4203]  hci_rx_work+0x255/0xa10
[  355.909178][ T4203]  process_one_work+0x85f/0x1010
[  355.914110][ T4203]  ? worker_detach_from_pool+0x240/0x240
[  355.919735][ T4203]  ? lockdep_hardirqs_off+0x70/0x100
[  355.925020][ T4203]  ? _raw_spin_lock_irq+0xb7/0xf0
[  355.930039][ T4203]  ? _raw_spin_lock_irqsave+0x100/0x100
[  355.935577][ T4203]  ? wq_worker_running+0x97/0x170
[  355.940600][ T4203]  worker_thread+0xaa6/0x1290
[  355.945271][ T4203]  ? lockdep_hardirqs_on+0x94/0x140
[  355.950462][ T4203]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  355.956371][ T4203]  kthread+0x436/0x520
[  355.960534][ T4203]  ? rcu_lock_release+0x20/0x20
[  355.965387][ T4203]  ? kthread_blkcg+0xd0/0xd0
[  355.969984][ T4203]  ret_from_fork+0x1f/0x30
[  355.974402][ T4203]  </TASK>
[  355.977981][ T4203] Kernel Offset: disabled
[  355.982320][ T4203] Rebooting in 86400 seconds..