last executing test programs:

7m44.597186761s ago: executing program 1 (id=280):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
read$FUSE(0xffffffffffffffff, &(0x7f0000019300)={0x2020}, 0x2020)
socket$kcm(0xa, 0x1, 0x106)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

7m43.102157233s ago: executing program 1 (id=282):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setxattr$incfs_metadata(0x0, &(0x7f0000000840), 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x90)

7m42.199953636s ago: executing program 1 (id=284):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_getattr(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000000"], &(0x7f0000001200)='syzkaller\x00'}, 0x94)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r3, r5}, 0x10)
r7 = socket$inet6(0xa, 0x2, 0x3a)
r8 = dup(r7)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map=r5, 0x2e, 0x1, 0x6, &(0x7f00000000c0)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000100), &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@fallback=r2, r5, 0x27, 0x2004, 0x0, @value=r6, @void, @void, @void, r9}, 0x20)
bind$unix(r8, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@ipv6_newrule={0x1c, 0x20, 0x701, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x80, 0x1b, 0x6, 0x0, 0x0, 0x3, 0x30}}, 0x1c}}, 0x4)
socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
munlockall()

7m41.198827831s ago: executing program 1 (id=286):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

7m40.957139754s ago: executing program 1 (id=288):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod(0x0, 0x8001420, 0x1)
syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000040)=0x401, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4001c00)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x1}, 0x50)

7m40.532742501s ago: executing program 1 (id=289):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x900)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1, 0x0, 0xff6f}, 0x3ff}], 0x4000300, 0x2, 0x0)

7m39.721183023s ago: executing program 32 (id=289):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x900)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1, 0x0, 0xff6f}, 0x3ff}], 0x4000300, 0x2, 0x0)

2m44.437192655s ago: executing program 4 (id=1016):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x20000000, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x808}, 0x4004000)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@sg0, &(0x7f0000000000)='./file0\x00', 0x0, 0x5002, 0x0)
open(0x0, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x0)

2m37.33735502s ago: executing program 4 (id=1034):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)

2m36.068587679s ago: executing program 4 (id=1039):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fchdir(0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r7 = gettid()
fsmount(r5, 0x0, 0x0)
tkill(r7, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6, 0x2010, 0xffffffffffffffff, 0x180000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x1, 0x4, 0x1, 0x5}})
syz_open_dev$vim2m(0x0, 0x3, 0x2)

2m34.706773959s ago: executing program 4 (id=1043):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
creat(&(0x7f0000000300)='./bus\x00', 0x110)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

2m32.170855447s ago: executing program 4 (id=1046):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad", 0x1)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r2 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
keyctl$KEYCTL_RESTRICT_KEYRING(0xb, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000001a00), 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000200)='source', &(0x7f0000000000)='\\\\\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x11\xc9\xc5\xc4\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\\\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xb1\xc3j$v\xefw\x96\\\\\xa2\xfc\xe3\xb8\xc7\x0f\xaa\x01\x00\x00\x00;\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

2m31.017014804s ago: executing program 4 (id=1052):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_getattr(r1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000000"], &(0x7f0000001200)='syzkaller\x00'}, 0x94)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x3a)
r9 = dup(r8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map=r6, 0x2e, 0x1, 0x6, &(0x7f00000000c0)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000100), &(0x7f0000000240)=[0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@fallback=r3, r6, 0x27, 0x2004, 0x0, @value=r7, @void, @void, @void, r10}, 0x20)
bind$unix(r9, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@ipv6_newrule={0x1c, 0x20, 0x701, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x80, 0x1b, 0x6, 0x0, 0x0, 0x3, 0x30}}, 0x1c}}, 0x4)
r12 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r12, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
munlockall()

2m30.502044602s ago: executing program 33 (id=1052):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_getattr(r1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000000"], &(0x7f0000001200)='syzkaller\x00'}, 0x94)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x3a)
r9 = dup(r8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map=r6, 0x2e, 0x1, 0x6, &(0x7f00000000c0)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000100), &(0x7f0000000240)=[0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@fallback=r3, r6, 0x27, 0x2004, 0x0, @value=r7, @void, @void, @void, r10}, 0x20)
bind$unix(r9, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@ipv6_newrule={0x1c, 0x20, 0x701, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x80, 0x1b, 0x6, 0x0, 0x0, 0x3, 0x30}}, 0x1c}}, 0x4)
r12 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r12, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
munlockall()

10.571583774s ago: executing program 5 (id=1458):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}], 0x1, 0x48080)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)

9.088438846s ago: executing program 2 (id=1461):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fchdir(0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r7 = gettid()
fsmount(r5, 0x0, 0x0)
tkill(r7, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6, 0x2010, 0xffffffffffffffff, 0x180000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x1, 0x4, 0x1, 0x5}})
syz_open_dev$vim2m(0x0, 0x3, 0x2)

8.982522667s ago: executing program 3 (id=1462):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x400}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESDEC=r3])

8.165513969s ago: executing program 5 (id=1464):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)

7.013812456s ago: executing program 3 (id=1465):
syz_usb_connect(0x5, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f00000002c0), 0x28e41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000400)=0x17, 0x30)

6.906956878s ago: executing program 2 (id=1466):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
r2 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f0000000080)={0x0, @bt={0x1460, 0x5, 0x1, 0x2, 0x8000000000000000, 0x2, 0x1, 0x10000, 0x15ba9a49, 0x6, 0x9, 0x5, 0x9, 0x7fffffff, 0x10, 0x0, {0x80000000, 0x3ff}, 0x2, 0x1}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f075, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
ptrace(0x10, 0x0)
ptrace$setregs(0xd, 0x0, 0x80000001, &(0x7f00000003c0))
ptrace$getregset(0x4205, 0x0, 0x1, &(0x7f0000000080)={&(0x7f0000019580)=""/120, 0x78})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3, 0x0, r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r5, 0x65, 0x4, 0x0, &(0x7f0000000100))
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x14, 0x15, 0xa, 0x201, 0x0, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20008880}, 0x24000898)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})

5.909307572s ago: executing program 0 (id=1468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, <r3=>0x0})
prlimit64(r3, 0x3, &(0x7f0000000140)={0x3}, 0x0)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e3002a0001f14000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)

5.903460823s ago: executing program 2 (id=1469):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
r3 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x1000000, 0x8010002})

4.631794552s ago: executing program 0 (id=1470):
sendto(0xffffffffffffffff, &(0x7f0000000540)="0cc31a4098ddc80dadd3a0aa2bea9050d9f47bcde4cbb8170d3d61aabbdbd869e8a75ab95a3b8e8b960477dbbbbf5cb0fd4a98ea0032d054de676f19c5e1f84def57482d1b3eb94a2a1d3c0a733709610ece6cb54ae7f8c3ed385c3890244d348c9bcfb556ee478845ff23d8a9f2a492531e7c7ce719ef1983bdaf4008386323fc593be590321dbe51aa4ecabebf49ab7edb835efc0f722637337e20cc541399dc617deafa840b68f2b22e5f7c6afb3825871b966ab90a79a4d6d72f29a1e43abdf4d25f6352dfa26c576830c49b18ece887b47c37affa1c3f24fdb0e14151550796aaa09b4669e71d9f4255f63905467b709f7a7185347a078538e4443f0dad324393274e857979db0a9e3894857aacabc2f2ccd9457fda98a520e2b8c83085a206c8aea9dd18a0b66c87b3b61f95fafed84303436c7ae3782f714dc364c10102788b02d3aed05cb29fe974b75e7bf53dfd2554d7b700dcbf24a6fa021732b747a2c7d6d2a649e1ca523f91ba57da29e6e5050da7ec9466884aea64349e0c65b40bd78fe25622a5f854d351fd3282e85e37989b73e1a3b9fe874ad7131850117f285afe15040fd20cd9c861c95b2c1f9844ac1f8b3cd0a7f22269e235866434acb5f4d9d0b64301cd5b4e8c2da68caacd3f7dda0f325120ad99c05a55736067c87cceda7b850758e60ab8829b0dbfdc1ca8322e6716e643e00c2f665781461f08282a0aa366d9927036d685c3a721530dafe21e62906c5710c3214621d6374d9f5eef47eca1e5080e21832e6d639822a3bf99784f7b19e2dfaa7b8ba39dc5212c94585af38e7a50cbf6d619e3f1b8e4c17351203fa037ca4ce7ef32fd8b4387b8583ebd32a0c5aeb05fced1e492670cabc370aba18abe561e2bfcfa6d92c0c3d0419f5f4936772b6a0026a623914f09b04cf5d7c2b3ab010c676e9932f5807240a765b3d92d2bcdd63a91bd0f1c795fe0ecdda5e50ec8fd0a68115986168fb8bb67fa020ed3c416a716fb12d5d918b8522931dcf2bfd0c7bf7d9c56c490c9880309240d0c2cf1a3cafb647e1a9e1fde434cdbcae9eeac3f8c652a85d6aea69b3e9a922cb2727ed8f50e", 0x30a, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x0, 0x0)
read$FUSE(r0, &(0x7f0000003680)={0x2020}, 0x2020)

4.493294973s ago: executing program 0 (id=1471):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x3b3c03, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
semget$private(0x0, 0x6, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x0)
tee(r2, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14)
connect$802154_dgram(r3, &(0x7f000000b900)={0x24, @none={0x0, 0xffff}}, 0x14)

3.449333809s ago: executing program 3 (id=1472):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec85"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x91}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x86443, 0x0)
rename(&(0x7f0000000100)='./bus\x00', &(0x7f0000000180)='./file1\x00')

3.424012439s ago: executing program 0 (id=1473):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x91}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x86443, 0x0)
rename(&(0x7f0000000100)='./bus\x00', &(0x7f0000000180)='./file1\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)

3.41382222s ago: executing program 5 (id=1474):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x400}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESDEC=r2])

3.186684423s ago: executing program 3 (id=1475):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fchdir(0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r7 = gettid()
fsmount(r5, 0x0, 0x0)
tkill(r7, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6, 0x2010, 0xffffffffffffffff, 0x180000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x1, 0x4, 0x1, 0x5}})
syz_open_dev$vim2m(0x0, 0x3, 0x2)

2.993032616s ago: executing program 5 (id=1476):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, 0x0, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8042, 0x0)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$P9_RSTATu(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="080200000200000005f8000000000000000000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500002b595fcb14034354b9fd9ef196a51cd5157adc8103b494e11d00d299988014986ce982cfc26dd7c500f04cd85f2a70f5e9930e97a59a645500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8e289da649a37002c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x239)

2.980714776s ago: executing program 0 (id=1477):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001e00)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf, 0x9}, {}, {0xb, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000040)

2.965482676s ago: executing program 2 (id=1478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, <r3=>0x0})
prlimit64(r3, 0x3, &(0x7f0000000140)={0x3}, 0x0)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e3002a0001f14000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)

1.473226848s ago: executing program 2 (id=1479):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0xfffffffc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r4, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

1.070777554s ago: executing program 3 (id=1480):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, 0x0, 0x0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
r5 = timerfd_create(0x0, 0x0)
r6 = syz_io_uring_setup(0x58f2, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
r9 = open$dir(0x0, 0x80, 0x107)
symlinkat(&(0x7f0000000280)='./file1\x00', r9, &(0x7f0000000340)='./bus\x00')
syz_io_uring_submit(r7, r8, 0x0)
io_uring_enter(r6, 0x1f82, 0x0, 0x0, 0x0, 0x0)
ioctl$TFD_IOC_SET_TICKS(r5, 0x40085400, &(0x7f0000000080)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="1807000000000d000000000000000000851000000200000026000000feffff859500007b0000000095", @ANYRESHEX], &(0x7f0000000400)='GPL\x00', 0x2, 0x95, &(0x7f00000004c0)=""/149, 0x41100, 0x1}, 0x94)

1.067595354s ago: executing program 5 (id=1481):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000000c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd27, 0x0, {{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x80000001, 0x80000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b0000", @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00\x00\x00'], 0x48)

732.92237ms ago: executing program 5 (id=1482):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r2, &(0x7f00000000c0), 0x2)
read(r2, &(0x7f00000001c0)=""/93, 0x5d)
write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000280)={0x2, 0xf2}, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0xff}, 0x1)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r1, 0x0)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x201, 0x8, 0x2, 0x0, 0x2})
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/246, 0xf6}], 0x1)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000400)=0xfffffffd)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff4, 0x4}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0x3}]}}]}, 0x38}}, 0x40044)
r5 = socket(0x2, 0x3, 0xff)
sendto$inet(r5, &(0x7f00000002c0)="b401fcc8cd1bb8b66f2e1c301f4c43f5996bbd0f", 0x14, 0xb00, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000040)={<r6=>0x0, @in={{0x2, 0x4e23, @empty}}, [0x5, 0xb2, 0x1, 0xb, 0xf4, 0x1, 0x6, 0x5159, 0x1, 0x1, 0x8, 0x9900, 0x2, 0x6, 0x9f12]}, &(0x7f0000000140)=0x100)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r6, 0x5}, 0x8)
r7 = syz_open_dev$dri(&(0x7f0000000200), 0x0, 0x600)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r7, 0xc00464be, &(0x7f0000000300))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000480)=@newlink={0x30, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x30}}, 0x4000)

73.137129ms ago: executing program 2 (id=1483):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000))
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)

59.67943ms ago: executing program 0 (id=1484):
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0xcf6, 0x4c314356, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x2}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, 0x0, 0x0, 0x2018081, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, 0x0, 0x0)
listen(r5, 0x4000)
close(r5)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
gettid()
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000240)=0x1)

0s ago: executing program 3 (id=1485):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x3b3c03, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
semget$private(0x0, 0x6, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
tee(0xffffffffffffffff, r2, 0xfffffffffffffc01, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14)
connect$802154_dgram(r3, &(0x7f000000b900)={0x24, @none={0x0, 0xffff}}, 0x14)

kernel console output (not intermixed with test programs):

port 6081 - 0
[   65.675133][ T2979] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.677516][ T5791] veth0_macvtap: entered promiscuous mode
[   65.691346][ T2979] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.717222][ T5791] veth1_macvtap: entered promiscuous mode
[   65.821081][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.841123][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.851693][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.864351][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.874275][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.885303][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.946244][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.059303][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.070562][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.082931][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.093789][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.105579][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.122949][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.381284][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.637877][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.727609][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.746701][ T5791] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.782000][ T5791] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.795281][ T5791] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.807731][ T5791] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.033586][ T5108] Bluetooth: hci3: command tx timeout
[   67.038284][ T3472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.039077][ T5790] Bluetooth: hci1: command tx timeout
[   67.054007][   T50] Bluetooth: hci0: command tx timeout
[   67.060231][ T5801] Bluetooth: hci2: command tx timeout
[   67.206287][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   67.212506][ T3472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.493504][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.615823][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   67.718053][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   67.726844][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   67.922745][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   68.127886][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   68.152508][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   68.762702][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   68.833408][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.841266][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.965208][ T3483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.998395][ T3483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.112788][ T5801] Bluetooth: hci2: command tx timeout
[   69.118383][ T5801] Bluetooth: hci1: command tx timeout
[   69.124892][ T5790] Bluetooth: hci0: command tx timeout
[   69.130443][   T50] Bluetooth: hci3: command tx timeout
[   69.217418][ T5898] syz.0.9: attempt to access beyond end of device
[   69.217418][ T5898] nbd0: rw=0, sector=16, nr_sectors = 1 limit=0
[   69.232489][ T5898] qnx6: unable to read the first superblock
[   69.239427][ T5898] syz.0.9: attempt to access beyond end of device
[   69.239427][ T5898] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[   69.252977][ T5898] qnx6: unable to read the first superblock
[   69.253357][   T28] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   69.259458][ T5898] qnx6: unable to read the first superblock
[   69.519002][   T28] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   69.743914][   T28] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   69.914957][   T28] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   70.098679][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   70.114636][   T28] usb 3-1: SerialNumber: syz
[   70.202135][ T5911] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   70.436106][   T28] usb 3-1: 0:2 : does not exist
[   71.085783][   T28] usb 3-1: USB disconnect, device number 2
[   71.093297][ T5916] misc userio: No port type given on /dev/userio
[   71.178302][ T5922] misc userio: The device must be registered before sending interrupts
[   71.420401][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   71.607462][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[   71.615355][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[   71.726911][ T5841] libceph: connect (1)[c::]:6789 error -101
[   71.761835][ T5841] libceph: mon0 (1)[c::]:6789 connect error
[   71.802612][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   72.046437][ T5841] libceph: connect (1)[c::]:6789 error -101
[   72.113681][ T5841] libceph: mon0 (1)[c::]:6789 connect error
[   72.305118][ T5929] ceph: No mds server is up or the cluster is laggy
[   74.634610][ T5955] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   75.241975][ T5962] syz.2.20: attempt to access beyond end of device
[   75.241975][ T5962] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[   75.254770][ T5962] qnx6: unable to read the first superblock
[   75.261720][ T5962] syz.2.20: attempt to access beyond end of device
[   75.261720][ T5962] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[   75.274492][ T5962] qnx6: unable to read the first superblock
[   75.280389][ T5962] qnx6: unable to read the first superblock
[   76.607101][ T5970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.24'.
[   76.616257][ T5970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.24'.
[   77.512682][ T5873] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   77.762927][ T5873] usb 3-1: Using ep0 maxpacket: 32
[   77.816625][ T5873] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[   77.881061][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.049005][ T5873] usb 3-1: config 0 descriptor??
[   78.147725][ T5873] gspca_main: nw80x-2.14.0 probing 055f:d001
[   78.439181][ T5982] netlink: 60 bytes leftover after parsing attributes in process `syz.1.30'.
[   78.458590][ T5982] netlink: 60 bytes leftover after parsing attributes in process `syz.1.30'.
[   78.479315][ T5981] netlink: 60 bytes leftover after parsing attributes in process `syz.1.30'.
[   79.046856][ T5873] gspca_nw80x: reg_r err -71
[   79.051536][ T5873] nw80x: probe of 3-1:0.0 failed with error -71
[   79.734598][ T5873] usb 3-1: USB disconnect, device number 3
[   81.865042][   T23] cfg80211: failed to load regulatory.db
[   83.612417][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   83.810279][    T9] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[   83.833870][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.855814][    T9] usb 4-1: Product: syz
[   83.868548][    T9] usb 4-1: Manufacturer: syz
[   83.879785][    T9] usb 4-1: SerialNumber: syz
[   83.906254][    T9] usb 4-1: config 0 descriptor??
[   83.929220][    T9] gspca_main: sunplus-2.14.0 probing 04fc:504a
[   85.375922][    T9] gspca_sunplus: reg_r err -110
[   86.337840][ T6040] block nbd3: shutting down sockets
[   86.402559][   T28] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   86.413068][    T9] usb 4-1: USB disconnect, device number 2
[   86.664541][   T28] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   86.759785][   T28] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   86.903397][   T28] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   86.989257][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   87.068411][   T28] usb 3-1: SerialNumber: syz
[   87.449748][   T28] usb 3-1: 0:2 : does not exist
[   87.532728][   T28] usb 3-1: USB disconnect, device number 4
[   89.091377][ T6072] process 'syz.0.56' launched '' with NULL argv: empty string added
[   91.263114][ T6085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.60'.
[   91.274153][ T6085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.60'.
[   96.165374][ T6120] netlink: 28 bytes leftover after parsing attributes in process `syz.1.71'.
[   96.174249][ T6120] netlink: 28 bytes leftover after parsing attributes in process `syz.1.71'.
[   97.190466][ T6130] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  106.270245][  T787] libceph: connect (1)[c::]:6789 error -101
[  106.280464][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  106.552868][  T787] libceph: connect (1)[c::]:6789 error -101
[  106.829255][ T6192] ceph: No mds server is up or the cluster is laggy
[  107.283357][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  111.958378][ T6248] fuse: Bad value for 'group_id'
[  115.489262][ T6268] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  120.630091][ T6309] netlink: 28 bytes leftover after parsing attributes in process `syz.3.122'.
[  120.639333][ T6309] netlink: 28 bytes leftover after parsing attributes in process `syz.3.122'.
[  126.757084][ T6354] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6354 comm: syz.1.134)
[  126.770754][   T27] audit: type=1800 audit(1751630712.382:2): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.134" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=9289 res=0 errno=0
[  128.052169][ T6366] overlayfs: failed to resolve './file1': -2
[  132.943834][ T6412] overlayfs: failed to resolve './file1': -2
[  134.146443][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  134.152902][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  135.062652][   T28] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  135.329443][   T28] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  135.488572][   T28] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  135.653136][   T28] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  135.672988][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  135.698028][   T28] usb 3-1: SerialNumber: syz
[  135.989224][   T28] usb 3-1: 0:2 : does not exist
[  136.048193][   T28] usb 3-1: USB disconnect, device number 5
[  136.185677][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  136.916237][  T965] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  137.852183][  T965] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  137.882674][  T965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.890701][  T965] usb 2-1: Product: syz
[  137.926884][  T965] usb 2-1: Manufacturer: syz
[  137.993315][  T965] usb 2-1: SerialNumber: syz
[  138.123533][  T965] usb 2-1: config 0 descriptor??
[  138.153175][  T965] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  139.040854][  T965] gspca_sunplus: reg_r err -110
[  140.235720][ T6465] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6465 comm: syz.0.166)
[  140.260758][   T27] audit: type=1800 audit(1751630725.862:3): pid=6465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.166" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=8723 res=0 errno=0
[  140.924805][    T9] usb 2-1: USB disconnect, device number 2
[  142.512410][  T965] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  142.710144][  T965] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.762732][  T965] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  142.839201][  T965] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  142.899160][  T965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  142.950739][  T965] usb 3-1: SerialNumber: syz
[  143.802970][  T965] usb 3-1: 0:2 : does not exist
[  143.825699][  T965] usb 3-1: USB disconnect, device number 6
[  143.858287][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  144.863053][ T6502] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6502 comm: syz.2.177)
[  144.875936][   T27] audit: type=1800 audit(1751630730.492:4): pid=6502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.177" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=9507 res=0 errno=0
[  145.573917][ T6510] UBIFS error (pid: 6510): cannot open "./file0", error -22
[  147.245861][ T6534] netlink: 8 bytes leftover after parsing attributes in process `syz.1.186'.
[  147.701437][ T6540] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6540 comm: syz.1.189)
[  147.722655][   T27] audit: type=1800 audit(1751630733.332:5): pid=6540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.189" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=9289 res=0 errno=0
[  148.689529][ T6551] UBIFS error (pid: 6551): cannot open "./file0", error -22
[  149.470881][ T6554] syz.1.192[6554]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  149.607470][ T6555] random: crng reseeded on system resumption
[  153.503963][ T6580] UBIFS error (pid: 6580): cannot open "./file0", error -22
[  155.552865][ T5950] libceph: connect (1)[c::]:6789 error -101
[  155.616762][ T5950] libceph: mon0 (1)[c::]:6789 connect error
[  155.653002][ T5950] libceph: connect (1)[c::]:6789 error -101
[  155.683617][ T5950] libceph: mon0 (1)[c::]:6789 connect error
[  155.942833][ T5950] libceph: connect (1)[c::]:6789 error -101
[  155.948941][ T5950] libceph: mon0 (1)[c::]:6789 connect error
[  156.088239][ T6592] ceph: No mds server is up or the cluster is laggy
[  157.366464][ T6617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.209'.
[  157.388175][ T6617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.209'.
[  159.716820][ T6640] fuse: Unknown parameter 'group_i00000000000000000000'
[  164.389749][ T6677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.227'.
[  164.423031][ T6677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.227'.
[  164.492529][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  164.700790][    T9] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  164.742680][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.756500][    T9] usb 4-1: Product: syz
[  164.760836][    T9] usb 4-1: Manufacturer: syz
[  164.774004][    T9] usb 4-1: SerialNumber: syz
[  164.781896][    T9] usb 4-1: config 0 descriptor??
[  164.799604][    T9] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  165.984994][    T9] gspca_sunplus: reg_r err -110
[  167.305597][    T9] usb 4-1: USB disconnect, device number 3
[  168.727978][ T6721] bridge_slave_0: left allmulticast mode
[  168.738069][ T6721] bridge_slave_0: left promiscuous mode
[  168.751361][ T6721] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.780905][ T6721] bridge_slave_1: left allmulticast mode
[  168.811313][ T6721] bridge_slave_1: left promiscuous mode
[  168.819575][ T6721] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.839758][ T6721] bond0: (slave bond_slave_0): Releasing backup interface
[  168.945591][ T6721] bond0: (slave bond_slave_1): Releasing backup interface
[  169.056678][ T6721] team0: Port device team_slave_0 removed
[  169.113117][ T6721] team0: Port device team_slave_1 removed
[  169.140284][ T6721] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.179009][ T6721] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.204629][ T6721] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.218261][ T6721] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.323746][ T6727] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6727 comm: syz.3.238)
[  169.412353][   T27] audit: type=1800 audit(1751630754.952:6): pid=6727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.238" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=9746 res=0 errno=0
[  170.934968][ T6733] netlink: 28 bytes leftover after parsing attributes in process `syz.0.239'.
[  170.967893][ T6733] netlink: 28 bytes leftover after parsing attributes in process `syz.0.239'.
[  177.107209][   T27] audit: type=1326 audit(1751630762.722:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6767 comm="syz.3.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18038e929 code=0x7fc00000
[  178.003572][   T28] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  178.248378][   T28] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  178.279548][   T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.327893][   T28] usb 2-1: Product: syz
[  178.462410][   T28] usb 2-1: Manufacturer: syz
[  178.466630][ T6789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.256'.
[  178.473167][   T28] usb 2-1: SerialNumber: syz
[  178.476580][ T6789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.256'.
[  178.535904][   T28] usb 2-1: config 0 descriptor??
[  178.699740][   T28] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  178.705583][ T6791] netlink: 56 bytes leftover after parsing attributes in process `syz.3.258'.
[  180.612411][   T28] gspca_sunplus: reg_r err -110
[  181.727972][   T28] usb 2-1: USB disconnect, device number 3
[  183.702658][  T787] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  183.920486][  T787] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  183.949313][  T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.965375][  T787] usb 2-1: Product: syz
[  183.969710][  T787] usb 2-1: Manufacturer: syz
[  183.978449][  T787] usb 2-1: SerialNumber: syz
[  183.990988][  T787] usb 2-1: config 0 descriptor??
[  184.002519][  T787] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  185.212678][  T787] gspca_sunplus: reg_r err -110
[  185.962826][ T6832] netlink: 28 bytes leftover after parsing attributes in process `syz.3.270'.
[  185.972995][ T6832] netlink: 28 bytes leftover after parsing attributes in process `syz.3.270'.
[  187.912206][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[  187.918423][ T5795] Bluetooth: hci0: command 0x0406 tx timeout
[  187.924537][ T5799] Bluetooth: hci3: command 0x0406 tx timeout
[  187.930647][ T5799] Bluetooth: hci2: command 0x0406 tx timeout
[  187.939067][ T5848] usb 2-1: USB disconnect, device number 4
[  188.259986][ T6852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.274'.
[  188.274221][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.274'.
[  194.356099][ T5793] syz-executor (5793) used greatest stack depth: 19888 bytes left
[  194.486065][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.500482][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  195.889610][   T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  195.900760][   T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  195.919483][   T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  195.931104][   T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  195.941114][   T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  195.948746][   T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  196.322411][ T5828] usb 3-1: new low-speed USB device number 7 using dummy_hcd
[  196.468984][ T6909] chnl_net:caif_netlink_parms(): no params data found
[  196.514656][ T5828] usb 3-1: config 7 has an invalid interface number: 186 but max is 0
[  196.534303][ T5828] usb 3-1: config 7 has no interface number 0
[  196.566172][ T5828] usb 3-1: config 7 interface 186 has no altsetting 0
[  196.601831][ T5828] usb 3-1: string descriptor 0 read error: -22
[  196.627461][ T5828] usb 3-1: New USB device found, idVendor=0421, idProduct=0099, bcdDevice=e0.aa
[  196.652632][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.675601][ T5828] usb 3-1: bad CDC descriptors
[  196.675907][ T6909] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.695494][ T5828] usb 3-1: bad CDC descriptors
[  196.711427][ T6909] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.727998][ T6909] bridge_slave_0: entered allmulticast mode
[  196.809824][ T6909] bridge_slave_0: entered promiscuous mode
[  196.830580][ T6909] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.858777][ T6909] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.925761][ T6909] bridge_slave_1: entered allmulticast mode
[  196.934488][ T6909] bridge_slave_1: entered promiscuous mode
[  197.083332][ T6927] random: crng reseeded on system resumption
[  197.992475][   T50] Bluetooth: hci3: command tx timeout
[  200.082161][   T50] Bluetooth: hci3: command tx timeout
[  200.259070][   T28] usb 3-1: USB disconnect, device number 7
[  200.866807][ T6909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.925413][ T6909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.096587][ T6909] team0: Port device team_slave_0 added
[  201.106676][ T6909] team0: Port device team_slave_1 added
[  201.854381][ T6909] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.861367][ T6909] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.152447][   T50] Bluetooth: hci3: command tx timeout
[  203.296553][ T6909] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.465106][   T50] Bluetooth: hci3: command tx timeout
[  205.518855][ T6909] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.562401][ T6909] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.672396][ T6909] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.272234][ T6909] hsr_slave_0: entered promiscuous mode
[  206.290701][ T6909] hsr_slave_1: entered promiscuous mode
[  206.313101][ T6909] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.336059][ T6909] Cannot create hsr debugfs directory
[  206.997659][ T6968] overlayfs: failed to resolve './file1': -2
[  207.579126][ T6909] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  207.622205][ T6909] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  207.660512][ T6909] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  207.701054][ T6909] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  209.042494][ T6909] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.165206][ T6909] 8021q: adding VLAN 0 to HW filter on device team0
[  209.190821][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.199025][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.260435][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.267646][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.760599][ T6909] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  209.812726][ T6909] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.123045][ T6909] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.968668][ T6909] veth0_vlan: entered promiscuous mode
[  214.648575][ T6909] veth1_vlan: entered promiscuous mode
[  214.791261][ T6909] veth0_macvtap: entered promiscuous mode
[  214.889903][ T6909] veth1_macvtap: entered promiscuous mode
[  215.494129][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.504791][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.566452][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.577061][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.587737][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.600816][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.613319][ T6909] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.651950][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.712909][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.744374][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.783708][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.946575][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.963596][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.318831][ T6909] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.465381][ T6909] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.480688][ T6909] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.500155][ T6909] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.511149][ T6909] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.164981][ T7069] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'.
[  217.180034][ T7069] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'.
[  218.553923][ T2979] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.561781][ T2979] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.613987][ T3483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.634059][ T3483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.730665][ T7102] Zero length message leads to an empty skb
[  221.743045][ T7102] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 7102 comm: syz.2.337)
[  221.760759][   T27] audit: type=1800 audit(1751630807.372:8): pid=7102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.337" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=9507 res=0 errno=0
[  225.398818][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.4.348'.
[  225.407941][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.4.348'.
[  225.899186][ T7142] netlink: 28 bytes leftover after parsing attributes in process `syz.3.350'.
[  228.116705][ T7161] netlink: 'syz.3.353': attribute type 10 has an invalid length.
[  228.823228][ T7161] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.834906][ T7161] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  230.233243][ T7182] netlink: 28 bytes leftover after parsing attributes in process `syz.4.361'.
[  230.242564][ T7182] netlink: 28 bytes leftover after parsing attributes in process `syz.4.361'.
[  233.189129][  T965] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  233.389340][  T965] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  233.411454][  T965] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.434435][  T965] usb 4-1: Product: syz
[  233.445462][  T965] usb 4-1: Manufacturer: syz
[  233.450561][  T965] usb 4-1: SerialNumber: syz
[  233.460894][  T965] usb 4-1: config 0 descriptor??
[  233.473607][  T965] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  234.003062][  T965] gspca_sunplus: reg_r err -110
[  235.890985][ T5848] usb 4-1: USB disconnect, device number 4
[  237.775709][ T7263] netlink: 8 bytes leftover after parsing attributes in process `syz.4.386'.
[  237.809921][ T7263] netlink: 4 bytes leftover after parsing attributes in process `syz.4.386'.
[  238.119627][ T7272] netlink: 'syz.4.389': attribute type 13 has an invalid length.
[  242.282592][   T28] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  242.530967][   T28] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  242.565647][   T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.599297][   T28] usb 4-1: Product: syz
[  242.624546][   T28] usb 4-1: Manufacturer: syz
[  242.652898][   T28] usb 4-1: SerialNumber: syz
[  242.714462][   T28] usb 4-1: config 0 descriptor??
[  242.755175][   T28] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  243.272628][   T28] gspca_sunplus: reg_r err -110
[  245.047054][ T5848] usb 4-1: USB disconnect, device number 5
[  246.142463][   T28] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  246.366106][   T28] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.503063][   T28] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  246.696072][   T28] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  246.802487][   T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  246.843211][   T28] usb 4-1: SerialNumber: syz
[  247.084314][   T28] usb 4-1: 0:2 : does not exist
[  247.115489][   T28] usb 4-1: USB disconnect, device number 6
[  247.178429][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  247.179716][ T7370] input: syz1 as /devices/virtual/input/input17
[  247.401707][ T7373] random: crng reseeded on system resumption
[  250.026882][ T5848] libceph: connect (1)[c::]:6789 error -101
[  250.035679][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  250.051003][ T5848] libceph: connect (1)[c::]:6789 error -101
[  250.057444][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  250.227149][ T7405] netlink: 28 bytes leftover after parsing attributes in process `syz.0.429'.
[  250.237041][ T7405] netlink: 28 bytes leftover after parsing attributes in process `syz.0.429'.
[  250.322810][ T5848] libceph: connect (1)[c::]:6789 error -101
[  250.389813][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  250.666066][ T7398] ceph: No mds server is up or the cluster is laggy
[  251.842427][ T5848] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  251.865837][ T7418] random: crng reseeded on system resumption
[  252.724214][ T5848] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  252.740557][ T5848] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  252.758264][ T7426] netlink: 40 bytes leftover after parsing attributes in process `syz.4.436'.
[  252.769238][ T5848] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  252.780381][ T5848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  252.802479][ T5848] usb 4-1: SerialNumber: syz
[  252.929902][ T7429] 9pnet_fd: Insufficient options for proto=fd
[  253.019684][ T5848] usb 4-1: 0:2 : does not exist
[  253.057630][ T5848] usb 4-1: USB disconnect, device number 7
[  253.121634][ T7438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.441'.
[  253.192691][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  253.647791][ T7449] netlink: 28 bytes leftover after parsing attributes in process `syz.2.443'.
[  253.658635][ T7449] netlink: 28 bytes leftover after parsing attributes in process `syz.2.443'.
[  254.897182][ T7457] netlink: 40 bytes leftover after parsing attributes in process `syz.4.446'.
[  255.161173][ T7463] 9pnet_fd: Insufficient options for proto=fd
[  255.259273][ T7468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.451'.
[  255.924294][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.931720][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  257.808074][ T7487] netlink: 28 bytes leftover after parsing attributes in process `syz.4.458'.
[  257.822576][ T7487] netlink: 28 bytes leftover after parsing attributes in process `syz.4.458'.
[  259.116170][ T7500] 9pnet_fd: Insufficient options for proto=fd
[  261.677449][    C1] af_packet: tpacket_rcv: packet too big, clamped from 28 to 4294967272. macoff=96
[  262.432665][ T7524] "syz.2.467" (7524) uses obsolete ecb(arc4) skcipher
[  263.766442][ T7524] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  263.792883][ T7524] CIFS: Unable to determine destination address
[  264.810111][ T7537] warning: `syz.0.470' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  268.993207][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.4.481'.
[  271.222448][ T5848] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  271.454832][ T5848] usb 4-1: Using ep0 maxpacket: 8
[  271.468286][ T5848] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  271.500891][ T5848] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  271.520350][ T5848] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  271.539058][ T5848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.561923][ T5848] usb 4-1: config 0 descriptor??
[  273.103449][  T965] usb 4-1: USB disconnect, device number 8
[  273.732789][ T3065] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  273.948827][ T3065] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  273.962016][ T3065] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.976887][ T3065] usb 3-1: Product: syz
[  273.981411][ T3065] usb 3-1: Manufacturer: syz
[  273.986588][ T3065] usb 3-1: SerialNumber: syz
[  274.027554][ T3065] usb 3-1: config 0 descriptor??
[  274.044804][ T3065] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  274.565616][ T3065] gspca_sunplus: reg_r err -110
[  276.424107][ T7649] block nbd2: shutting down sockets
[  276.447243][ T5950] usb 3-1: USB disconnect, device number 8
[  281.174417][  T965] libceph: connect (1)[c::]:6789 error -101
[  281.180495][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  281.562605][ T7697] ceph: No mds server is up or the cluster is laggy
[  281.976905][    T9] libceph: connect (1)[c::]:6789 error -101
[  281.993330][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  284.426515][ T7740] overlayfs: failed to resolve './file0': -2
[  285.454239][  T965] libceph: connect (1)[c::]:6789 error -101
[  285.460323][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  285.772966][  T965] libceph: connect (1)[c::]:6789 error -101
[  285.789310][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  286.024558][ T7750] ceph: No mds server is up or the cluster is laggy
[  287.766723][ T7778] netlink: 8 bytes leftover after parsing attributes in process `syz.3.544'.
[  288.041406][ T7775] random: crng reseeded on system resumption
[  288.832845][ T7794] CIFS: Unable to determine destination address
[  290.792557][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.555'.
[  291.345848][ T7827] random: crng reseeded on system resumption
[  294.882485][ T7870] random: crng reseeded on system resumption
[  297.039813][ T7898] "syz.2.577" (7898) uses obsolete ecb(arc4) skcipher
[  297.190835][ T7900] CIFS: Unable to determine destination address
[  302.231065][ T7941] "syz.0.587" (7941) uses obsolete ecb(arc4) skcipher
[  302.394353][ T7944] CIFS: Unable to determine destination address
[  303.921736][ T7948] 9pnet_fd: Insufficient options for proto=fd
[  306.194454][ T7973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.597'.
[  308.009517][ T7986] 9pnet_fd: Insufficient options for proto=fd
[  308.337450][ T7991] netlink: 28 bytes leftover after parsing attributes in process `syz.3.602'.
[  308.352420][ T7991] netlink: 28 bytes leftover after parsing attributes in process `syz.3.602'.
[  310.776155][ T5848] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  312.513360][ T5848] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  312.896852][ T5848] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  313.031568][ T8019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.610'.
[  313.048272][ T8019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.610'.
[  313.240111][ T5848] usb 5-1: string descriptor 0 read error: -71
[  313.246606][ T5848] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  313.278207][ T5848] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  313.306444][ T5848] usb 5-1: can't set config #1, error -71
[  314.342980][ T5848] usb 5-1: USB disconnect, device number 2
[  314.782476][ T5848] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  314.854541][ T5828] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  314.966746][ T5848] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  314.981496][ T5848] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.990041][ T5848] usb 5-1: Product: syz
[  315.004268][ T5848] usb 5-1: Manufacturer: syz
[  315.009477][ T5848] usb 5-1: SerialNumber: syz
[  315.025273][ T5848] usb 5-1: config 0 descriptor??
[  315.037572][ T5848] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  315.057400][ T5828] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  315.082396][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.090426][ T5828] usb 3-1: Product: syz
[  315.102598][ T5828] usb 3-1: Manufacturer: syz
[  315.107222][ T5828] usb 3-1: SerialNumber: syz
[  315.126278][ T5828] usb 3-1: config 0 descriptor??
[  315.144418][ T5828] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  315.653280][ T5828] gspca_sunplus: reg_r err -110
[  316.229517][ T5848] gspca_sunplus: reg_r err -110
[  317.558758][ T8046] block nbd4: shutting down sockets
[  317.604895][    T8] usb 5-1: USB disconnect, device number 3
[  317.613027][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.619599][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  318.335816][ T8065] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  320.491020][ T8079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.627'.
[  320.519403][ T8079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.627'.
[  320.844757][ T5828] usb 3-1: USB disconnect, device number 9
[  321.219373][ T8094] "syz.3.632" (8094) uses obsolete ecb(arc4) skcipher
[  322.119459][ T8097] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  322.282620][ T5828] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  322.475263][ T5828] usb 3-1: Using ep0 maxpacket: 8
[  322.599122][ T5828] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  322.612345][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.622795][ T5828] usb 3-1: Product: syz
[  322.626988][ T5828] usb 3-1: Manufacturer: syz
[  322.638899][ T5828] usb 3-1: SerialNumber: syz
[  322.741437][ T5828] usb 3-1: config 0 descriptor??
[  322.973288][ T5828] gspca_main: sq930x-2.14.0 probing 2770:930c
[  324.293632][ T5828] gspca_sq930x: reg_w 0305 fd00 failed -110
[  326.594506][ T8124] netlink: 28 bytes leftover after parsing attributes in process `syz.2.639'.
[  326.605105][ T8124] netlink: 28 bytes leftover after parsing attributes in process `syz.2.639'.
[  327.012585][ T5828] gspca_sq930x: Unknown sensor
[  327.018106][ T5828] sq930x: probe of 3-1:0.0 failed with error -22
[  327.033011][ T5828] usb 3-1: USB disconnect, device number 10
[  328.118468][ T8135] netlink: 28 bytes leftover after parsing attributes in process `syz.0.643'.
[  329.006183][ T5848] libceph: connect (1)[c::]:6789 error -101
[  330.215314][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  330.302153][ T8149] ceph: No mds server is up or the cluster is laggy
[  330.856017][ T8172] netlink: 28 bytes leftover after parsing attributes in process `syz.4.656'.
[  332.274990][ T8173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.654'.
[  332.285015][ T8173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.654'.
[  336.331036][ T8212] netlink: 'syz.3.667': attribute type 13 has an invalid length.
[  336.685755][ T8217] netlink: 28 bytes leftover after parsing attributes in process `syz.4.668'.
[  336.835864][ T8221] random: crng reseeded on system resumption
[  341.947624][ T8258] "syz.4.681" (8258) uses obsolete ecb(arc4) skcipher
[  342.289395][   T28] libceph: connect (1)[c::]:6789 error -101
[  342.444241][   T28] libceph: mon0 (1)[c::]:6789 connect error
[  342.557460][ T8262] ceph: No mds server is up or the cluster is laggy
[  342.573789][ T8268] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  349.500625][ T8320] random: crng reseeded on system resumption
[  353.914912][ T8349] ceph: No mds server is up or the cluster is laggy
[  353.945961][ T5778] libceph: connect (1)[c::]:6789 error -101
[  353.952036][ T5778] libceph: mon0 (1)[c::]:6789 connect error
[  354.365835][ T8361] netlink: 28 bytes leftover after parsing attributes in process `syz.2.707'.
[  354.375931][ T8361] netlink: 28 bytes leftover after parsing attributes in process `syz.2.707'.
[  354.752918][ T8367] fuse: Unknown parameter '0x0000000000000005'
[  355.594914][ T8369] 9pnet_fd: Insufficient options for proto=fd
[  356.012444][ T5778] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  356.975421][ T5778] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  357.011686][ T5778] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.029670][ T5778] usb 4-1: Product: syz
[  357.038603][ T5778] usb 4-1: Manufacturer: syz
[  357.045073][ T5778] usb 4-1: SerialNumber: syz
[  357.058065][ T5778] usb 4-1: config 0 descriptor??
[  357.109096][ T5778] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  357.241010][ T8388] random: crng reseeded on system resumption
[  358.024097][ T5778] gspca_sunplus: reg_r err -110
[  359.890692][ T8393] block nbd3: shutting down sockets
[  359.980855][    T9] usb 4-1: USB disconnect, device number 9
[  362.131176][ T8414] fuse: Unknown parameter '0x0000000000000005'
[  362.676486][ T8429] random: crng reseeded on system resumption
[  363.469385][ T8430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.726'.
[  363.513214][ T8430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.726'.
[  365.638279][ T8440] 9pnet_fd: Insufficient options for proto=fd
[  365.938329][ T8451] fuse: Unknown parameter '0x0000000000000005'
[  370.102004][ T8478] 9pnet_fd: Insufficient options for proto=fd
[  370.541979][ T8489] fuse: Unknown parameter '0x0000000000000005'
[  372.376983][ T8502] netlink: 28 bytes leftover after parsing attributes in process `syz.3.746'.
[  372.387130][ T8502] netlink: 28 bytes leftover after parsing attributes in process `syz.3.746'.
[  375.091187][ T8528] fuse: Unknown parameter '0x0000000000000005'
[  376.172441][ T5855] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  377.283326][ T5855] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  377.302737][ T5855] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  377.313834][ T5855] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  377.322993][ T5855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  377.331175][ T5855] usb 3-1: SerialNumber: syz
[  378.285386][ T5855] usb 3-1: 0:2 : does not exist
[  378.496829][ T5855] usb 3-1: USB disconnect, device number 11
[  379.040616][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  379.047195][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  379.723065][ T5848] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  379.777751][ T8568] fuse: Unknown parameter '0x0000000000000005'
[  380.647667][ T5848] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  380.889218][ T8578] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  380.900616][ T8578] netlink: 28 bytes leftover after parsing attributes in process `syz.3.767'.
[  380.915707][ T5848] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.970474][ T5848] usb 5-1: Product: syz
[  380.979783][ T5848] usb 5-1: Manufacturer: syz
[  380.988683][ T5848] usb 5-1: SerialNumber: syz
[  381.016623][ T5848] usb 5-1: config 0 descriptor??
[  381.049257][ T5848] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  381.272528][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  381.587331][ T5848] gspca_sunplus: reg_r err -110
[  383.521004][ T8590] block nbd4: shutting down sockets
[  383.615286][ T5848] usb 5-1: USB disconnect, device number 4
[  386.492394][ T8625] netlink: 28 bytes leftover after parsing attributes in process `syz.4.778'.
[  386.509752][ T8625] netlink: 28 bytes leftover after parsing attributes in process `syz.4.778'.
[  387.104793][ T8634] random: crng reseeded on system resumption
[  388.523161][ T8647] fuse: Unknown parameter 'fd0x0000000000000005'
[  388.772574][ T5855] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  389.567216][ T5855] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  389.634627][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.656918][ T5855] usb 4-1: Product: syz
[  389.661488][ T5855] usb 4-1: Manufacturer: syz
[  389.673799][ T5855] usb 4-1: SerialNumber: syz
[  389.695550][ T5855] usb 4-1: config 0 descriptor??
[  389.713496][ T5855] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  392.074723][ T5855] gspca_sunplus: reg_r err -110
[  393.188399][ T8662] block nbd3: shutting down sockets
[  393.283939][    T8] usb 4-1: USB disconnect, device number 10
[  393.675832][ T8672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.791'.
[  393.687544][ T8672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.791'.
[  395.270134][ T8689] fuse: Unknown parameter 'fd0x0000000000000005'
[  399.272912][ T5828] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  399.860354][ T5828] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  400.326179][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.376808][ T5828] usb 3-1: Product: syz
[  400.405426][ T5828] usb 3-1: Manufacturer: syz
[  400.458491][ T5828] usb 3-1: SerialNumber: syz
[  400.490568][ T5828] usb 3-1: config 0 descriptor??
[  400.534111][ T5828] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  401.942031][ T8720] random: crng reseeded on system resumption
[  402.984529][ T8728] fuse: Bad value for 'fd'
[  403.688514][ T5828] gspca_sunplus: reg_r err -110
[  403.696745][ T8708] block nbd2: shutting down sockets
[  403.745433][ T5855] usb 3-1: USB disconnect, device number 12
[  404.842542][ T5855] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  405.062355][ T5855] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  405.097756][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  405.135482][ T5855] usb 3-1: Product: syz
[  405.150350][ T5855] usb 3-1: Manufacturer: syz
[  405.170857][ T5855] usb 3-1: SerialNumber: syz
[  405.217729][ T5855] usb 3-1: config 0 descriptor??
[  405.237790][ T5855] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  406.310681][ T8747] 9pnet_fd: Insufficient options for proto=fd
[  406.457588][ T5855] gspca_sunplus: reg_r err -110
[  408.040622][ T8769] random: crng reseeded on system resumption
[  408.092457][    T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  408.937572][    T8] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  408.963052][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.971462][    T8] usb 4-1: Product: syz
[  408.992522][    T8] usb 4-1: Manufacturer: syz
[  408.997621][    T8] usb 4-1: SerialNumber: syz
[  409.018709][    T8] usb 4-1: config 0 descriptor??
[  409.042776][    T8] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  409.223825][ T5848] usb 3-1: USB disconnect, device number 13
[  410.101323][    T8] gspca_sunplus: reg_r err -110
[  410.518164][ T8790] 9pnet_fd: Insufficient options for proto=fd
[  411.151362][ T8780] block nbd3: shutting down sockets
[  411.236147][ T5855] usb 4-1: USB disconnect, device number 11
[  413.085591][   T27] audit: type=1804 audit(1751630998.702:9): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.831" name="/newroot/208/file1" dev="fuse" ino=1 res=1 errno=0
[  413.181692][   T27] audit: type=1800 audit(1751630998.702:10): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.831" name="/" dev="fuse" ino=1 res=0 errno=0
[  413.238327][   T27] audit: type=1804 audit(1751630998.782:11): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.831" name="/newroot/208/file1" dev="fuse" ino=1 res=1 errno=0
[  413.288494][   T27] audit: type=1804 audit(1751630998.782:12): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.831" name="/newroot/208/file1" dev="fuse" ino=1 res=1 errno=0
[  413.376299][   T27] audit: type=1800 audit(1751630998.782:13): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.831" name="/" dev="fuse" ino=1 res=0 errno=0
[  413.399486][ T8823] 9pnet_fd: Insufficient options for proto=fd
[  418.526474][ T8864] 9pnet_fd: Insufficient options for proto=fd
[  423.772727][ T8934] random: crng reseeded on system resumption
[  433.308767][ T9009] overlayfs: failed to resolve './file0': -2
[  433.832315][    C0] sched: RT throttling activated
[  436.660470][   T27] audit: type=1326 audit(1751631022.252:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  436.718058][   T27] audit: type=1326 audit(1751631022.252:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  438.920566][   T27] audit: type=1326 audit(1751631022.252:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  438.943743][   T27] audit: type=1326 audit(1751631022.262:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  438.953053][ T9034] sctp: failed to load transform for md5: -2
[  438.967911][   T27] audit: type=1326 audit(1751631022.262:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  438.998570][   T27] audit: type=1326 audit(1751631022.262:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  439.023595][   T27] audit: type=1326 audit(1751631022.262:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  439.124088][   T27] audit: type=1326 audit(1751631022.262:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  439.233789][   T27] audit: type=1326 audit(1751631022.262:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  439.557258][   T28] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  440.110773][   T27] audit: type=1326 audit(1751631022.272:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.2.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb5738e929 code=0x7ffc0000
[  440.732123][ T9059] overlayfs: failed to resolve './file0': -2
[  440.766428][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.773063][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  441.922513][   T28] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  442.076944][ T9062] ceph: No mds server is up or the cluster is laggy
[  442.093949][ T5828] libceph: connect (1)[c::]:6789 error -101
[  442.132519][   T28] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  442.143623][ T5828] libceph: mon0 (1)[c::]:6789 connect error
[  442.233986][   T28] usb 4-1: string descriptor 0 read error: -71
[  442.290076][   T28] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  442.337170][   T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  442.397584][   T28] usb 4-1: can't set config #1, error -71
[  442.452422][ T5848] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  442.454034][   T28] usb 4-1: USB disconnect, device number 12
[  445.028686][ T9096] overlayfs: failed to resolve './file1': -2
[  445.894112][ T5855] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  446.813240][ T5855] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  446.838571][ T5855] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  446.864005][ T5855] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  446.898401][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  446.937669][ T5855] usb 4-1: SerialNumber: syz
[  447.169691][ T5855] usb 4-1: 0:2 : does not exist
[  447.261270][ T9107] random: crng reseeded on system resumption
[  447.306554][ T5855] usb 4-1: USB disconnect, device number 13
[  448.212853][ T8648] udevd[8648]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  450.364748][ T9137] overlayfs: failed to resolve './file1': -2
[  453.154634][ T5848] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  453.232873][ T5828] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  453.713560][ T5828] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  453.799089][ T5848] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  453.820666][ T5848] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  453.839375][ T5848] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  453.851454][ T5848] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  453.862891][ T5848] usb 3-1: SerialNumber: syz
[  454.127731][ T5828] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  454.138430][ T5828] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  454.147826][ T5828] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.163768][ T9154] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  454.193524][ T5828] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  454.403651][ T5848] usb 3-1: 0:2 : does not exist
[  454.484439][ T5855] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  454.755434][ T5848] usb 3-1: USB disconnect, device number 15
[  454.932884][ T5855] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  454.976355][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.007593][ T8648] udevd[8648]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  455.027868][ T5855] usb 4-1: Product: syz
[  455.032080][ T5855] usb 4-1: Manufacturer: syz
[  455.052244][ T5855] usb 4-1: SerialNumber: syz
[  455.103246][ T5828] usb 5-1: USB disconnect, device number 5
[  455.115543][ T5855] usb 4-1: config 0 descriptor??
[  455.147335][ T5855] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  455.977087][ T5855] gspca_sunplus: reg_r err -110
[  456.808691][ T9191] netlink: 36 bytes leftover after parsing attributes in process `syz.2.937'.
[  457.078339][ T9179] block nbd3: shutting down sockets
[  457.125097][ T5855] usb 4-1: USB disconnect, device number 14
[  457.290816][ T9197] "syz.2.939" (9197) uses obsolete ecb(arc4) skcipher
[  457.416129][ T9197] CIFS: Unable to determine destination address
[  457.682429][ T5855] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  457.939351][ T5855] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  457.950301][ T5855] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  457.962909][ T5855] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  457.981973][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  458.010284][ T5855] usb 4-1: SerialNumber: syz
[  458.607523][ T5855] usb 4-1: 0:2 : does not exist
[  458.744764][ T5855] usb 4-1: USB disconnect, device number 15
[  458.799066][ T9168] udevd[9168]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  459.068463][ T9216] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  459.082742][ T9216] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  459.911423][ T9218] netlink: 36 bytes leftover after parsing attributes in process `syz.4.948'.
[  460.091054][ T9226] "syz.4.951" (9226) uses obsolete ecb(arc4) skcipher
[  461.093628][ T9230] CIFS: Unable to determine destination address
[  462.504637][ T9242] netlink: 'syz.3.956': attribute type 10 has an invalid length.
[  462.585967][ T9242] bridge0: port 3(team0) entered blocking state
[  462.606781][ T9242] bridge0: port 3(team0) entered disabled state
[  462.651091][ T9242] team0: entered allmulticast mode
[  462.661220][ T9242] team_slave_0: entered allmulticast mode
[  462.692627][ T9242] team_slave_1: entered allmulticast mode
[  462.718159][ T9242] team0: entered promiscuous mode
[  462.726690][ T9242] team_slave_0: entered promiscuous mode
[  462.737006][ T9242] team_slave_1: entered promiscuous mode
[  463.407781][ T9242] bridge0: port 3(team0) entered blocking state
[  463.414228][ T9242] bridge0: port 3(team0) entered forwarding state
[  463.438913][ T9251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.955'.
[  463.464291][ T5848] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  463.717143][ T5848] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  463.757729][ T5848] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  463.798286][ T5848] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  463.828971][ T5848] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  463.852892][ T5848] usb 3-1: SerialNumber: syz
[  464.800869][ T5848] usb 3-1: 0:2 : does not exist
[  465.423821][ T5848] usb 3-1: USB disconnect, device number 16
[  465.519998][ T9168] udevd[9168]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  468.667522][ T5848] IPVS: starting estimator thread 0...
[  468.729193][ T9291] netlink: 28 bytes leftover after parsing attributes in process `syz.2.968'.
[  468.740132][ T9291] netlink: 28 bytes leftover after parsing attributes in process `syz.2.968'.
[  468.802771][ T9289] IPVS: using max 34 ests per chain, 81600 per kthread
[  472.066650][ T9314] overlayfs: failed to resolve './file1': -2
[  474.075854][ T9315] overlayfs: failed to resolve './file0': -2
[  474.099861][   T23] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  474.527342][ T9324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.981'.
[  474.537402][ T9324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.981'.
[  474.956127][ T9329] random: crng reseeded on system resumption
[  475.414811][ T9331] syz.3.979 (9331) used greatest stack depth: 17960 bytes left
[  476.048774][ T9338] fuse: Bad value for 'fd'
[  478.903351][ T9356] overlayfs: failed to resolve './file0': -2
[  480.105769][ T9359] overlayfs: failed to resolve './file1': -2
[  482.585055][ T9366] netlink: 28 bytes leftover after parsing attributes in process `syz.4.993'.
[  482.594107][ T9366] netlink: 28 bytes leftover after parsing attributes in process `syz.4.993'.
[  483.827791][ T9393] "syz.2.1000" (9393) uses obsolete ecb(arc4) skcipher
[  484.674945][ T9397] CIFS: Unable to determine destination address
[  485.610943][ T9405] overlayfs: failed to resolve './file1': -2
[  487.438207][ T9420] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1005'.
[  487.447755][ T9420] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1005'.
[  489.843383][ T9441] 9pnet_fd: Insufficient options for proto=fd
[  490.789055][ T9457] (null): rxe_set_mtu: Set mtu to 1024
[  491.081369][ T9457] infiniband syz0: set down
[  491.118462][ T9457] infiniband syz0: added ipvlan1
[  492.120517][ T9457] RDS/IB: syz0: added
[  492.131699][ T9457] smc: adding ib device syz0 with port count 1
[  492.160701][ T9457] smc:    ib device syz0 port 1 has pnetid 
[  493.943010][ T9481] 9pnet_fd: Insufficient options for proto=fd
[  495.811939][ T5848] libceph: connect (1)[c::]:6789 error -101
[  495.848500][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  495.959943][ T9498] ceph: No mds server is up or the cluster is laggy
[  497.460789][ T9514] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1033'.
[  497.482586][ T9514] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1033'.
[  498.788643][ T9530] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.874928][ T9530] bond0: (slave rose0): Enslaving as an active interface with an up link
[  499.583157][   T23] libceph: connect (1)[c::]:6789 error -101
[  499.792233][ T9543] ceph: No mds server is up or the cluster is laggy
[  499.820084][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  500.775029][ T9559] loop4: detected capacity change from 0 to 512
[  500.920145][ T9559] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1043: casefold flag without casefold feature
[  501.021066][ T9559] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1043: couldn't read orphan inode 15 (err -117)
[  501.318211][ T9559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.678357][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.722438][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  502.002634][ T9559] loop4: detected capacity change from 512 to 0
[  502.775379][ T6909] syz-executor: attempt to access beyond end of device
[  502.775379][ T6909] loop4: rw=14337, sector=72, nr_sectors = 2 limit=0
[  502.838508][ T6909] Buffer I/O error on dev loop4, logical block 36, lost sync page write
[  502.867554][ T6909] EXT4-fs error (device loop4): ext4_handle_dirty_dirblock:440: inode #2: block 36: comm syz-executor: IO error syncing itable block
[  502.903125][ T6909] syz-executor: attempt to access beyond end of device
[  502.903125][ T6909] loop4: rw=14337, sector=2, nr_sectors = 2 limit=0
[  502.937138][ T6909] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  502.961206][ T6909] EXT4-fs (loop4): I/O error while writing superblock
[  502.972617][ T6909] EXT4-fs error (device loop4) in ext4_delete_entry:2800: IO failure
[  502.985920][ T6909] syz-executor: attempt to access beyond end of device
[  502.985920][ T6909] loop4: rw=14337, sector=2, nr_sectors = 2 limit=0
[  503.001089][ T6909] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  503.016408][ T6909] EXT4-fs (loop4): I/O error while writing superblock
[  503.292029][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.292029][   T42] loop4: rw=524288, sector=12, nr_sectors = 2 limit=0
[  503.342882][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.342882][   T42] loop4: rw=524288, sector=14, nr_sectors = 2 limit=0
[  503.392512][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.392512][   T42] loop4: rw=524288, sector=16, nr_sectors = 2 limit=0
[  503.426439][ T3483] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.427465][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.427465][   T42] loop4: rw=524288, sector=18, nr_sectors = 2 limit=0
[  503.498070][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.498070][   T42] loop4: rw=524288, sector=20, nr_sectors = 2 limit=0
[  503.538229][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.538229][   T42] loop4: rw=524288, sector=22, nr_sectors = 2 limit=0
[  503.570299][   T42] kworker/u4:2: attempt to access beyond end of device
[  503.570299][   T42] loop4: rw=524288, sector=24, nr_sectors = 2 limit=0
[  503.612004][   T42] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4606: inode #2: block 5: comm kworker/u4:2: unable to read itable block
[  503.615766][ T3483] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.631375][   T42] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  503.652130][   T42] EXT4-fs (loop4): I/O error while writing superblock
[  503.711419][ T6909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.785280][ T6909] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  503.805623][ T9582] loop3: detected capacity change from 0 to 32768
[  503.823291][ T6909] EXT4-fs (loop4): I/O error while writing superblock
[  503.865931][ T3483] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  504.009887][ T3483] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  504.028239][ T9582] find_entry called with index >= next_index
[  504.045187][ T9582] find_entry called with index >= next_index
[  504.066590][ T9582] find_entry called with index >= next_index
[  504.117146][ T9582] =======================================================
[  504.117146][ T9582] WARNING: The mand mount option has been deprecated and
[  504.117146][ T9582]          and is ignored by this kernel. Remove the mand
[  504.117146][ T9582]          option from the mount to silence this warning.
[  504.117146][ T9582] =======================================================
[  505.192448][ T9629] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1057'.
[  505.209624][ T9629] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1057'.
[  505.871835][ T9640] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  505.882777][ T9640] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  505.911820][ T9640] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  505.925151][ T9640] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  505.925405][ T9634] 9pnet_fd: Insufficient options for proto=fd
[  505.957196][ T9640] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  505.966736][ T9640] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  507.385172][ T9651] loop3: detected capacity change from 0 to 32768
[  507.399414][ T9651] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1062 (9651)
[  507.472654][ T9651] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  507.512051][ T9651] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  507.570876][ T9651] BTRFS info (device loop3): enabling ssd optimizations
[  507.613611][ T9651] BTRFS info (device loop3): using spread ssd allocation scheme
[  507.641763][ T9651] BTRFS info (device loop3): using free space tree
[  508.051624][ T3483] hsr_slave_0: left promiscuous mode
[  508.072807][   T50] Bluetooth: hci3: command tx timeout
[  508.109997][ T9651] BTRFS info (device loop3): auto enabling async discard
[  508.144637][ T3483] hsr_slave_1: left promiscuous mode
[  508.178570][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  508.209968][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  508.237402][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  508.264317][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  508.295295][ T3483] bridge_slave_1: left allmulticast mode
[  508.300983][ T3483] bridge_slave_1: left promiscuous mode
[  508.343927][ T3483] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.427099][ T3483] bridge_slave_0: left allmulticast mode
[  508.446437][ T3483] bridge_slave_0: left promiscuous mode
[  508.466917][ T3483] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.658943][ T3483] veth1_macvtap: left promiscuous mode
[  508.665484][ T3483] veth0_macvtap: left promiscuous mode
[  508.671131][ T3483] veth1_vlan: left promiscuous mode
[  508.692907][ T3483] veth0_vlan: left promiscuous mode
[  509.088581][ T3544] smc: removing ib device syz0
[  509.748020][ T3483] team0 (unregistering): Port device team_slave_1 removed
[  509.861638][ T3483] team0 (unregistering): Port device team_slave_0 removed
[  509.968400][ T3483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.029410][ T3483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.156008][   T50] Bluetooth: hci3: command tx timeout
[  510.574328][ T3483] bond0 (unregistering): Released all slaves
[  510.695776][ T9637] chnl_net:caif_netlink_parms(): no params data found
[  510.841897][ T5791] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  511.099420][ T9637] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.265365][ T9637] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.481518][ T9637] bridge_slave_0: entered allmulticast mode
[  511.514698][ T9637] bridge_slave_0: entered promiscuous mode
[  511.529316][ T9637] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.539014][ T9637] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.550656][ T9637] bridge_slave_1: entered allmulticast mode
[  511.558614][ T9637] bridge_slave_1: entered promiscuous mode
[  511.776847][ T9637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  511.833383][ T9715] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1068'.
[  511.932098][ T9637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  512.197109][ T9637] team0: Port device team_slave_0 added
[  512.219070][ T9637] team0: Port device team_slave_1 added
[  512.232424][   T50] Bluetooth: hci3: command tx timeout
[  512.360821][ T3483] IPVS: stop unused estimator thread 0...
[  512.370520][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  512.431603][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.499299][ T9637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  512.524617][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  513.227953][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  513.502420][ T9637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  514.154530][ T9637] hsr_slave_0: entered promiscuous mode
[  514.247318][ T9637] hsr_slave_1: entered promiscuous mode
[  514.283266][ T9637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  514.301819][ T9637] Cannot create hsr debugfs directory
[  514.323998][   T50] Bluetooth: hci3: command tx timeout
[  514.772503][ T9754] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1077'.
[  516.940440][ T9782] "syz.0.1084" (9782) uses obsolete ecb(arc4) skcipher
[  516.952355][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  516.952368][   T27] audit: type=1804 audit(1751631102.552:25): pid=9785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1083" name="/newroot/275/file1" dev="fuse" ino=1 res=1 errno=0
[  516.971510][ T9637] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  517.168851][ T9787] CIFS: Unable to determine destination address
[  517.175752][ T9637] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  517.268596][ T9637] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  517.338592][ T9637] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  517.646719][   T27] audit: type=1800 audit(1751631103.262:26): pid=9785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1083" name="/" dev="fuse" ino=1 res=0 errno=0
[  517.881740][ T9774] loop3: detected capacity change from 0 to 32768
[  517.912669][ T9774] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1081 (9774)
[  518.599325][ T9637] 8021q: adding VLAN 0 to HW filter on device bond0
[  518.613656][ T9774] BTRFS error (device loop3): open_ctree failed: -4
[  518.765674][ T9637] 8021q: adding VLAN 0 to HW filter on device team0
[  518.805352][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.812647][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  518.869729][ T9612] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by udevd (9612)
[  518.884043][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.891156][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  520.490338][ T9637] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  520.587991][ T9637] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  520.790848][ T9825] loop0: detected capacity change from 0 to 2048
[  521.051524][ T9825] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  521.624029][ T9671] udevd[9671]: incorrect nilfs2 checksum on /dev/loop0
[  521.675317][ T9834] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  522.069376][ T9637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  522.083965][   T27] audit: type=1800 audit(1751631107.682:27): pid=9825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1091" name="bus" dev="loop0" ino=18 res=0 errno=0
[  522.229620][ T5786] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  522.252540][ T5786] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  522.296644][ T5786] Remounting filesystem read-only
[  522.301728][ T5786] NILFS (loop0): error -5 truncating bmap (ino=15)
[  522.347198][ T5786] NILFS (loop0): discard dirty page: offset=0, ino=6
[  522.354965][ T5786] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  522.362190][ T5786] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  522.370071][ T5786] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  522.378553][ T5786] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  522.480889][ T9637] veth0_vlan: entered promiscuous mode
[  522.508904][ T9637] veth1_vlan: entered promiscuous mode
[  522.628558][ T9637] veth0_macvtap: entered promiscuous mode
[  522.684042][ T9637] veth1_macvtap: entered promiscuous mode
[  522.704765][ T9836] loop2: detected capacity change from 0 to 32768
[  522.732518][ T9836] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1092 (9836)
[  522.771330][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.794906][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.806009][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.820084][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.823402][ T9836] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  522.859019][ T9836] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  522.867547][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.882513][ T9836] BTRFS info (device loop2): turning on sync discard
[  522.889869][ T9836] BTRFS info (device loop2): disabling tree log
[  522.893028][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.902343][ T9836] BTRFS info (device loop2): metadata ratio 5
[  522.923537][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  522.924307][ T9836] BTRFS info (device loop2): using free space tree
[  522.964427][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  523.006070][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.033670][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  523.061581][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.072852][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  523.083648][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.096082][ T9836] BTRFS info (device loop2): enabling ssd optimizations
[  523.097785][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  523.130959][ T9637] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  523.141501][ T9637] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  523.151531][ T9637] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  523.160616][ T9637] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  523.264206][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.278675][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.323804][ T2979] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.338140][ T2979] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.399958][  T787] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  523.572447][  T787] usb 4-1: device descriptor read/64, error -71
[  524.070330][  T787] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  524.242784][  T787] usb 4-1: device descriptor read/64, error -71
[  524.422787][  T787] usb usb4-port1: attempt power cycle
[  525.594955][ T5787] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  525.713083][  T787] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  525.797295][  T787] usb 4-1: device descriptor read/8, error -71
[  526.712096][  T787] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  526.992862][  T787] usb 4-1: device not accepting address 19, error -71
[  527.017548][  T787] usb usb4-port1: unable to enumerate USB device
[  527.778882][ T9908] loop3: detected capacity change from 0 to 512
[  527.812622][ T9908] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  527.847157][ T9908] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  528.407587][ T9908] EXT4-fs (loop3): 1 truncate cleaned up
[  528.485787][ T9908] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.280997][ T9923] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  531.578781][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.053117][ T9940] loop3: detected capacity change from 0 to 512
[  532.078617][ T9940] EXT4-fs: Ignoring removed oldalloc option
[  532.197610][ T9940] EXT4-fs (loop3): 1 truncate cleaned up
[  532.209493][ T9940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.381667][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.644898][ T9973] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1120'.
[  535.626201][ T9984] random: crng reseeded on system resumption
[  536.447688][ T9968] loop0: detected capacity change from 0 to 32768
[  537.711056][ T9968] read_mapping_page failed!
[  537.726048][ T9968] diRead: diIAGRead returned -5
[  539.913166][T10014] "syz.0.1134" (10014) uses obsolete ecb(arc4) skcipher
[  540.130286][T10016] loop3: detected capacity change from 0 to 2048
[  540.140812][T10019] CIFS: Unable to determine destination address
[  540.460416][T10020] random: crng reseeded on system resumption
[  540.532388][T10016] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  541.475979][ T9612] udevd[9612]: incorrect nilfs2 checksum on /dev/loop3
[  541.501448][T10025] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  541.599132][   T27] audit: type=1800 audit(1751631127.212:28): pid=10016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1136" name="bus" dev="loop3" ino=18 res=0 errno=0
[  541.801520][ T9612] udevd[9612]: failed to send result of seq 13332 to main daemon: Connection refused
[  541.836646][ T5791] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  541.861668][ T5791] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  541.884520][ T5791] Remounting filesystem read-only
[  541.902121][ T5791] NILFS (loop3): error -5 truncating bmap (ino=15)
[  541.949836][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  541.979965][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  542.020019][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  542.058854][T10035] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  542.068188][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  542.090181][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  542.824288][T10052] overlayfs: missing 'lowerdir'
[  543.996935][T10053] overlayfs: missing 'lowerdir'
[  544.621743][T10057] "syz.3.1148" (10057) uses obsolete ecb(arc4) skcipher
[  544.736557][T10060] CIFS: Unable to determine destination address
[  546.024136][T10067] ceph: No mds server is up or the cluster is laggy
[  546.074255][ T5848] libceph: connect (1)[c::]:6789 error -101
[  546.120948][ T5848] libceph: mon0 (1)[c::]:6789 connect error
[  546.570141][T10076] loop2: detected capacity change from 0 to 2048
[  546.658745][T10076] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  546.919044][T10086] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  547.493192][T10088] loop0: detected capacity change from 0 to 32768
[  547.501419][T10088] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1155 (10088)
[  547.522127][T10088] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  547.538527][T10088] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  547.547497][T10088] BTRFS info (device loop0): turning on sync discard
[  547.560023][T10088] BTRFS info (device loop0): disabling tree log
[  547.567817][T10088] BTRFS info (device loop0): metadata ratio 5
[  547.579765][T10088] BTRFS info (device loop0): using free space tree
[  547.620977][T10088] BTRFS info (device loop0): enabling ssd optimizations
[  547.692057][   T27] audit: type=1800 audit(1751631133.302:29): pid=10088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1155" name="bus" dev="loop0" ino=263 res=0 errno=0
[  547.909530][ T5786] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  548.208604][T10118] "syz.5.1161" (10118) uses obsolete ecb(arc4) skcipher
[  549.469272][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[  549.608955][T10123] overlayfs: missing 'lowerdir'
[  553.620340][T10141] loop0: detected capacity change from 0 to 2048
[  553.663134][T10141] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  553.771046][T10146] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  553.842641][   T27] audit: type=1800 audit(1751631139.422:30): pid=10141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1166" name="bus" dev="loop0" ino=18 res=0 errno=0
[  553.874508][T10149] loop3: detected capacity change from 0 to 2048
[  553.901720][T10149] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  553.946534][T10152] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  554.740519][ T5791] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  554.770441][ T5791] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  554.785029][ T5791] Remounting filesystem read-only
[  554.790105][ T5791] NILFS (loop3): error -5 truncating bmap (ino=15)
[  554.821825][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  554.829020][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  554.840093][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  554.852495][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  554.859833][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  554.869281][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=3
[  554.876473][ T5791] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  554.883861][ T5791] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  554.891424][ T5791] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  554.898796][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  554.908193][ T5791] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  554.915425][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  554.932773][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  554.948882][ T5791] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  554.960929][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  555.154181][T10169] overlayfs: missing 'lowerdir'
[  555.980184][    T8] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  557.291304][    T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  557.446917][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  557.464602][    T8] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  557.481507][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  557.489588][    T8] usb 4-1: SerialNumber: syz
[  557.778460][    T8] usb 4-1: 0:2 : does not exist
[  557.794847][    T8] usb 4-1: USB disconnect, device number 20
[  557.861184][T10189] loop5: detected capacity change from 0 to 2048
[  557.876296][T10189] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  557.912511][T10192] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  558.025775][ T9637] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  558.044219][ T9637] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  558.058001][ T9637] Remounting filesystem read-only
[  558.067991][ T9637] NILFS (loop5): error -5 truncating bmap (ino=15)
[  558.081682][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  558.088747][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  558.096026][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  558.105906][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  558.114449][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  558.124770][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=3
[  558.131839][ T9637] NILFS (loop5): discard dirty block: blocknr=42, size=1024
[  558.147392][ T9637] NILFS (loop5): discard dirty block: blocknr=43, size=1024
[  558.155240][ T9637] NILFS (loop5): discard dirty block: blocknr=44, size=1024
[  558.162640][ T9637] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  558.171519][ T9637] NILFS (loop5): discard dirty page: offset=196608, ino=3
[  558.179986][ T9637] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  558.188937][ T9637] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  558.198039][ T9637] NILFS (loop5): discard dirty block: blocknr=49, size=1024
[  558.205517][ T9637] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  558.258007][T10196] ksmbd: Unknown IPC event: 6, ignore.
[  561.001465][T10223] loop5: detected capacity change from 0 to 2048
[  561.018350][T10223] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  561.070713][T10225] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  561.111209][   T27] audit: type=1800 audit(1751631146.722:31): pid=10223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1193" name="bus" dev="loop5" ino=18 res=0 errno=0
[  561.140554][T10223] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  561.150621][T10223] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  561.174297][T10223] Remounting filesystem read-only
[  561.179443][T10223] NILFS (loop5): error -5 truncating bmap (ino=15)
[  561.263347][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  561.270073][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  561.283647][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  561.299192][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  561.317895][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  561.551843][T10235] loop5: detected capacity change from 0 to 4096
[  562.860417][T10163] Set syz1 is full, maxelem 65536 reached
[  563.117170][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  563.123796][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  563.934122][T10256] loop3: detected capacity change from 0 to 2048
[  563.942216][T10256] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  563.970180][T10260] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  564.002198][   T27] audit: type=1800 audit(1751631149.612:32): pid=10256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1205" name="bus" dev="loop3" ino=18 res=0 errno=0
[  564.008750][T10256] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  564.033664][T10256] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  564.043925][T10256] Remounting filesystem read-only
[  564.048981][T10256] NILFS (loop3): error -5 truncating bmap (ino=15)
[  564.089210][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  564.096130][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  564.108251][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  564.118258][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  564.128931][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  564.172390][ T5855] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  564.678114][T10269] loop3: detected capacity change from 0 to 128
[  565.082122][T10269] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  565.092085][   T27] audit: type=1800 audit(1751631150.692:33): pid=10269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1209" name="file2" dev="loop3" ino=1048598 res=0 errno=0
[  565.124702][T10269] FAT-fs (loop3): Filesystem has been set read-only
[  565.131513][T10272] loop5: detected capacity change from 0 to 2048
[  565.139628][T10269] bio_check_eod: 4 callbacks suppressed
[  565.139641][T10269] syz.3.1209: attempt to access beyond end of device
[  565.139641][T10269] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  565.160752][T10269] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  565.168755][T10269] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  565.182501][ T5855] usb 3-1: Using ep0 maxpacket: 8
[  565.188614][T10272] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  565.198393][ T5855] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  565.208288][T10275] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  565.212351][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.229175][ T5855] usb 3-1: Product: syz
[  565.233673][ T5855] usb 3-1: Manufacturer: syz
[  565.238444][ T5855] usb 3-1: SerialNumber: syz
[  565.263584][   T27] audit: type=1800 audit(1751631150.872:34): pid=10272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1212" name="bus" dev="loop5" ino=18 res=0 errno=0
[  565.270406][ T5855] usb 3-1: config 0 descriptor??
[  565.303122][T10272] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  565.311757][T10272] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  565.324945][ T5855] gspca_main: sq930x-2.14.0 probing 2770:930c
[  565.326943][T10272] Remounting filesystem read-only
[  565.338418][T10272] NILFS (loop5): error -5 truncating bmap (ino=15)
[  565.400341][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  565.416425][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  565.437366][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  565.461868][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  565.512210][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  566.478317][T10288] loop5: detected capacity change from 0 to 2048
[  566.499466][T10288] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  566.543606][ T5855] gspca_sq930x: reg_w 0305 fd00 failed -71
[  566.562076][T10291] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  566.590871][T10277] loop0: detected capacity change from 0 to 32768
[  566.628074][T10277] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  566.635195][   T27] audit: type=1800 audit(1751631152.242:35): pid=10288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1217" name="bus" dev="loop5" ino=18 res=0 errno=0
[  566.649888][T10277] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  566.662995][T10288] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  566.667856][T10277] BTRFS info (device loop0): enabling disk space caching
[  566.680864][T10288] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  566.693391][T10288] Remounting filesystem read-only
[  566.694604][T10277] BTRFS info (device loop0): doing ref verification
[  566.700445][T10288] NILFS (loop5): error -5 truncating bmap (ino=15)
[  566.716079][T10277] BTRFS info (device loop0): use zlib compression, level 3
[  566.725268][T10277] BTRFS info (device loop0): force clearing of disk cache
[  566.732726][T10277] BTRFS info (device loop0): setting nodatacow, compression disabled
[  566.740841][T10277] BTRFS info (device loop0): doing ref verification
[  566.747657][T10277] BTRFS info (device loop0): disk space caching is enabled
[  566.782176][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  566.791315][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  566.798657][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  566.809664][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  566.816667][T10277] BTRFS info (device loop0): enabling ssd optimizations
[  566.818946][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  566.859855][T10277] BTRFS info (device loop0): auto enabling async discard
[  566.891852][T10277] BTRFS info (device loop0): rebuilding free space tree
[  566.894330][T10310] loop5: detected capacity change from 0 to 2048
[  566.914979][T10310] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  566.953080][T10311] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  566.972843][T10277] BTRFS info (device loop0): disabling free space tree
[  566.982403][T10277] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  566.994168][   T27] audit: type=1800 audit(1751631152.602:36): pid=10310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1219" name="bus" dev="loop5" ino=18 res=0 errno=0
[  567.026323][T10277] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  567.055040][ T9637] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  567.075697][ T9637] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  567.131841][ T9637] Remounting filesystem read-only
[  567.156221][ T9637] NILFS (loop5): error -5 truncating bmap (ino=15)
[  567.189633][   T27] audit: type=1800 audit(1751631152.802:37): pid=10277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1213" name="bus" dev="loop0" ino=263 res=0 errno=0
[  567.231199][T10277] BTRFS error (device loop0): balance: mixed groups data and metadata options must be the same
[  567.244896][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  567.353512][   T27] audit: type=1800 audit(1751631152.832:38): pid=10277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1213" name="bus" dev="loop0" ino=263 res=0 errno=0
[  567.402002][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  567.443033][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  567.453728][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  567.470237][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  567.502435][ T5855] gspca_sq930x: Unknown sensor
[  567.507393][ T5855] sq930x: probe of 3-1:0.0 failed with error -22
[  567.517712][ T5855] usb 3-1: USB disconnect, device number 18
[  568.279486][T10329] overlayfs: missing 'lowerdir'
[  569.045244][ T5786] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  569.316157][T10333] "syz.2.1227" (10333) uses obsolete ecb(arc4) skcipher
[  570.191598][T10338] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  572.131187][T10345] loop5: detected capacity change from 0 to 2048
[  572.169718][T10345] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  572.446079][T10350] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  572.514128][   T27] audit: type=1800 audit(1751631158.132:39): pid=10345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1232" name="bus" dev="loop5" ino=18 res=0 errno=0
[  572.543763][T10345] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  572.572477][T10345] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  572.585686][T10345] Remounting filesystem read-only
[  572.593420][T10345] NILFS (loop5): error -5 truncating bmap (ino=15)
[  572.708024][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  572.725871][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  572.738533][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  572.746150][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  572.762200][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  572.922969][T10364] overlayfs: missing 'lowerdir'
[  573.835438][T10368] loop2: detected capacity change from 0 to 2048
[  573.856032][T10368] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  573.916765][T10373] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  573.979589][   T27] audit: type=1800 audit(1751631159.592:40): pid=10368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1239" name="bus" dev="loop2" ino=18 res=0 errno=0
[  575.403905][T10391] loop3: detected capacity change from 0 to 2048
[  575.435162][T10391] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  575.637314][T10397] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  575.663342][   T27] audit: type=1800 audit(1751631161.272:41): pid=10391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1247" name="bus" dev="loop3" ino=18 res=0 errno=0
[  575.696452][T10391] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  575.705191][T10391] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  575.717818][T10391] Remounting filesystem read-only
[  575.724067][T10391] NILFS (loop3): error -5 truncating bmap (ino=15)
[  575.775688][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  575.782643][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  575.790037][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  575.797387][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  575.804746][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  577.444020][T10423] "syz.3.1258" (10423) uses obsolete ecb(arc4) skcipher
[  577.550439][T10425] CIFS: Unable to determine destination address
[  583.513884][T10514] "syz.2.1289" (10514) uses obsolete ecb(arc4) skcipher
[  584.019519][T10515] CIFS: Unable to determine destination address
[  585.319275][T10545] "syz.2.1300" (10545) uses obsolete ecb(arc4) skcipher
[  585.442613][T10546] CIFS: Unable to determine destination address
[  586.134666][T10555] loop3: detected capacity change from 0 to 2048
[  586.149059][T10555] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  586.201982][T10557] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  586.266975][ T5791] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  586.277162][ T5791] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  586.290073][ T5791] Remounting filesystem read-only
[  586.295652][ T5791] NILFS (loop3): error -5 truncating bmap (ino=15)
[  586.314799][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  586.321817][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  586.330528][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  586.338234][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  586.347093][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  586.367852][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=3
[  586.382965][ T5791] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  586.392071][ T5791] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  586.400388][ T5791] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  586.410545][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  586.436142][ T5791] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  586.446440][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  586.463052][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  586.472529][ T5791] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  586.480741][ T5791] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  588.471587][T10582] "syz.0.1312" (10582) uses obsolete ecb(arc4) skcipher
[  588.659647][T10584] CIFS: Unable to determine destination address
[  589.438817][T10595] overlayfs: missing 'workdir'
[  591.506104][T10618] "syz.2.1323" (10618) uses obsolete ecb(arc4) skcipher
[  591.599255][T10620] CIFS: Unable to determine destination address
[  591.902584][ T8293] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  591.931534][    C1] raw-gadget.0 gadget.5: ignoring, device is not running
[  592.122454][ T8293] usb 6-1: device descriptor read/64, error -32
[  592.392523][ T8293] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  592.605136][ T8293] usb 6-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  592.635531][ T8293] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.658733][ T8293] usb 6-1: Product: syz
[  592.678933][ T8293] usb 6-1: Manufacturer: syz
[  592.684971][ T8293] usb 6-1: SerialNumber: syz
[  592.711849][ T8293] usb 6-1: config 0 descriptor??
[  592.726649][ T8293] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  592.861752][T10627] fuse: Bad value for 'fd'
[  594.152465][ T8293] gspca_sunplus: reg_r err -110
[  595.181255][T10635] block nbd5: shutting down sockets
[  595.271756][    T8] usb 6-1: USB disconnect, device number 3
[  595.396559][T10648] "syz.5.1333" (10648) uses obsolete ecb(arc4) skcipher
[  595.735943][T10652] overlayfs: missing 'workdir'
[  596.283104][T10656] CIFS: Unable to determine destination address
[  600.976007][T10696] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  600.985113][T10696] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  601.566337][T10695] 9pnet_fd: Insufficient options for proto=fd
[  602.715504][T10706] loop0: detected capacity change from 0 to 2048
[  602.726073][T10706] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  602.768705][T10708] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  602.829864][   T27] audit: type=1800 audit(1751631188.442:42): pid=10706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1351" name="bus" dev="loop0" ino=18 res=0 errno=0
[  602.916052][T10714] loop5: detected capacity change from 0 to 2048
[  602.941836][T10714] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  602.971206][T10715] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  603.026484][   T27] audit: type=1800 audit(1751631188.632:43): pid=10714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1354" name="bus" dev="loop5" ino=18 res=0 errno=0
[  603.061950][T10714] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  603.071298][T10714] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  603.093172][T10714] Remounting filesystem read-only
[  603.122507][T10714] NILFS (loop5): error -5 truncating bmap (ino=15)
[  603.174666][T10719] overlayfs: missing 'lowerdir'
[  603.793364][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  603.836213][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  603.876201][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  603.904053][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  603.915426][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  604.352436][T10724] 9pnet_fd: Insufficient options for proto=fd
[  605.410208][ T5848] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  605.923714][ T5848] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  606.009444][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.118670][ T5848] usb 3-1: Product: syz
[  606.178560][ T5848] usb 3-1: Manufacturer: syz
[  606.225257][ T5848] usb 3-1: SerialNumber: syz
[  606.398177][T10749] loop5: detected capacity change from 0 to 2048
[  606.415839][T10749] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  606.429933][ T5848] usb 3-1: config 0 descriptor??
[  606.439668][ T5848] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  606.471853][T10750] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  606.510373][   T27] audit: type=1800 audit(1751631192.122:44): pid=10749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1364" name="bus" dev="loop5" ino=18 res=0 errno=0
[  606.953153][ T5848] gspca_sunplus: reg_r err -110
[  607.578803][T10759] loop5: detected capacity change from 0 to 2048
[  607.598109][T10759] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  607.627387][T10760] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  607.640498][T10729] block nbd2: shutting down sockets
[  607.670308][    T8] usb 3-1: USB disconnect, device number 19
[  607.715066][   T27] audit: type=1800 audit(1751631193.332:45): pid=10759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1366" name="bus" dev="loop5" ino=18 res=0 errno=0
[  607.748799][T10759] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  607.769894][T10759] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  607.796255][T10759] Remounting filesystem read-only
[  607.809980][T10759] NILFS (loop5): error -5 truncating bmap (ino=15)
[  607.972722][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  607.990028][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  608.008926][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  608.016559][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  608.026338][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  610.334458][T10791] loop5: detected capacity change from 0 to 2048
[  610.385596][T10791] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  610.911130][T10798] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  611.280950][   T27] audit: type=1800 audit(1751631196.892:46): pid=10791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1374" name="bus" dev="loop5" ino=18 res=0 errno=0
[  611.285520][T10791] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  611.340544][T10791] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  611.399543][T10791] Remounting filesystem read-only
[  611.419976][T10791] NILFS (loop5): error -5 truncating bmap (ino=15)
[  611.508324][T10802] loop0: detected capacity change from 0 to 2048
[  611.518233][ T9637] NILFS (loop5): discard dirty page: offset=0, ino=6
[  611.527075][T10802] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  611.538364][ T9637] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  611.546995][ T9637] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  611.690925][T10806] CIFS: Unable to determine destination address
[  611.832764][ T9637] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  611.840491][ T9637] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  612.092492][T10807] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  612.152238][   T27] audit: type=1800 audit(1751631197.762:47): pid=10802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1377" name="bus" dev="loop0" ino=18 res=0 errno=0
[  612.156026][T10802] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  612.210619][T10802] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  612.332495][T10802] Remounting filesystem read-only
[  612.337577][T10802] NILFS (loop0): error -5 truncating bmap (ino=15)
[  612.458153][ T5786] NILFS (loop0): discard dirty page: offset=0, ino=6
[  612.475705][ T5786] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  612.483441][ T5786] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  612.491992][ T5786] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  612.499796][ T5786] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  616.290831][T10844] loop5: detected capacity change from 0 to 512
[  616.321010][T10844] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  616.376046][T10844] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  616.553964][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1389'.
[  616.962369][ T5860] libceph: connect (1)[c::]:6789 error -101
[  617.048151][ T5860] libceph: mon0 (1)[c::]:6789 connect error
[  617.373626][T10859] ceph: No mds server is up or the cluster is laggy
[  618.588874][ T9637] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  619.016809][T10842] loop0: detected capacity change from 0 to 40427
[  619.074442][T10842] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  619.119406][T10842] F2FS-fs (loop0): Image doesn't support compression
[  619.157725][T10842] F2FS-fs (loop0): heap/no_heap options were deprecated
[  619.214733][T10842] F2FS-fs (loop0): invalid crc value
[  619.277185][T10842] F2FS-fs (loop0): Found nat_bits in checkpoint
[  623.394914][T10906] ceph: No mds server is up or the cluster is laggy
[  623.448565][ T8293] libceph: connect (1)[c::]:6789 error -101
[  623.477993][ T8293] libceph: mon0 (1)[c::]:6789 connect error
[  624.557733][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.601436][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  625.440196][T10930] loop3: detected capacity change from 0 to 2048
[  625.524269][T10930] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  626.014779][T10934] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  626.283569][T10936] fuse: Bad value for 'fd'
[  626.298780][   T27] audit: type=1800 audit(1751631211.912:48): pid=10930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1409" name="bus" dev="loop3" ino=18 res=0 errno=0
[  626.326073][T10930] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  626.364538][T10930] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  626.400885][T10930] Remounting filesystem read-only
[  626.406937][T10930] NILFS (loop3): error -5 truncating bmap (ino=15)
[  626.459195][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  626.481900][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  626.599641][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  626.662772][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  626.670295][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  627.038379][T10947] CIFS: Unable to determine destination address
[  627.603343][  T787] libceph: connect (1)[c::]:6789 error -101
[  627.833347][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  627.912447][T10954] ceph: No mds server is up or the cluster is laggy
[  629.016969][T10961] loop3: detected capacity change from 0 to 2048
[  629.084518][T10961] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  630.091560][T10970] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  630.121535][   T27] audit: type=1800 audit(1751631215.732:49): pid=10961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1418" name="bus" dev="loop3" ino=18 res=0 errno=0
[  630.185504][T10974] fuse: Bad value for 'fd'
[  631.725494][T10987] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1425'.
[  631.786457][T10987] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1425'.
[  631.976814][T10993] CIFS: Unable to determine destination address
[  632.322451][ T9640] Bluetooth: hci3: command 0x0406 tx timeout
[  632.378706][T10995] loop0: detected capacity change from 0 to 2048
[  632.532687][T10995] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  632.585657][T10998] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  632.596972][T10999] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  632.628313][   T27] audit: type=1800 audit(1751631218.242:50): pid=10995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1428" name="bus" dev="loop0" ino=18 res=0 errno=0
[  632.666356][T10995] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  632.707918][T10995] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  632.836262][T10995] Remounting filesystem read-only
[  632.884283][T10995] NILFS (loop0): error -5 truncating bmap (ino=15)
[  633.664387][ T5786] NILFS (loop0): discard dirty page: offset=0, ino=6
[  633.692938][ T5786] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  633.746339][ T5786] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  633.818145][ T5786] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  633.890184][ T5786] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  634.459642][T11010] fuse: Bad value for 'fd'
[  634.510496][T11014] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1435'.
[  635.519384][T11016] loop5: detected capacity change from 0 to 2048
[  635.550509][T11016] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  635.793704][T11028] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  635.816826][   T27] audit: type=1800 audit(1751631221.432:51): pid=11016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1434" name="bus" dev="loop5" ino=18 res=0 errno=0
[  636.505305][T11032] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  636.724694][T11038] CIFS: Unable to determine destination address
[  637.735824][T11052] random: crng reseeded on system resumption
[  641.463544][    T9] libceph: connect (1)[c::]:6789 error -101
[  641.472390][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  641.898665][T11075] ceph: No mds server is up or the cluster is laggy
[  641.906132][    T9] libceph: connect (1)[c::]:6789 error -101
[  641.912176][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  642.100599][T11079] CIFS: Unable to determine destination address
[  642.433602][T11081] 9pnet_fd: Insufficient options for proto=fd
[  644.137459][T11092] loop2: detected capacity change from 0 to 2048
[  644.235400][T11092] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  644.265422][T11098] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  644.301112][   T27] audit: type=1800 audit(1751631229.912:52): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1455" name="bus" dev="loop2" ino=18 res=0 errno=0
[  644.435167][T11101] random: crng reseeded on system resumption
[  646.987616][ T5828] libceph: connect (1)[c::]:6789 error -101
[  647.145064][ T5828] libceph: mon0 (1)[c::]:6789 connect error
[  647.728697][T11121] ceph: No mds server is up or the cluster is laggy
[  647.795149][T11127] CIFS: Unable to determine destination address
[  648.322415][    T9] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  649.136226][    T9] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  649.166426][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  649.197897][    T9] usb 4-1: Product: syz
[  649.202116][    T9] usb 4-1: Manufacturer: syz
[  649.234754][    T9] usb 4-1: SerialNumber: syz
[  649.250419][    T9] usb 4-1: config 0 descriptor??
[  649.271338][    T9] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  649.794161][    T9] gspca_sunplus: reg_r err -110
[  651.434232][ T5828] usb 4-1: USB disconnect, device number 21
[  651.483635][T11156] loop3: detected capacity change from 0 to 2048
[  651.528516][T11156] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  651.567949][T11158] loop0: detected capacity change from 0 to 2048
[  651.574879][T11159] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  651.608580][   T27] audit: type=1800 audit(1751631237.222:53): pid=11156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1472" name="bus" dev="loop3" ino=18 res=0 errno=0
[  651.614947][T11158] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  651.629784][T11156] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  651.659808][T11156] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  651.670341][T11156] Remounting filesystem read-only
[  651.681477][T11156] NILFS (loop3): error -5 truncating bmap (ino=15)
[  651.693159][T11162] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  651.729687][ T5791] NILFS (loop3): discard dirty page: offset=0, ino=6
[  651.742645][   T27] audit: type=1800 audit(1751631237.352:54): pid=11158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1473" name="bus" dev="loop0" ino=18 res=0 errno=0
[  651.742747][T11161] 9pnet_fd: Insufficient options for proto=fd
[  651.774438][ T5791] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  651.781777][ T5791] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  651.790035][T11158] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  651.804601][ T5791] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  651.824533][T11158] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  651.834022][ T5791] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  651.853779][T11158] Remounting filesystem read-only
[  651.858880][T11158] NILFS (loop0): error -5 truncating bmap (ino=15)
[  652.172706][ T5786] NILFS (loop0): discard dirty page: offset=0, ino=6
[  652.223727][ T5786] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  653.342513][ T5786] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  653.410071][ T5786] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  653.569081][ T5786] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  653.633745][T11175] ceph: No mds server is up or the cluster is laggy
[  653.658322][ T5828] libceph: connect (1)[c::]:6789 error -101
[  653.686357][ T5828] libceph: mon0 (1)[c::]:6789 connect error
[  654.955204][T11195] ==================================================================
[  654.963309][T11195] BUG: KASAN: slab-use-after-free in rose_get_neigh+0x391/0x990
[  654.970973][T11195] Read of size 1 at addr ffff88802fec4830 by task syz.2.1483/11195
[  654.978874][T11195] 
[  654.981218][T11195] CPU: 1 PID: 11195 Comm: syz.2.1483 Not tainted 6.6.95-syzkaller #0
[  654.989302][T11195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  654.999393][T11195] Call Trace:
[  655.002672][T11195]  <TASK>
[  655.005615][T11195]  dump_stack_lvl+0x16c/0x230
[  655.010294][T11195]  ? __lock_acquire+0x7c80/0x7c80
[  655.015328][T11195]  ? show_regs_print_info+0x20/0x20
[  655.020530][T11195]  ? load_image+0x3b0/0x3b0
[  655.025036][T11195]  ? __virt_addr_valid+0x469/0x540
[  655.030158][T11195]  print_report+0xac/0x230
[  655.034581][T11195]  ? rose_get_neigh+0x391/0x990
[  655.039424][T11195]  kasan_report+0x117/0x150
[  655.043923][T11195]  ? rose_get_neigh+0x391/0x990
[  655.048765][T11195]  rose_get_neigh+0x391/0x990
[  655.053436][T11195]  rose_connect+0x417/0x10a0
[  655.058030][T11195]  ? aa_sk_perm+0x7fc/0x930
[  655.062525][T11195]  ? rose_bind+0x7c0/0x7c0
[  655.066930][T11195]  ? aa_af_perm+0x200/0x2b0
[  655.071442][T11195]  ? tomoyo_socket_connect_permission+0x164/0x290
[  655.077853][T11195]  ? __might_fault+0xaa/0x120
[  655.082522][T11195]  ? bpf_lsm_socket_connect+0x9/0x10
[  655.087804][T11195]  ? security_socket_connect+0x80/0xa0
[  655.093256][T11195]  ? rose_bind+0x7c0/0x7c0
[  655.097666][T11195]  __sys_connect+0x397/0x420
[  655.102251][T11195]  ? __sys_connect_file+0x180/0x180
[  655.107449][T11195]  __x64_sys_connect+0x7a/0x90
[  655.112816][T11195]  do_syscall_64+0x55/0xb0
[  655.117225][T11195]  ? clear_bhb_loop+0x40/0x90
[  655.121889][T11195]  ? clear_bhb_loop+0x40/0x90
[  655.126567][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  655.132450][T11195] RIP: 0033:0x7ffb5738e929
[  655.136866][T11195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.156478][T11195] RSP: 002b:00007ffb581f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  655.164917][T11195] RAX: ffffffffffffffda RBX: 00007ffb575b5fa0 RCX: 00007ffb5738e929
[  655.172884][T11195] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000008
[  655.180842][T11195] RBP: 00007ffb57410b39 R08: 0000000000000000 R09: 0000000000000000
[  655.188800][T11195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.196774][T11195] R13: 0000000000000000 R14: 00007ffb575b5fa0 R15: 00007ffd9ac6f598
[  655.204744][T11195]  </TASK>
[  655.207747][T11195] 
[  655.210066][T11195] Allocated by task 9948:
[  655.214387][T11195]  kasan_set_track+0x4e/0x70
[  655.218987][T11195]  __kasan_kmalloc+0x8f/0xa0
[  655.223595][T11195]  rose_add_node+0x23a/0xdd0
[  655.228189][T11195]  rose_rt_ioctl+0xa42/0xfb0
[  655.232785][T11195]  rose_ioctl+0x3cf/0x8b0
[  655.237140][T11195]  sock_do_ioctl+0xd7/0x2f0
[  655.241638][T11195]  sock_ioctl+0x623/0x7a0
[  655.245957][T11195]  __se_sys_ioctl+0xfd/0x170
[  655.250540][T11195]  do_syscall_64+0x55/0xb0
[  655.254959][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  655.260840][T11195] 
[  655.263154][T11195] Freed by task 11195:
[  655.267204][T11195]  kasan_set_track+0x4e/0x70
[  655.271785][T11195]  kasan_save_free_info+0x2e/0x50
[  655.276809][T11195]  ____kasan_slab_free+0x126/0x1e0
[  655.281912][T11195]  slab_free_freelist_hook+0x130/0x1b0
[  655.287359][T11195]  __kmem_cache_free+0xba/0x1f0
[  655.292198][T11195]  rose_rt_device_down+0x66d/0x6c0
[  655.297308][T11195]  rose_device_event+0x604/0x690
[  655.302232][T11195]  notifier_call_chain+0x197/0x390
[  655.307349][T11195]  __dev_notify_flags+0x18e/0x2e0
[  655.312363][T11195]  dev_change_flags+0xe8/0x1a0
[  655.317210][T11195]  dev_ifsioc+0x6a7/0xe20
[  655.321528][T11195]  dev_ioctl+0x7e2/0x1170
[  655.325843][T11195]  sock_do_ioctl+0x226/0x2f0
[  655.330419][T11195]  sock_ioctl+0x623/0x7a0
[  655.334730][T11195]  __se_sys_ioctl+0xfd/0x170
[  655.339320][T11195]  do_syscall_64+0x55/0xb0
[  655.343728][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  655.349608][T11195] 
[  655.351917][T11195] The buggy address belongs to the object at ffff88802fec4800
[  655.351917][T11195]  which belongs to the cache kmalloc-512 of size 512
[  655.365960][T11195] The buggy address is located 48 bytes inside of
[  655.365960][T11195]  freed 512-byte region [ffff88802fec4800, ffff88802fec4a00)
[  655.379655][T11195] 
[  655.381972][T11195] The buggy address belongs to the physical page:
[  655.388378][T11195] page:ffffea0000bfb100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2fec4
[  655.398522][T11195] head:ffffea0000bfb100 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  655.407442][T11195] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  655.415603][T11195] page_type: 0xffffffff()
[  655.419949][T11195] raw: 00fff00000000840 ffff888017841c80 ffffea00006dc800 dead000000000002
[  655.428608][T11195] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  655.437184][T11195] page dumped because: kasan: bad access detected
[  655.443682][T11195] page_owner tracks the page as allocated
[  655.449473][T11195] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9612, tgid 9612 (udevd), ts 515500304672, free_ts 515280486761
[  655.471956][T11195]  post_alloc_hook+0x1cd/0x210
[  655.476729][T11195]  get_page_from_freelist+0x195c/0x19f0
[  655.482538][T11195]  __alloc_pages+0x1e3/0x460
[  655.487122][T11195]  alloc_slab_page+0x5d/0x170
[  655.491786][T11195]  new_slab+0x87/0x2e0
[  655.495839][T11195]  ___slab_alloc+0xc6d/0x12f0
[  655.500512][T11195]  __kmem_cache_alloc_node+0x1a2/0x260
[  655.505974][T11195]  kmalloc_trace+0x2a/0xe0
[  655.510384][T11195]  kernfs_fop_open+0x3f5/0xcc0
[  655.515136][T11195]  do_dentry_open+0x8c6/0x1500
[  655.519978][T11195]  path_openat+0x274b/0x3190
[  655.524562][T11195]  do_filp_open+0x1c5/0x3d0
[  655.529056][T11195]  do_sys_openat2+0x12c/0x1c0
[  655.533723][T11195]  __x64_sys_openat+0x139/0x160
[  655.538564][T11195]  do_syscall_64+0x55/0xb0
[  655.542973][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  655.548855][T11195] page last free stack trace:
[  655.553769][T11195]  free_unref_page_prepare+0x7ce/0x8e0
[  655.559216][T11195]  free_unref_page+0x32/0x2e0
[  655.563882][T11195]  __stack_depot_save+0x572/0x630
[  655.568898][T11195]  kasan_set_track+0x5f/0x70
[  655.573477][T11195]  __kasan_kmalloc+0x8f/0xa0
[  655.578139][T11195]  __kmalloc_node+0xb4/0x230
[  655.582711][T11195]  memcg_alloc_slab_cgroups+0x87/0x130
[  655.588155][T11195]  new_slab+0xc3/0x2e0
[  655.592223][T11195]  ___slab_alloc+0xc6d/0x12f0
[  655.596886][T11195]  __kmem_cache_alloc_node+0x1a2/0x260
[  655.602339][T11195]  kmalloc_trace+0x2a/0xe0
[  655.606742][T11195]  ipv6_add_dev+0x594/0x11f0
[  655.611323][T11195]  addrconf_notify+0x67b/0x1010
[  655.616164][T11195]  notifier_call_chain+0x197/0x390
[  655.621259][T11195]  register_netdevice+0x160c/0x1ae0
[  655.626450][T11195]  macsec_newlink+0x65e/0xef0
[  655.631119][T11195] 
[  655.633435][T11195] Memory state around the buggy address:
[  655.639048][T11195]  ffff88802fec4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  655.647095][T11195]  ffff88802fec4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  655.655169][T11195] >ffff88802fec4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.663211][T11195]                                      ^
[  655.668824][T11195]  ffff88802fec4880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.676872][T11195]  ffff88802fec4900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.684913][T11195] ==================================================================
[  655.693058][T11195] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  655.700256][T11195] CPU: 1 PID: 11195 Comm: syz.2.1483 Not tainted 6.6.95-syzkaller #0
[  655.708332][T11195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  655.718400][T11195] Call Trace:
[  655.721683][T11195]  <TASK>
[  655.724617][T11195]  dump_stack_lvl+0x16c/0x230
[  655.729412][T11195]  ? show_regs_print_info+0x20/0x20
[  655.734637][T11195]  ? load_image+0x3b0/0x3b0
[  655.739165][T11195]  panic+0x2c0/0x710
[  655.743084][T11195]  ? bpf_jit_dump+0xd0/0xd0
[  655.747605][T11195]  ? _raw_spin_unlock_irqrestore+0xa9/0x110
[  655.753532][T11195]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  655.759448][T11195]  ? _raw_spin_unlock+0x40/0x40
[  655.764318][T11195]  ? print_memory_metadata+0x314/0x400
[  655.769803][T11195]  ? rose_get_neigh+0x391/0x990
[  655.774681][T11195]  check_panic_on_warn+0x84/0xa0
[  655.779653][T11195]  ? rose_get_neigh+0x391/0x990
[  655.784534][T11195]  end_report+0x6f/0x140
[  655.788796][T11195]  kasan_report+0x128/0x150
[  655.793325][T11195]  ? rose_get_neigh+0x391/0x990
[  655.798198][T11195]  rose_get_neigh+0x391/0x990
[  655.802900][T11195]  rose_connect+0x417/0x10a0
[  655.807513][T11195]  ? aa_sk_perm+0x7fc/0x930
[  655.812032][T11195]  ? rose_bind+0x7c0/0x7c0
[  655.816471][T11195]  ? aa_af_perm+0x200/0x2b0
[  655.820986][T11195]  ? tomoyo_socket_connect_permission+0x164/0x290
[  655.827400][T11195]  ? __might_fault+0xaa/0x120
[  655.832074][T11195]  ? bpf_lsm_socket_connect+0x9/0x10
[  655.837353][T11195]  ? security_socket_connect+0x80/0xa0
[  655.842819][T11195]  ? rose_bind+0x7c0/0x7c0
[  655.847244][T11195]  __sys_connect+0x397/0x420
[  655.851840][T11195]  ? __sys_connect_file+0x180/0x180
[  655.857040][T11195]  __x64_sys_connect+0x7a/0x90
[  655.861886][T11195]  do_syscall_64+0x55/0xb0
[  655.866296][T11195]  ? clear_bhb_loop+0x40/0x90
[  655.870963][T11195]  ? clear_bhb_loop+0x40/0x90
[  655.875631][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  655.881625][T11195] RIP: 0033:0x7ffb5738e929
[  655.886029][T11195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.905714][T11195] RSP: 002b:00007ffb581f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  655.914216][T11195] RAX: ffffffffffffffda RBX: 00007ffb575b5fa0 RCX: 00007ffb5738e929
[  655.922176][T11195] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000008
[  655.930139][T11195] RBP: 00007ffb57410b39 R08: 0000000000000000 R09: 0000000000000000
[  655.938193][T11195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.946151][T11195] R13: 0000000000000000 R14: 00007ffb575b5fa0 R15: 00007ffd9ac6f598
[  655.954556][T11195]  </TASK>
[  655.957800][T11195] Kernel Offset: disabled
[  655.962118][T11195] Rebooting in 86400 seconds..