last executing test programs:

22.750190878s ago: executing program 3 (id=384):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000020000210d0000aaa8fa017242ba9380d412000000000000002900000003000000", 0xeb0e7a7d4c6f0553)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {}, {0xd, 0xfff1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x18, 0x2, [@TCA_CGROUP_EMATCHES={0x14, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x3, 0x9, 0x80}}}]}]}]}}]}, 0x48}}, 0x1)
socket(0x10, 0x803, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305839, &(0x7f0000000080)={0x0, 0x2, 0xffe, 0x2})
ioctl$BLKRASET(r2, 0x1262, &(0x7f0000000400)=0x8)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=@ipv6_newroute={0x1c, 0x18, 0x1, 0x70bd2c, 0x0, {0xa, 0x0, 0x14, 0x0, 0xfe, 0x4, 0xff, 0x6}}, 0x1c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000010018120000", @ANYRES32, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x7, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x8000c}, 0x50)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)

21.303990307s ago: executing program 3 (id=389):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000004c0)=""/120, 0x0, 0x80a0000})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000700)=""/100, 0x0, 0xd000})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
sendfile(r4, r4, 0x0, 0x2)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_GET_VRING_ENDIAN(r3, 0x4028af11, &(0x7f00000001c0))
sendfile(r3, r2, 0x0, 0x100000000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f00000002c0)={[{@shortname_win95}, {@fat=@quiet}, {@rodir}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@sys_immutable}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@utf8}, {@shortname_win95}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@shortname_lower}]}, 0x7f, 0x2bd, &(0x7f0000000580)="$eJzs3U9rI2UYAPBnmkmaqpAcPInggB48le1+gi1SYTEnZQ56UXGzIE1YaDCwKsY9eRc8+Qm8+B08evDiN/DgUfDmIuIsyUz+dtrdLiFbyu936TPzvs/7b962EJg3n7w+PL33YHT/0dd/RLudxN6duBOPk+jGXsx9GwDATfK4KOLvohTRurRuOisvOtXV3m5GCABs2/r//6f699mqAQDX2QcffvTeca938n6WtSOG343zJCKGyTgvy4/vx+cxiH7cik78F1EslPErd3snkWbZ/MOA8UHkEcOPf6uuj/+KmOUfRSe65/Pfvds7OcpK8dZwMs6nPU9/NuOlJOK4SMqGbkcnXo0omlE1ssy/XZMfeSvefvPHavz/9+MwOvH7Z/EgBnFv1sQy/5ujLHun+OGfr8oZ5BHJZJzvz+otFY2dPRQAAAAAAAAAAAAAAAAAAAAAAG68w2yhu3p+zvyYv8PD+vLZ+UCNmvOBqhN+Jivn69zKsmx+jM84b0aZn8ZraaQvdPIAAAAAAAAAAAAAAAAAAABwTYwefnn66WDQP1sLfim++CmitmgZVG/0R3UnXSlKY2+16PJ2aoLTn5/a+3MG0ahGPUjOdTGf0DM3mF5cef8qAzuoa6dawpo1TAdRDv77qy/CG1ea4DQonmOd57trukkuqdyI0cN2/SZZ2ZkHVWNno9kDOrho064HRc3SNS7Mam1pj7Ve3u6mnc64uVjM9Trt6ZNcudPc8m/KhmQR/dra9l8hAAAAAAAAAAAAAAAAAAAg1t7/jz/PFT56IUMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ1bfv//Ioju5p3NYFIl9+vSN4L9s1FNt90dTxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAb7kkAAAD//5gAW2c=")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001d80)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@nodelalloc}, {@errors_remount}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nojournal_checksum}], [{@fowner_eq}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fsname={'fsname', 0x3d, '.'}}, {@subj_type={'subj_type', 0x3d, '/)/-:$//('}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}]}, 0xfd, 0x57a, &(0x7f0000002180)="$eJzs3d9rW1UcAPDvTZP96mY7GEN9kMIeHIyla+uPCcLmo+hwoO8ztFkZTZfRpGOtA7cH9+KLDEHEgfgH+O7j8B/wrxjoYMgo+iBi5aY3W9cmbdqlJi6fD6Q5J/cm55yc+705596kN4CBNZb+yUW8EhFfJREj65blI1s4trbeyuOb0+ktidXVj39P4tyG10qy++Es83JE/PxFxKnc5nJrS8tzpUqlvJDlx+vz18ZrS8unr8yXZsuz5auTU1Nn35yafOftt7rU0oMR8ee3H91//+yXJ1a++fHh0btJnI/D2dK0XV0o5Nb6zFjp7yxViPMbVpzoQmH9JOl1BdiVoSzOC5HuA0ZiKIt64MX3eUSsAgMqEf8woJrjgObcvkvz4P+NR++tTYA2tz+/dmwkDjTmRodWkmdmRul8d7QL5Y+tHZhI3Y2tj0Mc3CYPsCO3bkfEmXx+8/4vyfZ/u3emcfB4axvLGLTPH+il++n4J7kVsSn+c0/GP9Fi/DPcInZ3Y/v4zz3sQjFtpeO/d1uOf9Nd1z9pYnQoyx1pjPkKyeUrlfKZiHgpIk5GYX+a3+p8ztmVB6vtlqXt/+m3e3ebt7T89P7pGrmH+f3PPmemVC89b7ubHt2OeLXl+Dd50v9Ji/5P34+LHZZxvHzvtXbLtm//3lr9IeL1lv3/9IxWsvX5yfHG9jDe3Co2++PO8V/ald/r9qf9f2jr9o8m68/X1nZexvcH/iq3W7bb7X9f8kkjvS977EapXl+YiNiXfJgf3vj45NPnNvPN9dP2nzzROv43bv9H1tUhnXx92mH77xy703bVfuj/mR31/84TDz747Lt25XfW/280UiezRzrZ/3Vawed57wAAAAAAAKDf5CLicCS54pN0Llcsrn2/41gcylWqtfqpy9XFqzPR+K3saBRyzTPdI+u+DzGRfR+2mZ/ckJ+KiKMR8fXQwUa+OF2tzPS68QAAAAAAAAAAAAAAAAAAANAnhtv8/j/161CvawfsucaFPfb3uhZAL2x7yf9uXOkJ6Evbxj/wwtp5/DsyAC8Kn/8wuMQ/DC7xD4Or0/gvjOxxRYD/nM9/GFziHwAAAAAAAAAAAAAAAAAAAAAAAAAAALrq4oUL6W115fHN6TQ/c31pca56/fRMuTZXnF+cLk5XF64VZ6vV2Uq5OF2d3+71KtXqtYnJWLwxXi/X6uO1peVL89XFq/VLV+ZLs+VL5YJ/NgwAAAAAAAAAAAAAAAAAAACb1JaW50qVSnlBom3iXPRFNfaygWt29fR8v7RCoquJHu+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdfwMAAP//46Yu5A==")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000001e00010029bd70000400001002000000", @ANYRES32=0x0, @ANYBLOB="0000000008000d004000000100000100ffffffff"], 0x2c}}, 0x20008080)

21.136026533s ago: executing program 2 (id=390):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_usb_connect$cdc_ecm(0x5, 0x4d, &(0x7f00000011c0)=ANY=[], 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, 0x0)

19.835938879s ago: executing program 3 (id=392):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x40, 0x1)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
getpgrp(r1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000440)={[{@minixdf}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x46d, &(0x7f0000000540)="$eJzs28tvVNUfAPDvvdPyhvbHDx8gapUYGx8tLagsTIxGExf4SHSBy9oWJAzU0JoIIVKNwY2JIerauDTxL3DnxqgrE7e6NyRE2YCuau6de2E6nenDtjOU+XySmZ4z97TnfHvuuffce+4E0LUGsrckYkdE/BYRfbXs/AIDtR83rl0Y//vahfEk5ube+DPJy12/dmG8LFr+3vYiM5hGpB8nRSXzTZ87f2qsWp08W+SHZ06/Ozx97vyTJ0+PnZg8MXlm9MiRw4dGnnl69KlFWr952XFmcV3f98HU/r0vv3X5lfFjl9/+6dusvTuK7fVxrJWBLPC/5nJ1H3+evT2y1pV12M66dNLTwYawIpWIyLqrNx//fVGJW53XFy991NHGAesqOzctchadnQPuYEkss1gsryCwUZQn+uz6t3y1aepxW7j6fO0CKIv7RvGqbemJtCjT23B9u5YGIuLY7D9fZa9Yp/sQAAD1Ph3/8mg80Wz+l8bddeV2FWso/RHxv4jYHRH/j4g9EXFXRF72noi4t2VNmxo/2PLOq88tKLVw/pNeWU18S8nmf88Wa1vz53/l7K/SXylyO/P4e5PjJ6uTB4v/yWD0bs7yI4vU8f2Lv37Walv9/C97ZfWXc8GiHVd6Gm7QTYzNjOWT0jVw9cOIfT3N4k9urgRkl/57I2Lfyv70rjJx8rFv9rcqtHT8i1iDdaa5ryMerfX/bDTEX0oWX58c3hLVyYPD5V6x0M+/XHq9Vf2rin8NZP2/bf7+31ikP6lfr51eeR2Xfv+k5TXNf93/NyVv5v1SHlXeH5uZOTsSsSk5mufnfT5663fLfFk+i3/wQPPxv7uW2Jq93RcR2U58f0Q8EBEPFm1/KCIejogDi8T/4wutt90O/T/R9Ph3c/9v6P+VJyqnfviuVf3L6//DeWqw+CQ//i1huQ1czf8OAAAANoo0fwY+SYduptN0aKj2DP+e2JZWp6ZnHj8+9d6Zidqz8v3Rm5Z3uvrq7oeOJLPFX6zlR4t7xeX2Q8V94y8qW/P80PhUdaLDsUO3295i/Gf+qHS6dcC6a7aONrpgvTbyJ4DXvzVAOzWO/3R+9uJr7WwM0Fa+rw3da4nxn7arHUD7Of9D92o2/i825K0FwJ3J+R+6l/EP3cv4h+5l/ENXWs33+rs5kR0yb4NmVPuKfmx/7ZF2OnaJ9Ug0fe4XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw/o3AAD//0bu5dI=")
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=0x0, @ANYBLOB="0000000007000000b7080000000000000200f8fb00000000bfa2000000000019070200007effffffb7b70400180000000085000000570000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3a}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r9}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

16.228253736s ago: executing program 3 (id=395):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1010000, &(0x7f0000000a40)={[{@iocharset={'iocharset', 0x3d, 'cp864'}}, {@utf8}, {@uni_xlate}, {@utf8no}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@rodir}, {@numtail}, {@uni_xlateno}, {@uni_xlateno}, {}, {@utf8}, {@shortname_winnt}, {@rodir}, {@utf8}, {@utf8}, {@uni_xlate}]}, 0x3, 0x36b, &(0x7f0000000500)="$eJzs3U1oY0UcAPB/+tKkXdD2JgpC9CZo2e5NL7ZIFxZ7UQl+HMTgdlWSKrRYbA+b1oPiUfCoJ28KevAgHkVQxJsHr64gq+JB97bg4kjy8vGapN3uYivF3w+aTGfmP/N/HySv4WX6wlI0L07HpWvXrsbMTCnKS48txfVSzEcWfbsxrjKhDgA4Ha6nFH+m3GjbzOSQ0gmkBQAco+77/0sRUYv5vObNrw/rn7z7A8Cp1/v7f/awPgd8DhDx2rGkBAAcs7HP/+/f11zp/pT7v5YLdwUAAKfVU88+9/jyasSTtdpMxPrbW/WtejwybF++FK9EK9bibMzFjYj8QqHzUOo+nr+wunK2Vqu145f5qEfEVC+wnl8pLGfd+GosxlzM9+J7Vxsppez8Z6sri7WuiNhtd+eP9dJWfTrO9Ob/8UysDS88+oN0nyIurK6cq/UGqK/349sRe8MbFTr5L8RcfP/iYJiU+ncwrq5cXuwnPYzfqlfj4mAvHPgJCAAAAAAAAAAAAAAAAAAAAAAA3JaF2sD8YP2c1HnOV8pZWJjQ3l0fJ4/vrQ+0l68PlKopUvrjjYfq72Sxb32g0fV5tiwkCAAAAAAAAAAAAAAAAAAAAAOb25VotFprG5vbO81iob2xuT0VEZ2aV7/95KvZGO9zk0I5n6IaMZii1pt2p9lIWb9zyiLGw7PO5P2ajz4fZFzsUx1sxcQ0qgc3tVp33Pfz+8Oae7P+yH8P+2QxeQOzQhqPjoy8fmee0q3sqEHhXLGmOj77lZRSoeatYvjl58cHjFJE+dYP3E5zKg7ukzqFb66+fHd/7ze+TLkHHpx7+sp7H/7WbLQ6M0f3CFY2Nm+kZqPU73yE2XvDpe4hGJ4bpcgLpeKZUD5swL39NY3sh9+fuefd7462E1Kx5vXO+TzSJ8s359PR8Epe6KQ50jQ7DJ/ubURrbXrCyX+zwm0c07s++OLjlH769chTDE2NvWyU/p1XHwAAAAAAAAAAAAAAAAAAoKjwXfHel67becP0YVEPP3FC6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiRj+//9CYW83RmqOUvirPSGquraxGVH5rzcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uX8CAAD//3wwZok=")
syz_open_procfs(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0xe)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x61, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

16.227849946s ago: executing program 2 (id=396):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x80}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x38}}, {{0x9, 0x5, 0x81, 0x3, 0x400}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

15.950963643s ago: executing program 0 (id=397):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x13012, r0, 0x0)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)

14.248034137s ago: executing program 0 (id=399):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
socket(0x10, 0x803, 0x0)
request_key(0x0, 0x0, &(0x7f0000001fee)='R\x10rust\xe3c*s\xa8rVid8\xc4e', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x0, 0xffffff6a, 0x0, 0x0, 0x340, 0x258, 0x258, 0x340, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x11}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x9}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x180, 0x1c0, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @empty, @private2}}, @common=@dst={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470)

13.957914825s ago: executing program 1 (id=401):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r5, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r1, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
statx(r6, &(0x7f0000000000)='./file0\x00', 0x800, 0x659adc5e4bf6f66d, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgKSFSkQEBzsIBpdGhTjokAxWYprFiFiR0llw0EFwcJCU6OzLP6D4BuIidnYUI4hCnCSjOBcUl0wprU+hrV3aYkp/fD5LuPece08u3yfwvxYPPzWbzVgIoZn4+6e/Pc1PFHunxqZnQoiF70MI+S+/+LUSizp+u/U8WpeidTGRqe3fjL+cdtz23VdTh/GofhEP4YcQwuLjUfLfvo1P31nuKrm+sVzYXM0tPBTWnobnB/I9W/mlnZGDbHm2OzsXfVgX8dbMT9VGj++apefd9sG2aq2RuY760rGPmc9/68/573VV6pXGZP/JylC6s35Z3o5yf5U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwc5yV8n1jeXC5mpu4aGw9jQ8P5Dv2cov7YwcZMuz3dm5+FvfRbw181O10eO7Zul5t32wrVprZK6jvnTs3dGvf/yYv0QLfRX+mP9eV6VeaUz2n6wMpTvrl+XtKPfX9/kDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyl/ESxd2pseiaEWPgshPDN/Xd9v+w3E2/1WNR3Hv2Wov1iIlPbvxl/Oe247buvpg6nEiEkfnfv4uNR8vNWPoR/5OcAAAD//8gGhpo=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x400, 0x583feaf5f69e7b14)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}, @volatile={0x0, 0x0, 0x0, 0xa, 0x2}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x52}, 0x28)
signalfd(0xffffffffffffffff, &(0x7f0000001080)={[0x5]}, 0x8)

12.576222948s ago: executing program 0 (id=402):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb10000a8880008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

11.562052566s ago: executing program 2 (id=403):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x40, 0x1)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
getpgrp(r1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000440)={[{@minixdf}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x46d, &(0x7f0000000540)="$eJzs28tvVNUfAPDvvdPyhvbHDx8gapUYGx8tLagsTIxGExf4SHSBy9oWJAzU0JoIIVKNwY2JIerauDTxL3DnxqgrE7e6NyRE2YCuau6de2E6nenDtjOU+XySmZ4z97TnfHvuuffce+4E0LUGsrckYkdE/BYRfbXs/AIDtR83rl0Y//vahfEk5ube+DPJy12/dmG8LFr+3vYiM5hGpB8nRSXzTZ87f2qsWp08W+SHZ06/Ozx97vyTJ0+PnZg8MXlm9MiRw4dGnnl69KlFWr952XFmcV3f98HU/r0vv3X5lfFjl9/+6dusvTuK7fVxrJWBLPC/5nJ1H3+evT2y1pV12M66dNLTwYawIpWIyLqrNx//fVGJW53XFy991NHGAesqOzctchadnQPuYEkss1gsryCwUZQn+uz6t3y1aepxW7j6fO0CKIv7RvGqbemJtCjT23B9u5YGIuLY7D9fZa9Yp/sQAAD1Ph3/8mg80Wz+l8bddeV2FWso/RHxv4jYHRH/j4g9EXFXRF72noi4t2VNmxo/2PLOq88tKLVw/pNeWU18S8nmf88Wa1vz53/l7K/SXylyO/P4e5PjJ6uTB4v/yWD0bs7yI4vU8f2Lv37Walv9/C97ZfWXc8GiHVd6Gm7QTYzNjOWT0jVw9cOIfT3N4k9urgRkl/57I2Lfyv70rjJx8rFv9rcqtHT8i1iDdaa5ryMerfX/bDTEX0oWX58c3hLVyYPD5V6x0M+/XHq9Vf2rin8NZP2/bf7+31ikP6lfr51eeR2Xfv+k5TXNf93/NyVv5v1SHlXeH5uZOTsSsSk5mufnfT5663fLfFk+i3/wQPPxv7uW2Jq93RcR2U58f0Q8EBEPFm1/KCIejogDi8T/4wutt90O/T/R9Ph3c/9v6P+VJyqnfviuVf3L6//DeWqw+CQ//i1huQ1czf8OAAAANoo0fwY+SYduptN0aKj2DP+e2JZWp6ZnHj8+9d6Zidqz8v3Rm5Z3uvrq7oeOJLPFX6zlR4t7xeX2Q8V94y8qW/P80PhUdaLDsUO3295i/Gf+qHS6dcC6a7aONrpgvTbyJ4DXvzVAOzWO/3R+9uJr7WwM0Fa+rw3da4nxn7arHUD7Of9D92o2/i825K0FwJ3J+R+6l/EP3cv4h+5l/ENXWs33+rs5kR0yb4NmVPuKfmx/7ZF2OnaJ9Ug0fe4XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw/o3AAD//0bu5dI=")
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=0x0, @ANYBLOB="0000000007000000b7080000000000000200f8fb00000000bfa2000000000019070200007effffffb7b70400180000000085000000570000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3a}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

11.368979625s ago: executing program 0 (id=404):
r0 = socket$inet(0x2, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x3c, r6, 0xe04, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x5}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x2}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x6}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48dc)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
fcntl$setown(0xffffffffffffffff, 0x8, r1)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="84000000180001002cbd7000ffdbdf251d0107000c000b00040000a00300008015000100030000a006000000bac45f9ce14233bd0000000008000900", @ANYRES32=r9, @ANYBLOB="0c000b00000000e0020000a015000200010000a0070300007f15f0386605000b0200000008000a00", @ANYRES64], 0x84}}, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r8, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r7}, &(0x7f00000006c0), &(0x7f0000000700)=r5}, 0x20)
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r10, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id0\x00', 'timer1\x00'})
sendmsg$inet(r4, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x6c6d}], 0x5}}, {{0x0, 0x0, &(0x7f0000000440), 0x56}, 0xfffffffd}], 0x2, 0x2004000)

9.881410398s ago: executing program 1 (id=405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000700000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x18)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001b40)=@newtfilter={0x8b0, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x884, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'vlan0\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}, @TCA_U32_POLICE={0x848, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x1c79, 0x3, 0x2, 0x7, 0xff, 0x8, 0x1, 0x1, 0x2d0, 0x2, 0x1, 0xb, 0x6, 0x0, 0x2, 0x2, 0x9, 0x7, 0x0, 0xffffffff, 0x6, 0x1, 0x5, 0xc4, 0xa117, 0x8, 0xab, 0xfffffffa, 0x1, 0x0, 0x4, 0x1fc0000, 0x4, 0x200, 0x80, 0x1, 0x1, 0x0, 0x4, 0x7, 0x2, 0x1, 0x610, 0x2, 0xb, 0xfb, 0x4, 0xa29, 0x7f, 0x82, 0x200, 0x44, 0x2, 0x1, 0x2, 0x101, 0x10005, 0xdd, 0x5, 0x8, 0x431d3ae0, 0xc03, 0x9, 0x5, 0x9349, 0x1, 0x100, 0x7ff, 0x1, 0x1, 0x8, 0x401, 0x3, 0x6, 0x5, 0x6, 0x19e, 0x2, 0x2, 0xf, 0xc00000, 0x4003ff, 0x7, 0x3326ea0a, 0x8007, 0x80000001, 0x25, 0x1, 0x8, 0x8001, 0x9, 0x6, 0x54773818, 0x8, 0x8001, 0x6, 0x7f, 0x373, 0x4, 0x4, 0x80, 0xc000000, 0x7ff, 0x6138, 0x49e, 0x3ff, 0x8, 0x0, 0x3, 0x0, 0x2, 0x10000, 0x3, 0x2, 0x9, 0x3, 0x7fffffff, 0x101, 0x3, 0xc42, 0x4, 0x7, 0x401, 0x5, 0x0, 0x4, 0x80000001, 0x8000, 0x5, 0x2fb, 0x5907, 0x8, 0x81, 0x7, 0x4, 0xfffffffc, 0xffff0001, 0x2, 0xffff, 0x8, 0x2396, 0x8000, 0xfffffffc, 0x5, 0x1, 0xfff, 0x91e0000, 0x4, 0x3, 0xfae, 0x40, 0x900, 0x6, 0x0, 0x2, 0x6, 0x6, 0xdc, 0x9, 0x7ff, 0xfffffff7, 0x4, 0x2, 0x30, 0xff, 0x3, 0x80, 0x6, 0x7, 0x9, 0x4, 0x0, 0x5, 0x4342, 0xfa52, 0x4, 0x7fff, 0x7, 0x381, 0xfffffff2, 0xfffffff6, 0x100, 0x8, 0xf73, 0x1, 0x0, 0x5, 0xe, 0x0, 0x3, 0xfffffc01, 0x2, 0xe, 0x4, 0x4, 0xf5f, 0x2, 0x0, 0x6, 0x1, 0x9, 0x80, 0x2, 0x0, 0x0, 0xfb, 0x3, 0x8, 0x0, 0x80000001, 0x5, 0x0, 0xb, 0x3159, 0x6, 0xfffffff7, 0xe4f7, 0x6, 0x1, 0xfffffffc, 0x8, 0x9, 0x1c15, 0xa098, 0x0, 0x0, 0x6, 0xb, 0x6, 0x2, 0x80000001, 0x9, 0xfffffed0, 0x2, 0x7, 0x56, 0x2, 0x4, 0x7, 0x2009, 0xb, 0x6, 0x4, 0x1, 0x3, 0x7, 0x9, 0x7, 0xe, 0x0, 0x1, 0x9, 0x1, 0x0, 0x40, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x8, 0xffffffff, 0xffff0d7b, 0x6, 0x3, 0xc79, 0x74100000, 0x800, 0x7, 0xfffffffd, 0x76e8, 0x4, 0x0, 0x9, 0xb046, 0x7, 0x101, 0x8, 0x0, 0x6, 0x3ff, 0xfffffffe, 0x0, 0x7f, 0x3, 0x7c68080b, 0x4, 0x9, 0x3, 0x80000001, 0x0, 0xa, 0x7, 0x2, 0x4, 0x62f1, 0x2, 0x995, 0x1, 0xf, 0xb, 0x7f, 0x9, 0x7, 0x4, 0x6, 0xc39, 0x6, 0x7, 0x2, 0x5, 0x4b0f, 0x3ff, 0x3, 0x93, 0x5, 0x2, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0xffff, 0x9, 0xffffffff, 0x4, 0x9, 0xa2c, 0xda0b, 0x7, 0x40, 0x9, 0xefa8, 0x1, 0xe6, 0x0, 0xe, 0x2, 0x4, 0x6, 0xfffffff9, 0x4, 0x8, 0x4, 0x0, 0xea, 0xbed1, 0x10001, 0x8, 0x7fff, 0x3, 0x8, 0x0, 0x9, 0x5dac, 0xdb, 0x1, 0x8, 0x9, 0x2, 0x2000, 0xfc000000, 0xfffffff9, 0x3, 0x4, 0x0, 0x0, 0x4, 0xfffffffc, 0xfffffff9, 0x5, 0x3, 0xe2000, 0x6, 0x8001, 0xa, 0x6, 0x5, 0x0, 0xef83, 0x8, 0x4, 0x3ff, 0x0, 0x5, 0x10000, 0xf6, 0x7, 0x3, 0x3ff, 0x5, 0xaf7e, 0x5, 0x7ff, 0xeab9, 0x3, 0x8, 0x525, 0x9, 0x0, 0x3, 0x401, 0x9, 0x6, 0x8, 0x1, 0x8, 0x7, 0xfffffffb, 0x7, 0x80000001, 0xfffffffd, 0x4, 0x8fb3, 0x7fffffff, 0xfffffff9, 0x800, 0x2, 0x7fff, 0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x82, 0xff, 0x6, 0x3, 0x46, 0x1, 0x958, 0x3, 0x80000001, 0x7, 0x9, 0x5, 0xfffffffa, 0x0, 0x5, 0x4d4, 0x9, 0x8, 0x75968511, 0x0, 0x46cc, 0x8, 0x6, 0x40, 0x9, 0x8, 0x4, 0x7054, 0x3, 0x3, 0x1, 0x70, 0x9, 0x9, 0x9, 0x400, 0x3dc1, 0x0, 0xe6a2, 0x8, 0x6, 0x8, 0x6, 0x80000001, 0xff, 0x2, 0x6, 0x80000000, 0x0, 0xd42700, 0x8001, 0x8, 0x8000, 0x9, 0x4, 0x6302, 0x1eeacb39, 0xe, 0x4, 0x5, 0xd9a, 0x9, 0x0, 0x8, 0x3, 0x2, 0x0, 0x100, 0x3ff, 0x5, 0x3ff, 0x40, 0x7ffffffe, 0xff, 0x5, 0x6, 0x1000, 0x37, 0x81, 0x7fffffff, 0x9, 0x5ca, 0x5, 0x5d6a, 0x2, 0x3, 0x6, 0x81, 0x10000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x7f, 0x4, 0x9, {0x3, 0x1, 0x4, 0x17f, 0x0, 0x1ff}, {0x6, 0x0, 0xff, 0x7, 0x5, 0xffffffff}, 0x9, 0xe90, 0x6db5cd0}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000f0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r10, 0x2000012, 0x100e, 0x2, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r11}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x7, 0x50000}]})
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r12, 0x29, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x2, 0x5, 0x4b0, 0x0, 0xf0, 0xffffffff, 0x0, 0x310, 0x3e0, 0x3e0, 0xffffffff, 0x3e0, 0x3e0, 0x5, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], 'batadv0\x00', 'veth0_to_batadv\x00'}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@empty, @ipv6=@remote}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xe8, 0x130, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@private0, @icmp_id, @icmp_id}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@remote, @mcast1, [], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)

7.642148524s ago: executing program 2 (id=406):
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, &(0x7f0000000040)={0xa, 0x0, 0x3d, 0x10000, 'syz1\x00', 0x5})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}})
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000180)={0x37, @time={0x65757100, 0x4}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000100003040000000000000000", @ANYRES32], 0x40}}, 0x0)
r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000240)="166ec4b16abf8d77f0", 0x9, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7.212209245s ago: executing program 3 (id=407):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0xc4fffffe)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x800714, &(0x7f0000000240)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)=0x100fb)

7.084207847s ago: executing program 0 (id=408):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1809000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x80, 0x80, 0x0, 0xd, {{0x11, 0x4, 0x2, 0x34, 0x44, 0x64, 0x0, 0x2b, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x39}, @multicast1, {[@generic={0x44, 0x3, "8f"}, @timestamp={0x44, 0x28, 0x38, 0x0, 0x7, [0x9, 0x4, 0xffffffff, 0x10, 0x9, 0xf3de, 0x1, 0x4, 0xc]}, @ra={0x94, 0x4}]}}}}})
open(&(0x7f0000000000)='./bus\x00', 0x40, 0x171)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000007000000ff"], 0x48)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="07000000040000000d0000000100000002000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000004dd76edbfd2b5bbd9da0c87174b913ee34ef0eb2f0d261efb25e0f56b3298989d781171e44f4ce1abb6c82b5d28af8561196fc8a3dc1d5662c8f9083a8621f995c6934350f60dab6ac6a9d64e27397f3c25ffe9e67179a0dc7c552a1b818a8760a5828c56e5fd36c74828647c1aa8d833a81de56862ba159314f9e0e0a66c52f81608ab01c0d42e119915a5de5fb6a56ee1ddb7ecd9e788200298f92fbd77c024fbb248f38fd2d19fd0ff92567cc15620765b35c852634f171", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000400"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff0100000043aeb716e9b9ab50035f639c965fa9d9aaf6528c444a305a83565ab0fa1ae9a54e76ff7e804e9cd6a605a4b8364959bacc749998fa7b8d86c3fc81df6665f5d5dff4c67b5b3f738daec9359e", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7f7ffffff0000007b8aedff00000000bfa2000001ffffffb78959570b6218059a04000000000000850000000300000095000f1585b5390b618cad9866636d2800b90000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0xa, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r6)
readlinkat(r3, &(0x7f0000000180)='./cgroup\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000300000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
ioprio_get$uid(0x3, 0xee01)
r7 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r9, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

5.883510063s ago: executing program 1 (id=409):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x923004, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

5.632301237s ago: executing program 1 (id=410):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0xc0}}, 0x200000b0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
open(&(0x7f0000000240)='./file0\x00', 0x141bc2, 0xa3)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x7, 0x0, 0x2, 0xffffffffffffffff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x6, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x400000, 0x0, 0x2000000, 0x9, 0x1d, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x302000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.585931122s ago: executing program 1 (id=411):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x3, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0xe0, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000000040)={[{@fat=@errors_remount}, {@fat=@debug}, {@fat=@uid}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@fat=@dmask={'dmask', 0x3d, 0x5}}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x10}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x9}}, {@dots}, {@fat=@nocase}, {@nodots}]}, 0x1, 0x23d, &(0x7f0000000a40)="$eJzs3cFq1EAcBvB/220be7Fn8RDw4qmobxBkBTEgrOSgJwPVSytCeome9jF8Bh/Jx+ipt4hN6NZUPUjadJvfD5Z87MfAzGVnDzO77x9+Ojr8fPKx+fEtkiSNWcQyziL2YzO2orXRPTfP805ctgwAYN0sFmU29hwY0MbVt6oqK7cjYvdKU3y/mUkBAAAAAAAAAAAwNOf/AWB6nP+/+6oqK/e672+/c/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGM9Z09xv/vEae34AwPDs/wAwPfZ/AJge+z8ATM+bt+9eZXk+X6RpEnG6rIu6aJ9t/+JlPn+SnttfjTqt62K7y/n8adun/X6vG//sj/1OPH7U9r+656/zXr8bh9e9eAAAAAAAAAAAAAAAAAAAALglDtILvfv9W21/8Le+TZd+H6B3f38WD2Y3tgwAAAAAAAAAAAAAAAAAAABYaydfvh6Vx8cfKkG4CPfiP0YlcTsmLwwSxv5kAgAAAAAAAAAAAAAAAACA6Vld+h17JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwntX//19fGHuNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDT8DAAA//8GmZGk")
r6 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
ftruncate(r6, 0x2007ffb)
sendfile(r6, r6, 0x0, 0x1000000201005)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'veth0_macvtap\x00', <r8=>0x0})
sendmmsg$inet(r7, &(0x7f0000002240)=[{{&(0x7f0000000040)={0x2, 0x4e22, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}], 0x30}}], 0x1, 0x0)
inotify_init()

5.579297363s ago: executing program 2 (id=412):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="14d556a62676ae"], 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xe2bf268aaf6847d0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x16, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xf, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x89f0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = dup(r5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

3.588223475s ago: executing program 3 (id=413):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x56a, &(0x7f0000000380)="$eJzs3ctrXNUfAPDvnWT6/v2aQikqIgEXVmonTeKjgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LP4DLvwbClooUoIu3ETu5M7kNZNM0jzGzucDN5xz750598y535Nz5swwAfSt4exPIeLliPg6iTgZEUl+bDDyg8PL5y0+uzORbUksLX36Z9I4L8s3n6v5uON55qWI+OWriHOFjeXW5hemy5VKOpvnR+ozN0dq8wvnr8+Up9Kp9MbY+PjFd8bH3n/v3V2r65tX/v72k0cDee7UgyQuxYk8t7oemaM7K+Lu6sxwDOevSTEurTtxdGfP37OStnt/2vfrYHsG8jgvRtYHnIyBPOqBF9+XEbEE9Klk2/H/W3FvrgTYX81xQHNuv34e/KJ7+uHyBGhj/QeX3xuJI4250bHFZM3MKJvvDu1C+VkZP//x8EG2RZv3IQD2yt17EXFhcHBj/5fk/d/OXejinPVl6P9g/zzKxj9vtRv/FFrjn2gz/jneJnZ3Yuv4LzzZhWI6ysZ/H7Qd/7YWrYYG8tz/GmO+YnLteiXN+rb/R8TZKB7O8put51xcfLzU6djq8V+2ZeU3x4L5dTwZPLz2MZPlevl56rza03sRr7Qd/yat9k/atH/2elzpsowz6cPXOh3buv57a+mHiDfatv/Kilay+frkSON+GGneFRv9df/Mr53KP+j6Z+1/bPP6DyWr12tr2y/j+yP/pNFaT15rTf2j+/v/UPJZI30o33e7XK/PjkYcSj5u7S8094+tPLaZb56f1f/s65v3f+3u/6MR8XmX9b9/+sdXOx3rhfafbNv+rdntuvbffuLxR19816n87vq/txups/mebvq/bi/weV47AAAAAAAA6DWFiDgRSaHUShcKpdLy5ztOx7FCpVqrn7tWnbsxGY3vyg5FsdBc6T656vMQo/mKYTM/ti4/HhGnIuKbgaONfGmiWpk86MoDAAAAAAAAAAAAAAAAAABAjzje4fv/md8HDvrqgD3nJ7+hf20Z/7vxS09AT/L/H/qX+If+Jf6hf4l/6F/iH/qX+If+Jf6hf4l/AAAAAAAAAAAAAAAAAAAAAAAAAAAA2FVXLl/OtqXFZ3cmsvzkrfm56eqt85Npbbo0MzdRmqjO3ixNVatTlbQ0UZ3Z6vkq1erN0bGYuz1ST2v1kdr8wtWZ6tyN+tXrM+Wp9Gpa3JdaAQAAAAAAAAAAAAAAAAAAwH9LbX5hulyppLMS20ociZ64jB5IDPbGZUjscuKgeyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWPFvAAAA//8nNDJB")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x0, {{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x10, 0x0, 0x4e24}, {@in=@multicast2, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {}, {}, {}, 0x0, 0x0, 0xa, 0x4}}, 0xf0}}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000300)=ANY=[], 0xfe37, 0x0)

2.871052663s ago: executing program 0 (id=414):
r0 = io_uring_setup(0x3c91, &(0x7f0000000900)={0x0, 0x1246, 0x0, 0x1, 0x62})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000980)='6', 0x1}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.349670824s ago: executing program 2 (id=415):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r5, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r1, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
statx(r6, &(0x7f0000000000)='./file0\x00', 0x800, 0x659adc5e4bf6f66d, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgKSFSkQEBzsIBpdGhTjokAxWYprFiFiR0llw0EFwcJCU6OzLP6D4BuIidnYUI4hCnCSjOBcUl0wprU+hrV3aYkp/fD5LuPece08u3yfwvxYPPzWbzVgIoZn4+6e/Pc1PFHunxqZnQoiF70MI+S+/+LUSizp+u/U8WpeidTGRqe3fjL+cdtz23VdTh/GofhEP4YcQwuLjUfLfvo1P31nuKrm+sVzYXM0tPBTWnobnB/I9W/mlnZGDbHm2OzsXfVgX8dbMT9VGj++apefd9sG2aq2RuY760rGPmc9/68/573VV6pXGZP/JylC6s35Z3o5yf5U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwc5yV8n1jeXC5mpu4aGw9jQ8P5Dv2cov7YwcZMuz3dm5+FvfRbw181O10eO7Zul5t32wrVprZK6jvnTs3dGvf/yYv0QLfRX+mP9eV6VeaUz2n6wMpTvrl+XtKPfX9/kDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyl/ESxd2pseiaEWPgshPDN/Xd9v+w3E2/1WNR3Hv2Wov1iIlPbvxl/Oe247buvpg6nEiEkfnfv4uNR8vNWPoR/5OcAAAD//8gGhpo=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x400, 0x583feaf5f69e7b14)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}, @volatile={0x0, 0x0, 0x0, 0xa, 0x2}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x52}, 0x28)
signalfd(0xffffffffffffffff, &(0x7f0000001080)={[0x5]}, 0x8)

0s ago: executing program 1 (id=416):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.135' (ED25519) to the list of known hosts.
syzkaller login: [   73.687999][ T5754] cgroup: Unknown subsys name 'net'
[   73.820699][ T5754] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   75.567914][ T5754] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   77.398115][ T5767] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.414773][ T5772] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.424402][ T5772] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.433192][ T5772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.456861][ T5778] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.466060][ T5778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.477036][ T5778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.486193][ T5770] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.486470][ T5778] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   77.501960][ T5770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.502749][ T5778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.510079][ T5770] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.525547][ T5770] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.533687][ T5778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.535285][ T5770] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.550578][ T5770] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.558216][ T5778] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.561428][ T5770] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.573367][ T5778] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.585800][ T5770] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   77.594630][ T5770] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.602959][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.630492][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   77.640898][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.096386][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   78.200848][ T5776] chnl_net:caif_netlink_parms(): no params data found
[   78.285086][ T5764] chnl_net:caif_netlink_parms(): no params data found
[   78.327754][ T5768] chnl_net:caif_netlink_parms(): no params data found
[   78.387779][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.396003][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.404429][ T5769] bridge_slave_0: entered allmulticast mode
[   78.411359][ T5769] bridge_slave_0: entered promiscuous mode
[   78.433934][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.441088][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.448899][ T5776] bridge_slave_0: entered allmulticast mode
[   78.456124][ T5776] bridge_slave_0: entered promiscuous mode
[   78.465596][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.473210][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.481208][ T5776] bridge_slave_1: entered allmulticast mode
[   78.488418][ T5776] bridge_slave_1: entered promiscuous mode
[   78.519444][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.527056][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.534665][ T5769] bridge_slave_1: entered allmulticast mode
[   78.541669][ T5769] bridge_slave_1: entered promiscuous mode
[   78.609167][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.662102][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.697438][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.705280][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.712860][ T5768] bridge_slave_0: entered allmulticast mode
[   78.719993][ T5768] bridge_slave_0: entered promiscuous mode
[   78.729908][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.743290][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.776047][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.783515][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.791769][ T5768] bridge_slave_1: entered allmulticast mode
[   78.800339][ T5768] bridge_slave_1: entered promiscuous mode
[   78.819280][ T5764] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.826766][ T5764] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.834825][ T5764] bridge_slave_0: entered allmulticast mode
[   78.841759][ T5764] bridge_slave_0: entered promiscuous mode
[   78.849973][ T5764] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.857828][ T5764] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.865417][ T5764] bridge_slave_1: entered allmulticast mode
[   78.874140][ T5764] bridge_slave_1: entered promiscuous mode
[   78.885889][ T5776] team0: Port device team_slave_0 added
[   78.943846][ T5776] team0: Port device team_slave_1 added
[   78.954978][ T5764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.979956][ T5769] team0: Port device team_slave_0 added
[   79.001092][ T5764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.022079][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.034146][ T5769] team0: Port device team_slave_1 added
[   79.042068][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.099016][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.106477][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.133963][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.149200][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.156630][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.183958][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.241073][ T5768] team0: Port device team_slave_0 added
[   79.253070][ T5764] team0: Port device team_slave_0 added
[   79.261219][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.268641][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.295815][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.309772][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.318068][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.344651][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.360463][ T5768] team0: Port device team_slave_1 added
[   79.380767][ T5764] team0: Port device team_slave_1 added
[   79.453465][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.460748][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.489350][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.507853][ T5776] hsr_slave_0: entered promiscuous mode
[   79.515511][ T5776] hsr_slave_1: entered promiscuous mode
[   79.538074][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.545218][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.571543][ T5764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.585193][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.592888][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.619719][ T5764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.649953][ T5778] Bluetooth: hci1: command tx timeout
[   79.649968][ T5772] Bluetooth: hci2: command tx timeout
[   79.650259][ T5772] Bluetooth: hci0: command tx timeout
[   79.668442][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.675689][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.702551][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.722562][ T5772] Bluetooth: hci3: command tx timeout
[   79.794221][ T5769] hsr_slave_0: entered promiscuous mode
[   79.800979][ T5769] hsr_slave_1: entered promiscuous mode
[   79.809371][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.818301][ T5769] Cannot create hsr debugfs directory
[   79.853443][ T5764] hsr_slave_0: entered promiscuous mode
[   79.859933][ T5764] hsr_slave_1: entered promiscuous mode
[   79.867125][ T5764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.874858][ T5764] Cannot create hsr debugfs directory
[   79.956321][ T5768] hsr_slave_0: entered promiscuous mode
[   79.962956][ T5768] hsr_slave_1: entered promiscuous mode
[   79.969198][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.977934][ T5768] Cannot create hsr debugfs directory
[   80.321584][ T5776] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.335820][ T5776] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.346644][ T5776] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.357579][ T5776] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.458351][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   80.471668][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   80.483741][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   80.498568][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   80.606228][ T5764] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   80.626666][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.635836][ T5764] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   80.646787][ T5764] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   80.663094][ T5764] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   80.753329][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   80.767310][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   80.779369][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   80.789189][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   80.813994][ T5776] 8021q: adding VLAN 0 to HW filter on device team0
[   80.848311][ T2922] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.855694][ T2922] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.906152][ T2958] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.913355][ T2958] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.956575][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.006854][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   81.048121][ T2922] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.055441][ T2922] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.101224][ T2922] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.108559][ T2922] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.173212][ T5764] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.286156][ T5764] 8021q: adding VLAN 0 to HW filter on device team0
[   81.307383][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.335961][  T138] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.343412][  T138] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.359319][  T138] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.366767][  T138] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.458250][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   81.521210][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.528785][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.553157][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.560455][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.580549][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.678328][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   81.723106][ T5772] Bluetooth: hci0: command tx timeout
[   81.723706][   T51] Bluetooth: hci1: command tx timeout
[   81.728774][ T5772] Bluetooth: hci2: command tx timeout
[   81.794883][ T5776] veth0_vlan: entered promiscuous mode
[   81.805724][ T5772] Bluetooth: hci3: command tx timeout
[   81.851193][ T5776] veth1_vlan: entered promiscuous mode
[   81.934956][ T5776] veth0_macvtap: entered promiscuous mode
[   81.951944][ T5776] veth1_macvtap: entered promiscuous mode
[   82.017629][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.050184][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.108718][ T5776] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.124754][ T5776] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.134323][ T5776] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.144602][ T5776] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.188451][ T5764] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.224802][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.268672][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.483454][ T2905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.499125][ T2905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.521867][ T5764] veth0_vlan: entered promiscuous mode
[   82.593506][ T5769] veth0_vlan: entered promiscuous mode
[   82.618828][ T5764] veth1_vlan: entered promiscuous mode
[   82.636713][ T2905] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.662662][ T2905] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.683971][ T5769] veth1_vlan: entered promiscuous mode
[   82.715416][ T5768] veth0_vlan: entered promiscuous mode
[   82.774468][ T5768] veth1_vlan: entered promiscuous mode
[   82.874683][ T5769] veth0_macvtap: entered promiscuous mode
[   82.935722][ T5764] veth0_macvtap: entered promiscuous mode
[   82.972192][ T5764] veth1_macvtap: entered promiscuous mode
[   83.000201][ T5768] veth0_macvtap: entered promiscuous mode
[   83.022939][ T5769] veth1_macvtap: entered promiscuous mode
[   83.060779][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.103105][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.120204][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.135173][ T5768] veth1_macvtap: entered promiscuous mode
[   83.184873][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.197830][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.209335][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.223133][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.245516][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.259791][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.291495][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.318591][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.340754][ T5860] Zero length message leads to an empty skb
[   83.382789][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.395831][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.409303][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.425855][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.437282][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.450848][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.464429][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.473376][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.486630][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.497322][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.507322][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.536942][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.547895][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.562214][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.592627][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.607204][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.646715][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.662868][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.678139][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.702678][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.713311][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.733677][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.760755][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.797819][ T5764] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.802670][ T5772] Bluetooth: hci2: command tx timeout
[   83.809105][   T51] Bluetooth: hci1: command tx timeout
[   83.812109][ T5772] Bluetooth: hci0: command tx timeout
[   83.825440][ T5764] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.838669][ T5764] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.850196][ T5764] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.882917][ T5772] Bluetooth: hci3: command tx timeout
[   83.892942][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.902878][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.912907][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.922234][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.121133][ T2922] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.152578][ T2922] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.268284][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.297703][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.435089][ T2958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.456546][ T2958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.526754][ T2958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.574499][ T2958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.656183][ T2958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.702073][ T2958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.770806][ T2958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.794398][ T2958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.033767][ T5853] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   85.125426][ T5873] capability: warning: `syz.1.2' uses deprecated v2 capabilities in a way that may be insecure
[   85.264266][ T5853] usb 4-1: too many configurations: 9, using maximum allowed: 8
[   85.277993][ T5868] 
: renamed from bridge_slave_0 (while UP)
[   85.291827][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.315284][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.336128][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.347556][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.358200][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.392442][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.410837][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.435978][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.476307][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.506636][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.536004][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.557716][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.584733][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.598726][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.622794][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.637367][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.661500][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.681286][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.698130][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.708352][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.740774][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.755657][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[   85.768405][ T5853] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   85.784415][ T5853] usb 4-1: config 0 interface 0 has no altsetting 0
[   85.797810][ T5853] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   85.811072][ T5853] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   85.826610][ T5853] usb 4-1: Product: syz
[   85.841504][ T5853] usb 4-1: Manufacturer: syz
[   85.882653][ T5772] Bluetooth: hci1: command tx timeout
[   85.884313][   T51] Bluetooth: hci2: command tx timeout
[   85.894454][ T5772] Bluetooth: hci0: command tx timeout
[   85.906718][ T5853] usb 4-1: SerialNumber: syz
[   85.924769][ T5853] usb 4-1: config 0 descriptor??
[   85.963858][   T51] Bluetooth: hci3: command tx timeout
[   85.995061][ T5853] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[   86.534784][    C0] usb 4-1: yurex_control_callback - control failed: -71
[   86.536787][   T23] usb 4-1: USB disconnect, device number 2
[   86.599082][   T23] yurex 4-1:0.0: USB YUREX #0 now disconnected
[   87.192149][ T5887] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8'.
[   88.127976][ T5894] hub 6-0:1.0: USB hub found
[   88.152719][ T5894] hub 6-0:1.0: 1 port detected
[   88.752513][  T969] cfg80211: failed to load regulatory.db
[   88.845424][ T5898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9'.
[   89.142340][    C0] sched: RT throttling activated
[   91.372459][ T5907] syz.1.13 (5907) used greatest stack depth: 16336 bytes left
[   93.155137][ T5916] syz.2.14[5916]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   93.181848][ T5916] loop2: detected capacity change from 0 to 512
[   93.831854][ T5918] loop0: detected capacity change from 0 to 256
[   94.362528][ T5916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.380262][ T5916] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.494051][ T5918] FAT-fs (loop0): Directory bread(block 64) failed
[   95.502635][ T5918] FAT-fs (loop0): Directory bread(block 65) failed
[   95.510256][ T5918] FAT-fs (loop0): Directory bread(block 66) failed
[   95.519283][ T5918] FAT-fs (loop0): Directory bread(block 67) failed
[   95.527531][ T5918] FAT-fs (loop0): Directory bread(block 68) failed
[   95.535019][ T5918] FAT-fs (loop0): Directory bread(block 69) failed
[   95.542486][ T5918] FAT-fs (loop0): Directory bread(block 70) failed
[   95.549477][ T5918] FAT-fs (loop0): Directory bread(block 71) failed
[   95.556447][ T5918] FAT-fs (loop0): Directory bread(block 72) failed
[   95.563283][ T5918] FAT-fs (loop0): Directory bread(block 73) failed
[   95.635246][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.600610][ T5928] loop1: detected capacity change from 0 to 1024
[   96.609363][ T5928] EXT4-fs: Ignoring removed orlov option
[   96.763140][ T5928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.890917][   T27] audit: type=1804 audit(1766718396.647:2): pid=5928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.25" name="/newroot/3/bus/bus" dev="loop1" ino=18 res=1 errno=0
[   97.409890][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.733930][ T5942] loop0: detected capacity change from 0 to 256
[   97.784180][ T5942] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d)
[   98.142426][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   98.353646][ T5953] loop0: detected capacity change from 0 to 512
[   98.361173][ T5953] EXT4-fs: Ignoring removed i_version option
[   98.369893][ T5953] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.572687][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   98.582747][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.982613][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[   99.392397][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  100.222577][    T8] usb 2-1: Using ep0 maxpacket: 32
[  101.135575][ T5953] fscrypt: Error allocating hmac(sha512): -2
[  102.152630][    T8] usb 2-1: device descriptor read/all, error -71
[  102.632104][ T5962] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.717436][ T5967] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  102.736176][ T5967] loop1: detected capacity change from 0 to 512
[  102.745318][ T5967] =======================================================
[  102.745318][ T5967] WARNING: The mand mount option has been deprecated and
[  102.745318][ T5967]          and is ignored by this kernel. Remove the mand
[  102.745318][ T5967]          option from the mount to silence this warning.
[  102.745318][ T5967] =======================================================
[  104.102552][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  104.782764][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.792719][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  105.799623][ T5987] loop2: detected capacity change from 0 to 512
[  105.816505][ T5987] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  105.896852][ T5987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.953847][ T5987] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  106.036900][ T5987] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.32: corrupted inode contents
[  106.118592][ T5987] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #2: comm syz.2.32: mark_inode_dirty error
[  106.162226][ T5988] block device autoloading is deprecated and will be removed.
[  106.195015][ T5987] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.32: corrupted inode contents
[  106.216716][ T5987] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.32: mark_inode_dirty error
[  106.261218][ T5995] EXT4-fs error (device loop2): ext4_get_first_dir_block:3595: inode #18: comm syz.2.32: directory missing '.'
[  106.455591][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.911881][ T6004] loop3: detected capacity change from 0 to 1024
[  107.032917][ T6004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.104983][ T6004] overlayfs: missing 'lowerdir'
[  107.293564][ T6008] hub 6-0:1.0: USB hub found
[  107.305736][ T6008] hub 6-0:1.0: 1 port detected
[  109.018821][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  109.028861][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  109.289189][ T6030] loop2: detected capacity change from 0 to 1024
[  109.319867][ T6030] EXT4-fs: Ignoring removed nobh option
[  109.359626][ T6030] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  109.414379][ T6030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.559320][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.963004][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  111.144905][ T6045] loop1: detected capacity change from 0 to 1024
[  111.157627][ T6045] EXT4-fs: Ignoring removed orlov option
[  112.028033][ T6045] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.075726][   T27] audit: type=1804 audit(1766718411.847:3): pid=6042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.45" name="/newroot/10/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  112.357259][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.570112][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.637221][ T6056] loop1: detected capacity change from 0 to 512
[  112.713577][ T6056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.778125][ T6056] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  112.889901][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.166001][ T5852] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  113.553340][ T5852] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  113.575224][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  113.586316][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  113.599700][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  113.609160][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  113.625416][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  113.667871][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  113.817400][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.075780][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.333274][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  114.402967][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.493947][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.531286][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  114.544935][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.562211][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.581231][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  114.608141][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.627915][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.875160][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  114.885780][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.902763][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.932388][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  114.945460][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  116.598137][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  116.678479][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  116.730485][ T6096] process 'syz.3.55' launched './file1' with NULL argv: empty string added
[  117.015292][ T5852] usb 3-1: string descriptor 0 read error: -71
[  117.059854][ T5852] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  117.124247][ T5852] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  117.181857][ T5852] usb 3-1: config 0 descriptor??
[  117.230814][ T5852] usb 3-1: can't set config #0, error -71
[  117.310408][ T5852] usb 3-1: USB disconnect, device number 2
[  118.760853][ T6113] loop1: detected capacity change from 0 to 1024
[  118.783536][ T6113] EXT4-fs: Ignoring removed nobh option
[  118.794309][ T6113] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  118.856696][ T6113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.172839][ T6122] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.60: Allocating blocks 497-513 which overlap fs metadata
[  121.518180][ T6122] EXT4-fs (loop1): pa ffff8880788d7000: logic 256, phys. 385, len 8
[  121.529865][ T6122] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1
[  122.052698][   T23] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  122.266816][   T23] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  122.304568][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  122.328148][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  122.369250][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  122.384063][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  122.428580][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  122.479172][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  122.510929][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  122.551037][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  122.893989][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  122.936414][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  122.997990][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  123.058901][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.091426][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  123.130923][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  123.162902][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.173372][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  123.192426][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  123.212525][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.225296][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  123.288887][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  123.293861][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.314632][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.349995][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  123.377539][   T23] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  123.404079][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.436193][   T23] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  123.460876][   T23] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  123.496014][   T23] usb 3-1: Product: syz
[  123.501471][   T23] usb 3-1: Manufacturer: syz
[  123.522372][   T23] usb 3-1: SerialNumber: syz
[  123.550325][   T23] usb 3-1: config 0 descriptor??
[  123.596589][   T23] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  124.058413][ T6140] binder: 6137:6140 ioctl c0306201 200000000140 returned -11
[  124.830661][    C1] usb 3-1: yurex_control_callback - control failed: -2
[  124.940158][ T5853] usb 3-1: USB disconnect, device number 3
[  124.961815][ T5853] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  126.706013][ T6163] netlink: 24 bytes leftover after parsing attributes in process `syz.0.73'.
[  127.881732][ T6169] loop1: detected capacity change from 0 to 1024
[  127.908618][ T6169] EXT4-fs: inline encryption not supported
[  127.969988][ T6169] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.044335][ T6169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.471277][ T6165] loop2: detected capacity change from 0 to 40427
[  130.523313][ T6165] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  130.536338][ T6165] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  130.555763][ T6165] F2FS-fs (loop2): invalid crc value
[  130.583060][ T6165] F2FS-fs (loop2): Found nat_bits in checkpoint
[  130.592670][  T969] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  130.704156][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.794135][ T6165] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  130.813207][ T6165] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  130.818104][  T969] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  130.863952][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.895709][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  130.922481][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  130.942952][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.962490][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  130.987403][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.004153][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.014798][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.042381][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.053290][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.072454][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.093545][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.112910][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.122244][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.162399][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.170727][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.192402][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.212401][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.221267][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.242406][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.262684][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.271040][  T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  131.292424][  T969] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  131.312641][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.326114][  T969] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  131.342377][  T969] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  131.355343][  T969] usb 1-1: Product: syz
[  131.360014][  T969] usb 1-1: Manufacturer: syz
[  131.384462][  T969] usb 1-1: SerialNumber: syz
[  131.397537][  T969] usb 1-1: config 0 descriptor??
[  131.423588][  T969] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  132.192521][  T969] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  132.385683][  T969] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  132.420583][  T969] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  132.433975][  T969] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  132.445776][  T969] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.459661][  T969] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.472957][  T969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.489047][  T969] usb 3-1: config 0 descriptor??
[  132.505313][ T6195] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  132.667195][ T6211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.84'.
[  133.313021][    C1] usb 1-1: yurex_control_callback - control failed: -2
[  133.462140][ T5818] usb 1-1: USB disconnect, device number 2
[  133.487657][  T969] plantronics 0003:047F:FFFF.0001: unknown main item tag 0xd
[  133.503197][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  133.510300][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  133.516235][  T969] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  133.538964][ T5818] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  133.552096][  T969] plantronics 0003:047F:FFFF.0001: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  133.668173][ T6218] loop1: detected capacity change from 0 to 16
[  133.747101][ T6218] erofs: (device loop1): mounted with root inode @ nid 36.
[  133.801230][  T969] usb 3-1: USB disconnect, device number 4
[  133.835318][ T6218] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  133.872881][ T6218] erofs: (device loop1): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  134.192627][ T6222] input: syz1 as /devices/virtual/input/input6
[  134.595605][ T6218] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  134.693672][ T6218] erofs: (device loop1): z_erofs_readahead: readahead error at folio 1 @ nid 89
[  134.712629][ T6218] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  134.822582][ T6218] erofs: (device loop1): z_erofs_readahead: readahead error at folio 0 @ nid 89
[  134.885223][ T6218] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  134.960310][ T6218] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  135.016973][ T6218] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 89
[  135.040151][ T6224] fido_id[6224]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  135.056771][   T27] audit: type=1326 audit(1766718434.817:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.109311][   T27] audit: type=1326 audit(1766718434.817:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.171168][   T27] audit: type=1800 audit(1766718434.817:6): pid=6218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.87" name="file2" dev="loop1" ino=89 res=0 errno=0
[  135.249064][   T27] audit: type=1326 audit(1766718434.817:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.318240][   T27] audit: type=1326 audit(1766718434.817:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.418691][   T27] audit: type=1326 audit(1766718434.817:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.515931][   T27] audit: type=1326 audit(1766718434.817:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.551002][   T27] audit: type=1326 audit(1766718434.817:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.601203][   T27] audit: type=1326 audit(1766718434.817:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  135.655948][   T27] audit: type=1326 audit(1766718434.837:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6234 comm="syz.2.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c0238f749 code=0x7ffc0000
[  136.023638][   T23] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  136.218088][   T23] usb 3-1: unable to get BOS descriptor or descriptor too short
[  136.229388][   T23] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  136.240223][   T23] usb 3-1: config 1 has no interface number 1
[  136.246996][   T23] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  136.267090][   T23] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  136.276922][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.285794][   T23] usb 3-1: Product: syz
[  136.291317][   T23] usb 3-1: Manufacturer: syz
[  136.292517][ T5818] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  136.297608][   T23] usb 3-1: SerialNumber: syz
[  136.504307][ T5818] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  136.524302][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.547254][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.590176][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.610807][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.625914][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.641777][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.651419][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.669067][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.693912][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.702610][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.722610][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.734525][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.744734][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.772553][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.791440][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.804355][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.814581][ T6258] syz.1.98[6258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.814727][ T6258] syz.1.98[6258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.827845][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.854451][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.861485][ T6259] syz.1.98[6259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.861656][ T6259] syz.1.98[6259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.862672][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.896626][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  136.913134][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.931503][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.940674][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  136.950727][ T5818] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  136.982391][ T5818] usb 4-1: config 0 interface 0 has no altsetting 0
[  136.992068][ T5818] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  137.002083][ T5818] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  137.022442][ T5818] usb 4-1: Product: syz
[  137.026990][ T5818] usb 4-1: Manufacturer: syz
[  137.031897][ T5818] usb 4-1: SerialNumber: syz
[  137.056548][ T5818] usb 4-1: config 0 descriptor??
[  137.082986][ T5818] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  137.108225][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.137815][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.168549][    T8] usb 1-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[  137.187265][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.246329][    T8] usb 1-1: config 0 descriptor??
[  137.368195][ T5818] usb 4-1: USB disconnect, device number 3
[  137.379463][ T5818] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  138.310813][    T8] wacom 0003:056A:0016.0002: unknown main item tag 0x5
[  138.320706][    T8] wacom 0003:056A:0016.0002: unknown main item tag 0x1
[  138.329857][    T8] wacom 0003:056A:0016.0002: collection stack underflow
[  138.338687][    T8] wacom 0003:056A:0016.0002: item 0 2 0 12 parsing failed
[  138.349872][    T8] wacom 0003:056A:0016.0002: parse failed
[  138.356993][    T8] wacom: probe of 0003:056A:0016.0002 failed with error -22
[  138.372216][    T8] usb 1-1: USB disconnect, device number 3
[  138.685812][   T23] usb 3-1: 2:1 : invalid UAC_AS_GENERAL desc
[  138.759320][   T23] usb 3-1: USB disconnect, device number 5
[  138.866135][ T5774] udevd[5774]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  138.886021][ T6270] overlayfs: failed to resolve './file1': -2
[  140.722513][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  140.792428][  T969] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  140.916068][    T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.931452][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  140.945826][ T6274] loop0: detected capacity change from 0 to 32768
[  140.946068][    T8] usb 4-1: config 1 has no interface number 0
[  140.958845][    T8] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.973321][    T8] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  140.989029][    T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  141.001042][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.014716][  T969] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  141.017688][    T8] usb 4-1: Product: syz
[  141.028174][    T8] usb 4-1: Manufacturer: syz
[  141.034163][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.047119][    T8] usb 4-1: SerialNumber: syz
[  141.063702][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.096242][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.117350][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.142563][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.164738][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.186678][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.206894][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.232518][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.251685][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.273214][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.291876][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.313922][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.334171][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.375768][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.393653][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.418865][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.431088][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.440091][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.451002][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.463475][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.478884][  T969] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  141.489843][  T969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  141.502053][  T969] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.513214][  T969] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  141.532361][  T969] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  141.541132][  T969] usb 3-1: Product: syz
[  141.561423][  T969] usb 3-1: Manufacturer: syz
[  141.592666][  T969] usb 3-1: SerialNumber: syz
[  141.610898][  T969] usb 3-1: config 0 descriptor??
[  141.642987][  T969] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  141.678373][ T6297] loop0: detected capacity change from 0 to 1024
[  141.699055][ T6297] EXT4-fs: inline encryption not supported
[  141.710201][    T8] cdc_ncm 4-1:1.1: failed GET_NTB_PARAMETERS
[  141.711740][ T6297] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  141.722273][    T8] cdc_ncm 4-1:1.1: bind() failure
[  141.771648][    T8] usb 4-1: USB disconnect, device number 4
[  141.857695][  T969] usb 3-1: USB disconnect, device number 6
[  141.875007][  T969] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  141.906943][ T6297] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.309966][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.394547][ T6312] loop2: detected capacity change from 0 to 512
[  143.430923][ T6312] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.115: invalid block
[  143.453632][ T6312] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.115: invalid indirect mapped block 10 (level 1)
[  143.479708][ T6312] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.115: invalid indirect mapped block 8 (level 1)
[  143.519823][ T6312] EXT4-fs (loop2): 1 truncate cleaned up
[  143.537273][ T6312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.107092][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.238679][    T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  146.507145][ T6335] fuse: Unknown parameter 'grou00000000000000000000'
[  146.545006][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.562525][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.587601][    T8] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  146.604563][    T8] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  146.617386][    T8] usb 1-1: Manufacturer: syz
[  146.634485][    T8] usb 1-1: config 0 descriptor??
[  148.024358][ T6344] syz.1.121[6344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.024548][ T6344] syz.1.121[6344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.544226][    T8] usbhid 1-1:0.0: can't add hid device: -71
[  150.630296][    T8] usbhid: probe of 1-1:0.0 failed with error -71
[  150.682070][    T8] usb 1-1: USB disconnect, device number 4
[  151.072538][   T23] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  151.274081][   T23] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  151.306386][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.341018][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.409209][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.448461][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.502012][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.548324][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.572645][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.582210][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.613084][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.634438][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.646359][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.674198][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.692552][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.725187][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.767544][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.796480][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.806692][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.852776][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.861438][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.871014][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.893665][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.902577][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  151.911807][   T23] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  151.959811][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.990320][   T23] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  152.000515][   T23] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  152.018943][   T23] usb 4-1: Product: syz
[  152.023655][   T23] usb 4-1: Manufacturer: syz
[  152.030300][   T23] usb 4-1: SerialNumber: syz
[  152.045885][   T23] usb 4-1: config 0 descriptor??
[  152.076750][   T23] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  152.200919][ T6374] loop0: detected capacity change from 0 to 1024
[  152.224525][ T6374] EXT4-fs: inline encryption not supported
[  152.280985][ T6374] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  152.321032][    T9] usb 4-1: USB disconnect, device number 5
[  152.326143][ T6374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.344823][    T9] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  152.705469][ T6382] loop2: detected capacity change from 0 to 4096
[  152.974411][ T6382] EXT4-fs (loop2): Test dummy encryption mode enabled
[  153.023018][ T6382] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  153.031423][ T6382] System zones: 0-5
[  153.061475][ T6382] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.099115][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.150638][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.271672][ T6401] syz.0.136[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  154.271820][ T6401] syz.0.136[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.417454][ T6420] xt_CT: No such helper "snmp_trap"
[  155.817673][ T6424] loop2: detected capacity change from 0 to 1024
[  155.831049][ T6424] EXT4-fs: inline encryption not supported
[  155.862818][ T6424] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  155.919981][ T6424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.063901][ T6435] netlink: 8 bytes leftover after parsing attributes in process `syz.1.148'.
[  157.515823][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.311634][ T6460] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  158.369821][ T6460] loop3: detected capacity change from 0 to 512
[  159.620565][ T6467] hub 6-0:1.0: USB hub found
[  159.632759][ T6467] hub 6-0:1.0: 1 port detected
[  160.819633][ T6472] xt_hashlimit: max too large, truncated to 1048576
[  162.478672][ T6476] loop2: detected capacity change from 0 to 512
[  162.534636][ T6476] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.161: inode has both inline data and extents flags
[  162.590847][ T6476] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.161: couldn't read orphan inode 15 (err -117)
[  162.635552][ T6476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.700080][ T6485] syz.1.163 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  163.876350][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.936337][ T6505] loop3: detected capacity change from 0 to 128
[  166.881546][ T6509] Driver unsupported XDP return value 0 on prog  (id 81) dev N/A, expect packet loss!
[  167.949587][ T6518] xt_hashlimit: max too large, truncated to 1048576
[  168.092743][ T5852] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  168.407119][ T5852] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  168.477147][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  168.599590][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  168.891173][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  168.925280][ T6520] loop3: detected capacity change from 0 to 1024
[  168.949976][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  168.970365][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  168.982082][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  168.994293][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.012968][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.027379][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  169.036044][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.038716][ T6520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.049994][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.069503][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  169.078759][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.088369][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.099553][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  169.108094][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.118194][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  170.101587][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  170.115328][ T5852] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  170.405339][ T6530] netlink: 144 bytes leftover after parsing attributes in process `syz.1.173'.
[  170.416969][ T6530] netlink: 942 bytes leftover after parsing attributes in process `syz.1.173'.
[  171.172868][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.426364][ T5852] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.438862][ T5852] usb 3-1: config 0 interface 0 has no altsetting 0
[  171.592768][ T5852] usb 3-1: unable to read config index 7 descriptor/start: -71
[  171.600491][ T5852] usb 3-1: can't read configurations, error -71
[  172.475167][ T6547] xt_TCPMSS: Only works on TCP SYN packets
[  176.499040][ T6603] loop2: detected capacity change from 0 to 16
[  176.651663][ T6603] erofs: (device loop2): mounted with root inode @ nid 36.
[  177.761166][ T6610] loop0: detected capacity change from 0 to 1024
[  177.818940][ T6610] EXT4-fs: inline encryption not supported
[  177.910339][ T6610] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.074186][ T6610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.451323][ T6629] loop2: detected capacity change from 0 to 512
[  181.512531][ T6629] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.206: inode has both inline data and extents flags
[  181.574066][ T6629] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.206: couldn't read orphan inode 15 (err -117)
[  181.614787][ T6629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.750323][ T6629] EXT4-fs error (device loop2): ext4_add_entry:2486: inode #2: comm syz.2.206: Directory hole found for htree leaf block 0
[  182.550992][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.569918][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.130039][ T6656] loop3: detected capacity change from 0 to 1024
[  184.221288][ T6656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  184.242090][ T6656] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.262677][ T6656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  184.342545][ T5852] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  184.565463][ T5852] usb 3-1: New USB device found, idVendor=07c4, idProduct=a10b, bcdDevice=8e.07
[  184.606889][ T5852] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.639385][ T5852] usb 3-1: config 0 descriptor??
[  184.662207][ T5852] ums-datafab 3-1:0.0: USB Mass Storage device detected
[  185.335355][ T6672] loop2: detected capacity change from 0 to 512
[  185.638972][ T6672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.653667][ T6672] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.402648][ T5852] usb 3-1: USB disconnect, device number 9
[  188.434792][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.652724][ T6681] loop2: detected capacity change from 0 to 512
[  188.755001][ T6681] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  189.074620][ T6686] input: syz1 as /devices/virtual/input/input7
[  189.499002][ T6681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.687404][ T6681] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.730414][ T6681] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.218: corrupted inode contents
[  189.897419][ T6681] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #2: comm syz.2.218: mark_inode_dirty error
[  190.395842][ T6681] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.218: corrupted inode contents
[  190.458566][ T6681] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.218: mark_inode_dirty error
[  190.738437][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.327022][ T6718] input: syz1 as /devices/virtual/input/input8
[  191.556782][ T6719] loop0: detected capacity change from 0 to 1024
[  191.573786][ T6719] EXT4-fs: Ignoring removed nobh option
[  191.579812][ T6719] ext4: Unknown parameter 'smackfsdef'
[  193.491925][ T6732] loop2: detected capacity change from 0 to 4096
[  193.500334][ T6732] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.628172][ T6732] EXT4-fs (loop2): Test dummy encryption mode enabled
[  193.664930][ T6732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.729511][ T6732] 9pnet_fd: Insufficient options for proto=fd
[  193.794962][ T6725] loop0: detected capacity change from 0 to 4096
[  194.025222][ T6725] EXT4-fs (loop0): Test dummy encryption mode enabled
[  194.158973][ T6725] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  194.260458][ T6725] System zones: 0-5
[  194.470049][ T6725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.947887][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  194.959266][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  196.080590][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.575519][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.668663][ T6767] netlink: 20 bytes leftover after parsing attributes in process `syz.1.244'.
[  200.373206][ T6773] syz.3.242[6773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.373445][ T6773] syz.3.242[6773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.809632][ T6773] loop3: detected capacity change from 0 to 512
[  201.591850][ T6773] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.242: corrupted in-inode xattr: invalid ea_ino
[  201.656371][ T6773] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.242: couldn't read orphan inode 15 (err -117)
[  201.691003][ T6773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.007235][ T6780] loop2: detected capacity change from 0 to 256
[  203.427112][ T5779] Bluetooth: hci3: command 0x0406 tx timeout
[  203.435462][ T5779] Bluetooth: hci2: command 0x0406 tx timeout
[  203.441604][ T5779] Bluetooth: hci1: command 0x0406 tx timeout
[  203.449239][ T5779] Bluetooth: hci0: command 0x0406 tx timeout
[  204.481235][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.974446][ T6795] loop3: detected capacity change from 0 to 512
[  206.217334][ T6795] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.248: inode has both inline data and extents flags
[  206.226054][ T6783] loop0: detected capacity change from 0 to 40427
[  206.304991][ T6783] F2FS-fs (loop0): invalid crc value
[  206.386433][ T6783] F2FS-fs (loop0): Found nat_bits in checkpoint
[  206.404969][ T6795] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.248: couldn't read orphan inode 15 (err -117)
[  206.453154][ T6802] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  206.487768][ T6795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.604383][ T6783] F2FS-fs (loop0): Start checkpoint disabled!
[  206.640230][ T6783] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  207.089798][ T2944] kworker/u4:8: attempt to access beyond end of device
[  207.089798][ T2944] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  207.143997][ T2944] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  207.182491][ T2944] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  208.836922][ T6821] loop2: detected capacity change from 0 to 1024
[  208.901506][ T6821] EXT4-fs: Ignoring removed orlov option
[  208.950178][ T6821] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #4: comm syz.2.258: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  208.972731][ T6821] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.258: Bad quota inode: 4, type: 1
[  209.026134][ T6821] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  209.093284][ T6821] EXT4-fs (loop2): mount failed
[  209.411030][ T6826] fuse: Bad value for 'fd'
[  209.428134][ T6828] loop0: detected capacity change from 0 to 1024
[  209.474681][ T6828] EXT4-fs: inline encryption not supported
[  209.504742][ T6828] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  209.575880][ T6828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.788530][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.162729][ T6846] loop2: detected capacity change from 0 to 256
[  211.206050][ T6846] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  211.352657][ T6846] exFAT-fs (loop2): IO charset ÿÿÿÿi not found
[  212.112630][ T6856] loop0: detected capacity change from 0 to 1024
[  212.147247][ T6856] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.288439][ T6856] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.633077][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.629957][ T6864] xt_hashlimit: Unknown mode mask 2000, kernel too old?
[  214.300997][ T6875] loop3: detected capacity change from 0 to 512
[  214.426128][ T6875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.612477][ T6875] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  214.748908][ T6875] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.272: bg 0: block 145: padding at end of block bitmap is not set
[  214.892725][ T6880] loop2: detected capacity change from 0 to 40427
[  214.910626][ T6880] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  214.919016][ T6880] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  214.943551][ T6880] F2FS-fs (loop2): invalid crc value
[  214.963305][ T6880] F2FS-fs (loop2): Found nat_bits in checkpoint
[  215.025368][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.052382][ T6880] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  215.060050][ T6880] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  220.934501][ T6923] loop2: detected capacity change from 0 to 512
[  221.015063][ T6923] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  221.720084][ T6923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.787055][ T6923] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.887323][ T6923] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.284: corrupted inode contents
[  221.950158][ T6923] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #2: comm syz.2.284: mark_inode_dirty error
[  221.989677][ T6923] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #2: comm syz.2.284: corrupted inode contents
[  222.017954][ T6923] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.284: mark_inode_dirty error
[  222.190570][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.976984][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.127643][ T6966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.294'.
[  228.681144][ T6980] loop3: detected capacity change from 0 to 256
[  228.883620][ T6980] FAT-fs (loop3): Directory bread(block 64) failed
[  228.933369][ T6980] FAT-fs (loop3): Directory bread(block 65) failed
[  228.940729][ T6980] FAT-fs (loop3): Directory bread(block 66) failed
[  228.974059][ T6983] loop0: detected capacity change from 0 to 256
[  228.975025][ T6980] FAT-fs (loop3): Directory bread(block 67) failed
[  228.988638][ T6980] FAT-fs (loop3): Directory bread(block 68) failed
[  228.996462][ T6980] FAT-fs (loop3): Directory bread(block 69) failed
[  229.003513][ T6980] FAT-fs (loop3): Directory bread(block 70) failed
[  229.010677][ T6980] FAT-fs (loop3): Directory bread(block 71) failed
[  229.019826][ T6980] FAT-fs (loop3): Directory bread(block 72) failed
[  229.027830][ T6980] FAT-fs (loop3): Directory bread(block 73) failed
[  229.410252][ T6988] loop3: detected capacity change from 0 to 1024
[  229.682690][ T6988] EXT4-fs: Ignoring removed nobh option
[  229.885117][ T6988] EXT4-fs: Ignoring removed bh option
[  230.097046][ T6988] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  230.180940][ T6988] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  230.316663][ T6988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.849525][ T6998] loop2: detected capacity change from 0 to 256
[  232.345406][ T6991] syz.0.302: vmalloc error: size 113704960, failed to allocated page array size 222080, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  232.392128][ T6991] CPU: 0 PID: 6991 Comm: syz.0.302 Not tainted syzkaller #0
[  232.399955][ T6991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  232.410328][ T6991] Call Trace:
[  232.413649][ T6991]  <TASK>
[  232.416625][ T6991]  dump_stack_lvl+0x16c/0x230
[  232.421370][ T6991]  ? show_regs_print_info+0x20/0x20
[  232.426781][ T6991]  ? load_image+0x3b0/0x3b0
[  232.431590][ T6991]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  232.439021][ T6991]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  232.446021][ T6991]  warn_alloc+0x210/0x300
[  232.450965][ T6991]  ? zone_watermark_ok_safe+0x230/0x230
[  232.457493][ T6991]  ? _raw_spin_unlock+0x28/0x40
[  232.463108][ T6991]  __vmalloc_node_range+0x662/0x1320
[  232.468954][ T6991]  ? bpf_trace_run2+0x26f/0x3c0
[  232.473889][ T6991]  ? bpf_trace_run1+0x3b0/0x3b0
[  232.479226][ T6991]  ? translate_table+0x1b38/0x1f70
[  232.485417][ T6991]  ? free_vm_area+0x50/0x50
[  232.490332][ T6991]  ? __do_replace+0xb0/0xa90
[  232.495330][ T6991]  vzalloc+0x79/0x90
[  232.499462][ T6991]  ? __do_replace+0xb0/0xa90
[  232.504262][ T6991]  __do_replace+0xb0/0xa90
[  232.509265][ T6991]  ? arpt_register_table+0x690/0x690
[  232.515477][ T6991]  ? translate_compat_table+0x1740/0x1740
[  232.521852][ T6991]  ? __might_fault+0xaa/0x120
[  232.526981][ T6991]  ? __might_fault+0xc6/0x120
[  232.531873][ T6991]  ? __might_fault+0xaa/0x120
[  232.537677][ T6991]  do_arpt_set_ctl+0xa23/0xef0
[  232.543083][ T6991]  ? do_ip_setsockopt+0x1b86/0x2cf0
[  232.548446][ T6991]  ? arpt_unregister_table+0x50/0x50
[  232.554340][ T6991]  ? nf_setsockopt+0x21c/0x280
[  232.559259][ T6991]  ? __lock_acquire+0x7c80/0x7c80
[  232.564417][ T6991]  ? rcu_is_watching+0x15/0xb0
[  232.569303][ T6991]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  232.575096][ T6991]  ? mutex_unlock+0x10/0x10
[  232.579809][ T6991]  ? aa_sk_perm+0x7fc/0x930
[  232.584464][ T6991]  ? aa_af_perm+0x2b0/0x2b0
[  232.589187][ T6991]  nf_setsockopt+0x263/0x280
[  232.593824][ T6991]  ? sock_common_recvmsg+0x1b0/0x1b0
[  232.599248][ T6991]  do_sock_setsockopt+0x175/0x1a0
[  232.604303][ T6991]  ? __fdget+0x180/0x210
[  232.608742][ T6991]  __x64_sys_setsockopt+0x184/0x200
[  232.614343][ T6991]  do_syscall_64+0x55/0xb0
[  232.618884][ T6991]  ? clear_bhb_loop+0x40/0x90
[  232.623670][ T6991]  ? clear_bhb_loop+0x40/0x90
[  232.628547][ T6991]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  232.635645][ T6991] RIP: 0033:0x7ff05998f749
[  232.640377][ T6991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.660393][ T6991] RSP: 002b:00007ff05a7d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  232.669635][ T6991] RAX: ffffffffffffffda RBX: 00007ff059be5fa0 RCX: 00007ff05998f749
[  232.678096][ T6991] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000005
[  232.686366][ T6991] RBP: 00007ff059a13f91 R08: 0000000000000438 R09: 0000000000000000
[  232.694809][ T6991] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  232.703966][ T6991] R13: 00007ff059be6038 R14: 00007ff059be5fa0 R15: 00007fff9218fd68
[  232.712885][ T6991]  </TASK>
[  232.731531][ T6991] Mem-Info:
[  232.738133][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.755085][ T6991] active_anon:5431 inactive_anon:0 isolated_anon:0
[  232.755085][ T6991]  active_file:4725 inactive_file:39974 isolated_file:0
[  232.755085][ T6991]  unevictable:768 dirty:94 writeback:0
[  232.755085][ T6991]  slab_reclaimable:10351 slab_unreclaimable:90959
[  232.755085][ T6991]  mapped:24239 shmem:1490 pagetables:526
[  232.755085][ T6991]  sec_pagetables:0 bounce:0
[  232.755085][ T6991]  kernel_misc_reclaimable:0
[  232.755085][ T6991]  free:1354885 free_pcp:13347 free_cma:0
[  232.821691][ T6991] Node 0 active_anon:21624kB inactive_anon:0kB active_file:18900kB inactive_file:159696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96956kB dirty:376kB writeback:0kB shmem:4424kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11192kB pagetables:2004kB sec_pagetables:0kB all_unreclaimable? no
[  232.862594][ T6991] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  232.922716][ T6991] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  232.951730][ T6991] lowmem_reserve[]: 0 2525 2526 2526 2526
[  232.970604][ T6991] Node 0 DMA32 free:1530196kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21280kB inactive_anon:0kB active_file:18900kB inactive_file:158372kB unevictable:1536kB writepending:376kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:14596kB local_pcp:14176kB free_cma:0kB
[  233.002138][ T6991] lowmem_reserve[]: 0 0 1 1 1
[  233.007457][ T6991] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  233.038291][ T6991] lowmem_reserve[]: 0 0 0 0 0
[  233.044178][ T6991] Node 1 Normal free:3892252kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18592kB local_pcp:10368kB free_cma:0kB
[  233.075867][ T6991] lowmem_reserve[]: 0 0 0 0 0
[  233.081047][ T6991] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  233.108038][ T6991] Node 0 DMA32: 3*4kB (UME) 96*8kB (UME) 387*16kB (UM) 333*32kB (UME) 235*64kB (UME) 98*128kB (UME) 45*256kB (UME) 7*512kB (M) 5*1024kB (M) 3*2048kB (UME) 355*4096kB (M) = 1525660kB
[  233.135152][ T6991] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  233.150929][ T6991] Node 1 Normal: 247*4kB (UE) 44*8kB (UE) 32*16kB (UE) 111*32kB (UE) 18*64kB (UME) 9*128kB (UME) 0*256kB 3*512kB (UME) 2*1024kB (UE) 1*2048kB (E) 947*4096kB (M) = 3892252kB
[  233.175866][ T6991] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  233.188262][ T6991] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  233.200034][ T6991] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  233.218857][ T6991] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  233.233266][ T6991] 48912 total pagecache pages
[  233.238511][ T6991] 0 pages in swap cache
[  233.244512][ T6991] Free swap  = 124472kB
[  233.250236][ T6991] Total swap = 124996kB
[  233.255409][ T6991] 2097051 pages RAM
[  233.259280][ T6991] 0 pages HighMem/MovableOnly
[  233.264136][ T6991] 416127 pages reserved
[  233.268784][ T6991] 0 pages cma reserved
[  233.343419][ T7011] syz.3.306[7011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  233.344659][ T7011] syz.3.306[7011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  233.416862][ T7011] loop3: detected capacity change from 0 to 512
[  233.626872][ T7011] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.306: corrupted in-inode xattr: invalid ea_ino
[  233.656564][ T7011] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.306: couldn't read orphan inode 15 (err -117)
[  233.684822][ T7011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.316573][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.822094][ T7040] loop2: detected capacity change from 0 to 1024
[  236.837524][ T7040] EXT4-fs: Ignoring removed orlov option
[  237.670282][ T7056] loop0: detected capacity change from 0 to 256
[  237.887797][ T7056] FAT-fs (loop0): Directory bread(block 64) failed
[  237.896268][ T7056] FAT-fs (loop0): Directory bread(block 65) failed
[  237.904439][ T7056] FAT-fs (loop0): Directory bread(block 66) failed
[  237.911718][ T7056] FAT-fs (loop0): Directory bread(block 67) failed
[  237.919993][ T7056] FAT-fs (loop0): Directory bread(block 68) failed
[  237.927910][ T7056] FAT-fs (loop0): Directory bread(block 69) failed
[  237.936588][ T7056] FAT-fs (loop0): Directory bread(block 70) failed
[  237.944505][ T7056] FAT-fs (loop0): Directory bread(block 71) failed
[  237.952804][ T7056] FAT-fs (loop0): Directory bread(block 72) failed
[  237.960652][ T7056] FAT-fs (loop0): Directory bread(block 73) failed
[  238.346218][ T7040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.163761][   T27] kauditd_printk_skb: 374 callbacks suppressed
[  239.163780][   T27] audit: type=1804 audit(1766718538.947:388): pid=7043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.315" name="/newroot/83/bus/bus" dev="loop2" ino=18 res=1 errno=0
[  239.396128][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.587240][ T7092] netlink: 36 bytes leftover after parsing attributes in process `syz.3.329'.
[  242.123081][ T7108] fuse: Bad value for 'fd'
[  242.405589][ T7115] overlayfs: failed to clone upperpath
[  244.152661][    T8] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  244.161713][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.177084][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.189054][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.202878][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x4
[  244.203040][ T7144] loop2: detected capacity change from 0 to 128
[  244.210901][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.227275][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.235269][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.298676][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x2
[  244.315415][ T7145] syz.2.344: attempt to access beyond end of device
[  244.315415][ T7145] loop2: rw=2049, sector=145, nr_sectors = 352 limit=128
[  244.328159][ T5818] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  244.366291][    T8] usb 1-1: config index 0 descriptor too short (expected 324, got 68)
[  244.382997][ T5818] hid-generic 00A0:0006:0003.0003: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  244.405000][    T8] usb 1-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  244.436264][ T7144] syz.2.344: attempt to access beyond end of device
[  244.436264][ T7144] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  244.448663][    T8] usb 1-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  244.490151][    T8] usb 1-1: config 253 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  244.499236][ T7144] syz.2.344: attempt to access beyond end of device
[  244.499236][ T7144] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.553400][ T7145] syz.2.344: attempt to access beyond end of device
[  244.553400][ T7145] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.567085][    T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  244.580594][ T7146] fido_id[7146]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  244.597228][ T7144] syz.2.344: attempt to access beyond end of device
[  244.597228][ T7144] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.602521][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  244.644250][    T8] usb 1-1: SerialNumber: syz
[  244.678168][ T7145] syz.2.344: attempt to access beyond end of device
[  244.678168][ T7145] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.694770][ T7148] fuse: Bad value for 'fd'
[  244.738503][ T7144] syz.2.344: attempt to access beyond end of device
[  244.738503][ T7144] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.758986][ T7144] syz.2.344: attempt to access beyond end of device
[  244.758986][ T7144] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.784168][ T7145] syz.2.344: attempt to access beyond end of device
[  244.784168][ T7145] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  244.857216][ T7145] syz.2.344: attempt to access beyond end of device
[  244.857216][ T7145] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  245.567528][    T8] rndis_wlan 1-1:253.0: skipping garbage
[  245.600059][    T8] rndis_wlan: probe of 1-1:253.0 failed with error -22
[  247.352888][    T8] rndis_host 1-1:253.0: skipping garbage
[  247.360659][    T8] rndis_host: probe of 1-1:253.0 failed with error -22
[  247.378691][    T8] usb 1-1: USB disconnect, device number 5
[  247.667286][ T7182] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  247.685211][ T7182] loop0: detected capacity change from 0 to 512
[  249.493340][ T7189] fuse: Bad value for 'fd'
[  249.845652][ T7196] loop3: detected capacity change from 0 to 512
[  249.855184][ T7196] EXT4-fs: Ignoring removed nomblk_io_submit option
[  249.863392][ T7196] EXT4-fs: Ignoring removed bh option
[  250.130447][ T7196] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  250.201971][ T7196] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  250.300854][ T7196] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #11: comm syz.3.359: corrupted inode contents
[  250.409902][ T7196] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #11: comm syz.3.359: mark_inode_dirty error
[  250.493057][ T7196] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.359: invalid indirect mapped block 1 (level 1)
[  250.566699][ T7196] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #11: comm syz.3.359: corrupted inode contents
[  250.632437][ T7196] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  250.687594][ T7196] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #11: comm syz.3.359: corrupted inode contents
[  250.742778][ T7196] EXT4-fs error (device loop3): ext4_truncate:4294: inode #11: comm syz.3.359: mark_inode_dirty error
[  250.793832][ T7196] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  250.819085][ T7196] EXT4-fs (loop3): 1 truncate cleaned up
[  250.850573][ T7196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.090115][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.949420][   T27] audit: type=1326 audit(1766718551.727:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7204 comm="syz.0.361" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff05998f749 code=0x0
[  252.980974][ T7213] syz.0.363[7213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.981126][ T7213] syz.0.363[7213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.225226][ T7220] syz.2.362[7220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.239192][ T7220] syz.2.362[7220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.311043][ T7220] loop2: detected capacity change from 0 to 512
[  253.373501][ T7221] input: syz1 as /devices/virtual/input/input9
[  253.875179][ T7220] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.362: corrupted in-inode xattr: invalid ea_ino
[  253.900823][ T7220] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.362: couldn't read orphan inode 15 (err -117)
[  253.936148][ T7220] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.683794][ T7232] loop0: detected capacity change from 0 to 256
[  255.877238][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.050513][ T7232] FAT-fs (loop0): Directory bread(block 64) failed
[  256.057683][ T7232] FAT-fs (loop0): Directory bread(block 65) failed
[  256.065488][ T7232] FAT-fs (loop0): Directory bread(block 66) failed
[  256.072504][ T7232] FAT-fs (loop0): Directory bread(block 67) failed
[  256.080025][ T7232] FAT-fs (loop0): Directory bread(block 68) failed
[  256.087515][ T7232] FAT-fs (loop0): Directory bread(block 69) failed
[  256.095164][ T7232] FAT-fs (loop0): Directory bread(block 70) failed
[  256.102171][ T7232] FAT-fs (loop0): Directory bread(block 71) failed
[  256.110046][ T7232] FAT-fs (loop0): Directory bread(block 72) failed
[  256.116895][ T7232] FAT-fs (loop0): Directory bread(block 73) failed
[  256.393584][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  256.417617][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  259.172549][ T7250] loop0: detected capacity change from 0 to 512
[  259.461662][ T7250] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.372: bg 0: block 393: padding at end of block bitmap is not set
[  259.486319][ T7250] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  259.510536][ T7250] EXT4-fs (loop0): 2 truncates cleaned up
[  259.526342][ T7250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.449839][ T2905] Bluetooth: hci4: Frame reassembly failed (-84)
[  262.307508][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.442685][   T51] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  264.420364][ T7275] syz.3.378[7275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.421429][ T7275] syz.3.378[7275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.491436][ T7275] loop3: detected capacity change from 0 to 512
[  264.799817][ T7275] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.378: corrupted in-inode xattr: invalid ea_ino
[  264.830359][ T7275] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.378: couldn't read orphan inode 15 (err -117)
[  264.856549][ T7275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.805681][ T7283] netlink: 24 bytes leftover after parsing attributes in process `syz.1.381'.
[  267.334678][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.514750][ T7285] loop2: detected capacity change from 0 to 128
[  267.691519][ T7285] EXT4-fs (loop2): Test dummy encryption mode enabled
[  267.730227][ T7285] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 576460752303423507)!
[  267.772391][ T7285] EXT4-fs (loop2): group descriptors corrupted!
[  268.293468][ T7297] overlayfs: failed to resolve './file0': -2
[  269.318094][ T7307] loop3: detected capacity change from 0 to 256
[  270.409965][ T5756] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  270.973074][ T5756] usb 3-1: device descriptor read/64, error -71
[  271.402407][ T5756] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  271.459945][ T7320] syz.3.392[7320] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  271.461090][ T7320] syz.3.392[7320] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  271.533848][ T7320] loop3: detected capacity change from 0 to 512
[  271.632544][ T5756] usb 3-1: device descriptor read/64, error -71
[  271.777280][ T7320] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.392: corrupted in-inode xattr: invalid ea_ino
[  271.795806][ T7320] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.392: couldn't read orphan inode 15 (err -117)
[  271.824521][ T7320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.930705][ T5756] usb usb3-port1: attempt power cycle
[  274.066564][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.442112][ T7332] loop3: detected capacity change from 0 to 256
[  274.472869][ T5756] usb usb3-port1: Cannot enable. Maybe the USB cable is bad?
[  274.583139][ T7332] FAT-fs (loop3): Directory bread(block 64) failed
[  274.605343][ T7332] FAT-fs (loop3): Directory bread(block 65) failed
[  274.626467][ T7332] FAT-fs (loop3): Directory bread(block 66) failed
[  274.652006][ T5756] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  274.666769][ T7332] FAT-fs (loop3): Directory bread(block 67) failed
[  274.684772][ T7332] FAT-fs (loop3): Directory bread(block 68) failed
[  274.703771][ T7332] FAT-fs (loop3): Directory bread(block 69) failed
[  274.731192][ T7332] FAT-fs (loop3): Directory bread(block 70) failed
[  274.742420][ T5756] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.778717][ T5756] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  274.790138][ T7332] FAT-fs (loop3): Directory bread(block 71) failed
[  274.810404][ T7332] FAT-fs (loop3): Directory bread(block 72) failed
[  274.851877][ T7332] FAT-fs (loop3): Directory bread(block 73) failed
[  274.860579][ T5756] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  274.879895][ T5756] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.915408][ T5756] usb 3-1: Product: syz
[  274.920031][ T5756] usb 3-1: Manufacturer: syz
[  274.950542][ T5756] usb 3-1: SerialNumber: syz
[  275.222151][ T7328] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  275.693813][ T5756] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  275.752887][ T5756] cdc_ncm 3-1:1.0: bind() failure
[  275.790001][ T5756] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  275.810541][ T5756] cdc_ncm 3-1:1.1: bind() failure
[  275.852495][ T5756] usb 3-1: USB disconnect, device number 13
[  277.103299][ T7344] xt_CT: No such helper "snmp_trap"
[  277.457359][   T27] audit: type=1326 audit(1766718577.217:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.1.401" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff111f8f749 code=0x0
[  279.313152][ T7354] syz.2.403[7354] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  279.313388][ T7354] syz.2.403[7354] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  279.769810][ T7354] loop2: detected capacity change from 0 to 512
[  280.213056][ T7354] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.403: corrupted in-inode xattr: invalid ea_ino
[  280.267858][ T7354] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.403: couldn't read orphan inode 15 (err -117)
[  280.304608][ T7354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.175834][ T7362] netlink: 24 bytes leftover after parsing attributes in process `syz.0.404'.
[  282.698385][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.308230][ T7375] overlayfs: failed to clone upperpath
[  284.549870][ T7379] loop3: detected capacity change from 0 to 512
[  284.661606][ T7379] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.407: inode has both inline data and extents flags
[  284.687681][ T7379] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.407: couldn't read orphan inode 15 (err -117)
[  284.722180][ T7379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.387804][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.682493][ T5818] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  288.580774][ T7399] loop2: detected capacity change from 0 to 2048
[  289.422288][   T27] audit: type=1326 audit(1766718588.127:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7394 comm="syz.2.415" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2c0238f749 code=0x0
[  289.444228][ T5818] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  290.206088][ T7402] loop3: detected capacity change from 0 to 1024
[  290.292188][ T7402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.411839][ T7402] ==================================================================
[  290.419992][ T7402] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[  290.427777][ T7402] Read of size 18446744073709551588 at addr ffff88807c526840 by task syz.3.413/7402
[  290.437400][ T7402] 
[  290.439993][ T7402] CPU: 1 PID: 7402 Comm: syz.3.413 Not tainted syzkaller #0
[  290.447402][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  290.458358][ T7402] Call Trace:
[  290.461930][ T7402]  <TASK>
[  290.464890][ T7402]  dump_stack_lvl+0x16c/0x230
[  290.469803][ T7402]  ? read_lock_is_recursive+0x20/0x20
[  290.475345][ T7402]  ? show_regs_print_info+0x20/0x20
[  290.480666][ T7402]  ? load_image+0x3b0/0x3b0
[  290.485202][ T7402]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  290.490976][ T7402]  ? __virt_addr_valid+0x18c/0x540
[  290.496226][ T7402]  ? __virt_addr_valid+0x469/0x540
[  290.501380][ T7402]  print_report+0xac/0x220
[  290.505849][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  290.511442][ T7402]  kasan_report+0x117/0x150
[  290.515976][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  290.521466][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  290.527139][ T7402]  kasan_check_range+0x288/0x290
[  290.532110][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  290.537695][ T7402]  __asan_memmove+0x29/0x70
[  290.542323][ T7402]  ext4_xattr_set_entry+0x94b/0x1e90
[  290.547652][ T7402]  ext4_xattr_block_set+0xae3/0x32a0
[  290.552978][ T7402]  ? ext4_destroy_inode+0x200/0x200
[  290.558313][ T7402]  ? proc_nr_inodes+0x230/0x230
[  290.563307][ T7402]  ? do_raw_spin_unlock+0x121/0x230
[  290.568639][ T7402]  ? _raw_spin_unlock+0x28/0x40
[  290.573618][ T7402]  ? ext4_xattr_block_find+0x350/0x350
[  290.579118][ T7402]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  290.584613][ T7402]  ext4_xattr_set_handle+0x10a1/0x1290
[  290.590491][ T7402]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  290.596559][ T7402]  ? __ext4_journal_start_sb+0x259/0x570
[  290.602416][ T7402]  ext4_xattr_set+0x22d/0x320
[  290.607219][ T7402]  ? end_current_label_crit_section+0x170/0x170
[  290.613505][ T7402]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  290.619182][ T7402]  ? posix_xattr_acl+0x93/0xb0
[  290.623992][ T7402]  ? evm_protect_xattr+0x36d/0x7a0
[  290.629136][ T7402]  ? ext4_xattr_trusted_get+0x40/0x40
[  290.634627][ T7402]  __vfs_setxattr+0x431/0x470
[  290.639598][ T7402]  __vfs_setxattr_noperm+0x12d/0x5e0
[  290.644999][ T7402]  vfs_setxattr+0x16c/0x2f0
[  290.649536][ T7402]  ? xattr_permission+0x470/0x470
[  290.654869][ T7402]  ? __mnt_want_write+0x223/0x2a0
[  290.659963][ T7402]  ? path_setxattr+0x314/0x550
[  290.664774][ T7402]  path_setxattr+0x362/0x550
[  290.669416][ T7402]  ? simple_xattrs_free+0x150/0x150
[  290.674759][ T7402]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  290.680866][ T7402]  ? lock_chain_count+0x20/0x20
[  290.685763][ T7402]  __x64_sys_lsetxattr+0xb8/0xd0
[  290.690873][ T7402]  do_syscall_64+0x55/0xb0
[  290.695434][ T7402]  ? clear_bhb_loop+0x40/0x90
[  290.700264][ T7402]  ? clear_bhb_loop+0x40/0x90
[  290.705178][ T7402]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.711650][ T7402] RIP: 0033:0x7feea558f749
[  290.716194][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.735974][ T7402] RSP: 002b:00007feea6517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  290.744529][ T7402] RAX: ffffffffffffffda RBX: 00007feea57e5fa0 RCX: 00007feea558f749
[  290.752625][ T7402] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  290.761426][ T7402] RBP: 00007feea5613f91 R08: 0000000000000000 R09: 0000000000000000
[  290.769699][ T7402] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  290.777722][ T7402] R13: 00007feea57e6038 R14: 00007feea57e5fa0 R15: 00007fff0dd3a448
[  290.785754][ T7402]  </TASK>
[  290.788823][ T7402] 
[  290.791260][ T7402] Allocated by task 7402:
[  290.795634][ T7402]  kasan_set_track+0x4e/0x70
[  290.800264][ T7402]  __kasan_kmalloc+0x8f/0xa0
[  290.805155][ T7402]  __kmalloc_node_track_caller+0xb2/0x230
[  290.811202][ T7402]  kmemdup+0x2b/0x70
[  290.815151][ T7402]  ext4_xattr_block_set+0x9e5/0x32a0
[  290.820848][ T7402]  ext4_xattr_set_handle+0x10a1/0x1290
[  290.826402][ T7402]  ext4_xattr_set+0x22d/0x320
[  290.831293][ T7402]  __vfs_setxattr+0x431/0x470
[  290.836117][ T7402]  __vfs_setxattr_noperm+0x12d/0x5e0
[  290.841636][ T7402]  vfs_setxattr+0x16c/0x2f0
[  290.846174][ T7402]  path_setxattr+0x362/0x550
[  290.850813][ T7402]  __x64_sys_lsetxattr+0xb8/0xd0
[  290.855785][ T7402]  do_syscall_64+0x55/0xb0
[  290.860432][ T7402]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.866454][ T7402] 
[  290.868829][ T7402] The buggy address belongs to the object at ffff88807c526800
[  290.868829][ T7402]  which belongs to the cache kmalloc-1k of size 1024
[  290.883493][ T7402] The buggy address is located 64 bytes inside of
[  290.883493][ T7402]  1024-byte region [ffff88807c526800, ffff88807c526c00)
[  290.897182][ T7402] 
[  290.899536][ T7402] The buggy address belongs to the physical page:
[  290.906415][ T7402] page:ffffea0001f14800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c520
[  290.911348][ T5818] usb 1-1: unable to read config index 0 descriptor/start: -71
[  290.916766][ T7402] head:ffffea0001f14800 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  290.916789][ T7402] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  290.916806][ T7402] page_type: 0xffffffff()
[  290.916823][ T7402] raw: 00fff00000000840 ffff888017841dc0 0000000000000000 dead000000000001
[  290.916837][ T7402] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  290.916846][ T7402] page dumped because: kasan: bad access detected
[  290.916854][ T7402] page_owner tracks the page as allocated
[  290.916859][ T7402] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 2922, tgid 2922 (kworker/u4:7), ts 134568433296, free_ts 134563338752
[  290.916892][ T7402]  post_alloc_hook+0x1cd/0x210
[  290.916921][ T7402]  get_page_from_freelist+0x195c/0x19f0
[  290.916945][ T7402]  __alloc_pages+0x1e3/0x460
[  290.916965][ T7402]  alloc_slab_page+0x5d/0x170
[  290.916988][ T7402]  new_slab+0x87/0x2e0
[  290.917009][ T7402]  ___slab_alloc+0xc6d/0x1300
[  290.917030][ T7402]  __kmem_cache_alloc_node+0x1a2/0x260
[  290.917052][ T7402]  __kmalloc+0xa4/0x240
[  290.917073][ T7402]  ieee802_11_parse_elems_full+0xb9/0x2080
[  290.917100][ T7402]  ieee80211_ibss_rx_queued_mgmt+0x49b/0x2ac0
[  290.989917][ T5818] usb 1-1: can't read configurations, error -71
[  290.998186][ T7402]  ieee80211_iface_work+0x717/0xc70
[  290.998220][ T7402]  cfg80211_wiphy_work+0x225/0x260
[  290.998237][ T7402]  process_scheduled_works+0xa45/0x15b0
[  290.998257][ T7402]  worker_thread+0xa55/0xfc0
[  290.998274][ T7402]  kthread+0x2fa/0x390
[  290.998288][ T7402]  ret_from_fork+0x48/0x80
[  290.998306][ T7402] page last free stack trace:
[  290.998313][ T7402]  free_unref_page_prepare+0x7ce/0x8e0
[  290.998336][ T7402]  free_unref_page+0x32/0x2e0
[  291.100595][ T7402]  __unfreeze_partials+0x1cf/0x210
[  291.105765][ T7402]  put_cpu_partial+0x17c/0x250
[  291.110582][ T7402]  __slab_free+0x31d/0x410
[  291.115310][ T7402]  qlist_free_all+0x75/0xe0
[  291.119846][ T7402]  kasan_quarantine_reduce+0x143/0x160
[  291.125323][ T7402]  __kasan_slab_alloc+0x22/0x80
[  291.130188][ T7402]  slab_post_alloc_hook+0x6e/0x4d0
[  291.135411][ T7402]  kmem_cache_alloc+0x11e/0x2e0
[  291.140372][ T7402]  __anon_vma_prepare+0xbe/0x430
[  291.145404][ T7402]  handle_mm_fault+0x3cf1/0x4920
[  291.150616][ T7402]  __get_user_pages+0x5ea/0x1470
[  291.155848][ T7402]  get_user_pages_remote+0x3de/0xc10
[  291.161157][ T7402]  get_arg_page+0x29e/0x5a0
[  291.165679][ T7402]  copy_string_kernel+0x165/0x220
[  291.170889][ T7402] 
[  291.173218][ T7402] Memory state around the buggy address:
[  291.178863][ T7402]  ffff88807c526700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  291.187063][ T7402]  ffff88807c526780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  291.195190][ T7402] >ffff88807c526800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  291.203354][ T7402]                                            ^
[  291.209618][ T7402]  ffff88807c526880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  291.217776][ T7402]  ffff88807c526900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  291.226135][ T7402] ==================================================================
[  292.317822][ T7402] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  292.325199][ T7402] CPU: 0 PID: 7402 Comm: syz.3.413 Not tainted syzkaller #0
[  292.332982][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  292.343381][ T7402] Call Trace:
[  292.346918][ T7402]  <TASK>
[  292.349987][ T7402]  dump_stack_lvl+0x16c/0x230
[  292.354740][ T7402]  ? show_regs_print_info+0x20/0x20
[  292.360615][ T7402]  ? load_image+0x3b0/0x3b0
[  292.365366][ T7402]  panic+0x2c0/0x710
[  292.369949][ T7402]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  292.376973][ T7402]  ? bpf_jit_dump+0xd0/0xd0
[  292.382360][ T7402]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  292.388706][ T7402]  ? _raw_spin_unlock+0x40/0x40
[  292.393912][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  292.399596][ T7402]  check_panic_on_warn+0x84/0xa0
[  292.404659][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  292.410330][ T7402]  end_report+0x6f/0x140
[  292.414613][ T7402]  kasan_report+0x128/0x150
[  292.419245][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  292.424927][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  292.431138][ T7402]  kasan_check_range+0x288/0x290
[  292.436158][ T7402]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  292.441679][ T7402]  __asan_memmove+0x29/0x70
[  292.446319][ T7402]  ext4_xattr_set_entry+0x94b/0x1e90
[  292.451657][ T7402]  ext4_xattr_block_set+0xae3/0x32a0
[  292.457173][ T7402]  ? ext4_destroy_inode+0x200/0x200
[  292.462516][ T7402]  ? proc_nr_inodes+0x230/0x230
[  292.467585][ T7402]  ? do_raw_spin_unlock+0x121/0x230
[  292.473074][ T7402]  ? _raw_spin_unlock+0x28/0x40
[  292.477980][ T7402]  ? ext4_xattr_block_find+0x350/0x350
[  292.483663][ T7402]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  292.489252][ T7402]  ext4_xattr_set_handle+0x10a1/0x1290
[  292.494938][ T7402]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  292.500964][ T7402]  ? __ext4_journal_start_sb+0x259/0x570
[  292.506992][ T7402]  ext4_xattr_set+0x22d/0x320
[  292.511737][ T7402]  ? end_current_label_crit_section+0x170/0x170
[  292.518059][ T7402]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  292.524083][ T7402]  ? posix_xattr_acl+0x93/0xb0
[  292.529065][ T7402]  ? evm_protect_xattr+0x36d/0x7a0
[  292.534217][ T7402]  ? ext4_xattr_trusted_get+0x40/0x40
[  292.539782][ T7402]  __vfs_setxattr+0x431/0x470
[  292.544994][ T7402]  __vfs_setxattr_noperm+0x12d/0x5e0
[  292.550378][ T7402]  vfs_setxattr+0x16c/0x2f0
[  292.555078][ T7402]  ? xattr_permission+0x470/0x470
[  292.560544][ T7402]  ? __mnt_want_write+0x223/0x2a0
[  292.565704][ T7402]  ? path_setxattr+0x314/0x550
[  292.570567][ T7402]  path_setxattr+0x362/0x550
[  292.575777][ T7402]  ? simple_xattrs_free+0x150/0x150
[  292.581008][ T7402]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  292.587000][ T7402]  ? lock_chain_count+0x20/0x20
[  292.591868][ T7402]  __x64_sys_lsetxattr+0xb8/0xd0
[  292.596834][ T7402]  do_syscall_64+0x55/0xb0
[  292.601284][ T7402]  ? clear_bhb_loop+0x40/0x90
[  292.605986][ T7402]  ? clear_bhb_loop+0x40/0x90
[  292.610767][ T7402]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.616846][ T7402] RIP: 0033:0x7feea558f749
[  292.621469][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.641454][ T7402] RSP: 002b:00007feea6517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  292.650155][ T7402] RAX: ffffffffffffffda RBX: 00007feea57e5fa0 RCX: 00007feea558f749
[  292.658249][ T7402] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  292.666312][ T7402] RBP: 00007feea5613f91 R08: 0000000000000000 R09: 0000000000000000
[  292.674340][ T7402] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  292.682610][ T7402] R13: 00007feea57e6038 R14: 00007feea57e5fa0 R15: 00007fff0dd3a448
[  292.691218][ T7402]  </TASK>
[  292.694890][ T7402] Kernel Offset: disabled
[  292.699226][ T7402] Rebooting in 86400 seconds..