last executing test programs:

15.074285387s ago: executing program 0 (id=1085):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e7", 0x4b}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000001ec0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000540)=""/66, 0x42}, {&(0x7f0000001f00)=""/4096, 0x1053}, {&(0x7f00000003c0)=""/160, 0xa0}, {&(0x7f0000000900)=""/43, 0x2b}], 0x4}, 0x0)
recvmsg$kcm(r0, &(0x7f0000003640)={0x0, 0x0, 0x0}, 0x0)

13.855653286s ago: executing program 0 (id=1159):
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc050561a, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x1800c49, &(0x7f0000001740)={[{@iocharset={'iocharset', 0x3d, 'cp857'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@gid={'gid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@fmask={'fmask', 0x3d, 0x9}}, {@dmask={'dmask', 0x3d, 0x17}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@fmask={'fmask', 0x3d, 0xa}}]}, 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x4)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_TUNER(r1, 0xc054561d, &(0x7f00000000c0)={0x0, "54c4d5c8a353e40ca958013763c56c995609ad28acab1eb969fa5a376eabb28c"})

13.667092131s ago: executing program 4 (id=1160):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = socket(0x0, 0x803, 0x21f0)
sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
iopl(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, 0x0, 0x1ff)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0x100000000)

11.515780676s ago: executing program 1 (id=1164):
socket(0x10, 0x803, 0x0)
r0 = socket$isdn(0x22, 0x2, 0x22)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000064000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a32000000000800055f0000001f0800034000000014140000001000010000000000000000000000000a"], 0xac}}, 0x0)
r1 = socket$isdn(0x22, 0x2, 0x4)
r2 = dup3(r1, r0, 0x0)
bind$vsock_stream(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000000094f73c66647c122f2a0000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000001c000000b7000000000000009500"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@ipmr_delroute={0x50, 0x19, 0x300, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, 0x5}, [@RTA_ENCAP={0x1c, 0x16, 0x0, 0x1, @LWT_BPF_IN={0x18, 0x1, 0x0, 0x1, @LWT_BPF_PROG_NAME={0x13, 0x2, 'batadv_slave_0\x00'}}}, @RTA_UID={0x8}, @RTA_SRC={0x8, 0x2, @multicast2}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x50}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000580)=0x8098, 0x4)
lseek(r5, 0x0, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f00000011c0), 0xffffffffffffffff)
r8 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r8, 0xc10c5541, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, <r9=>0x0, 0x0, 0x0, 0x3, &(0x7f0000000300)=[0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000440)={0x0, 0x0, r9, 0x0, 0x0, 0x4, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0]})

11.172524274s ago: executing program 1 (id=1166):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f000001a080)={0x0, 0x9, 0x92, 0x0, 0x0, 0xffffffff, 0x0})

10.926811964s ago: executing program 4 (id=1167):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(0x0, 0x1d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bca)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000100))
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000006840)=[{{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000000440)="5ff17db605ade75363a0530733408850aaf311cbe0", 0x7ffff000}, {&(0x7f0000000600)="8882d1dc72424e1fd8dd4b9a691db9a3f2d539b0ed59d1d1b67695f356653c71087b5fe7c96758a0f47f379517352fe067a0c327617260dcd520", 0x3a}, {&(0x7f0000002c40)='E', 0x1}], 0x3}}], 0x1, 0x0)

6.702191026s ago: executing program 1 (id=1174):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioperm(0x40, 0x400000000f, 0x675a)
setresuid(0xee01, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
tkill(r3, 0x6)
keyctl$restrict_keyring(0xf, 0xfffffffffffffffc, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2)
madvise(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_usb_connect$cdc_ncm(0x0, 0x9e, &(0x7f00000011c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}, [@network_terminal={0x7, 0x24, 0xa, 0x0, 0x3, 0x3, 0x2}, @mdlm_detail={0x11, 0x24, 0x13, 0xd9, "e804d04e27b46a5c53f26afa62"}, @mbim={0xc, 0x24, 0x1b, 0x7, 0x6, 0x4, 0x0, 0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0xf9}, @network_terminal={0x7, 0x24, 0xa, 0xd, 0xff, 0x5, 0x1}]}}}}}]}}, 0x0)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000000000000800008076"])

6.313976568s ago: executing program 3 (id=1177):
syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="120100005bc1fa20cf106880fd2e000000010902120001000000000904"], 0x0)

6.313360408s ago: executing program 0 (id=1178):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = socket(0x0, 0x803, 0x21f0)
sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
iopl(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, 0x0, 0x1ff)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0x100000000)

5.349797986s ago: executing program 4 (id=1180):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r2}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={r2, &(0x7f0000001480), 0x0}, 0x20)

5.083611898s ago: executing program 4 (id=1182):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509", 0x4e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000001ec0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000540)=""/66, 0x42}, {&(0x7f0000001f00)=""/4096, 0x1053}, {&(0x7f00000003c0)=""/160, 0xa0}, {&(0x7f0000000900)=""/43, 0x2b}], 0x4}, 0x0)
recvmsg$kcm(r0, &(0x7f0000003640)={0x0, 0x0, 0x0}, 0x0)

5.035263402s ago: executing program 0 (id=1183):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000006110960000000000040f0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2f"], 0x3e)

4.330828109s ago: executing program 3 (id=1184):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000180)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0xf}, 0x14, &(0x7f0000000500)=[{&(0x7f0000000040)="27031000590400000508002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000819b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada300c9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d33311e2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0xfeb9}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000540)="6fe4dd9eeb85271de1b87ef9440284", 0xf}], 0x4}, 0x200400c4)

4.253458305s ago: executing program 2 (id=1185):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0)

4.224603978s ago: executing program 0 (id=1186):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x100400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0xe0)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda000020005d"], 0x69)
close(r1)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000040)={0x0, 0xdd4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x0, 0x0, 0x45, 0x0, "1e6c1c2a0033af1199d01e93a0c5d3b12a1acf7a58ceadd43298708a8a7470c3f8f6c087c01f22e3d2edcd1b0349e7cf54e1131821607b899e64075662acd23741b42c43cb101a83af7caf5d5af2940b"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "12000700"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000700)={@in6={{0xa, 0x0, 0x0, @private2}}, 0x0, 0x0, 0x35, 0x0, "f5fe9c103abe0b65544e0980519f38f54dd5f87ecc377210bd44fe7e1375550831c5f6dd769f5a1d175f47a8b941c8e568ca41e8da841f4f18f1ea6b206d495119ac37c29f4b384d0a9181566cfc4a1b"}, 0xd8)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000), 0x4)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8001)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r3, 0xc0bc5310, &(0x7f00000001c0))
syz_usbip_server_init(0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000a68daa40d35b7c315e040000000c0902120001000100000904"], 0x0)

4.184993081s ago: executing program 1 (id=1187):
open(0x0, 0x2a4c0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
ioctl$VIDIOC_S_OUTPUT(r4, 0xc004562f, &(0x7f0000000580)=0xffffff01)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
fanotify_init(0x4, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x71, 0x8000000, r5, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r7 = fanotify_init(0x200, 0x0)
fanotify_mark(r7, 0x1, 0x4800003e, r6, 0x0)
mount$overlay(0x20000f7a, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@xino_on}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={[{'rdma'}]})

4.184896041s ago: executing program 3 (id=1188):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0x30, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000001100)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040)=r1, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r2, r0}, 0x10)

4.099683448s ago: executing program 4 (id=1189):
socket(0x10, 0x803, 0x0)
r0 = socket$isdn(0x22, 0x2, 0x22)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000064000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a32000000000800055f0000001f0800034000000014140000001000010000000000000000000000000a"], 0xac}}, 0x0)
r1 = socket$isdn(0x22, 0x2, 0x4)
r2 = dup3(r1, r0, 0x0)
bind$vsock_stream(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000000094f73c66647c122f2a0000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000001c000000b7000000000000009500"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@ipmr_delroute={0x50, 0x19, 0x300, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, 0x5}, [@RTA_ENCAP={0x1c, 0x16, 0x0, 0x1, @LWT_BPF_IN={0x18, 0x1, 0x0, 0x1, @LWT_BPF_PROG_NAME={0x13, 0x2, 'batadv_slave_0\x00'}}}, @RTA_UID={0x8}, @RTA_SRC={0x8, 0x2, @multicast2}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x50}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000580)=0x8098, 0x4)
lseek(r4, 0x0, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f00000011c0), 0xffffffffffffffff)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r7, 0xc10c5541, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x3, &(0x7f0000000300)=[0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000440)={0x0, 0x0, r8, 0x0, 0x0, 0x4, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0]})

4.099479808s ago: executing program 2 (id=1190):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(0x0, 0x1d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bca)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000100))
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000006840)=[{{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000000440)="5ff17db605ade75363a0530733408850aaf311cbe0", 0x7ffff000}, {&(0x7f0000000600)="8882d1dc72424e1fd8dd4b9a691db9a3f2d539b0ed59d1d1b67695f356653c71087b5fe7c96758a0f47f379517352fe067a0c327617260dcd520", 0x3a}, {&(0x7f0000002c40)='E', 0x1}], 0x3}}], 0x1, 0x0)

2.295509844s ago: executing program 1 (id=1191):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000780)="3cdb74bfb8fb6ab1f6357e4a3973f379a2d570fc287e4671d3c5747e698648f80793bc9e451e25487beee5ab5c799efd1cafe8d2226f01718f74d51ccd423e55458d52d6b3afb2e0e2b00f1cafdbb71e66969a4d1e36b1074a37bd86fac5071518b1b6f392d9eb2ffd6f4a1c84aee91ac2006caef6c93960f4ce47deab8fdfc8f14e42696173a69fda3802b90da74235057efe4987482f244842f50b8d5e9f951860fa3446f158eb0f5d2afaeaa615360ef266ded8aea67de45e88482381e62c405c4166f3", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000ac0)="986ab6f178aefda105314adbf14a03adff216bc5e878872a93a04609e329fd064fe44b7e39a61f3f4ac08f01ec4fcdc3ae82448b7232b27a77e7677fdbdea35fb0eeaaf4b44838c03944d1f4fdbab3", 0x4f}, {&(0x7f0000000b40)="9a4425674210b07f183ebb14a54d6d251623e3081e454afe1e5386862b2562e0", 0x20}], 0x2}}, {{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000fc0)='^', 0x1}], 0x1}}], 0x3, 0x408c)

2.279990676s ago: executing program 3 (id=1192):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r2}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={r2, &(0x7f0000001480), 0x0}, 0x20)

2.055445534s ago: executing program 3 (id=1193):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = socket(0x0, 0x803, 0x21f0)
sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
iopl(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, 0x0, 0x1ff)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0x100000000)

2.055215064s ago: executing program 4 (id=1194):
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc050561a, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x1800c49, &(0x7f0000001740)={[{@iocharset={'iocharset', 0x3d, 'cp857'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@gid={'gid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@fmask={'fmask', 0x3d, 0x9}}, {@dmask={'dmask', 0x3d, 0x17}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@fmask={'fmask', 0x3d, 0xa}}]}, 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x4)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_TUNER(r1, 0xc054561d, &(0x7f00000000c0)={0x0, "54c4d5c8a353e40ca958013763c56c995609ad28acab1eb969fa5a376eabb28c"})

2.055049634s ago: executing program 1 (id=1195):
syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="1201"], 0x0)

1.563669284s ago: executing program 2 (id=1196):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000f500000000000000000000000000000000000000a6e811e23e6de20caad295ea26dfa4b36e7825b3f8392777c5deb423d6e1a2a5dc0158de06a8eee8133e0c62a3ae4c9ce0a0e1d919661f1fa46ab817dacc04965941f6ffb0ed1777fbdf575954cd8145e46ed7dd4685c7a219cd75161200733ac3fa07862b19eed4b6f73dd30e72a7b280"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0x0, 0x3}, 0x6)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0], 0xb8}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)
recvmmsg(r4, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
write$UHID_CREATE2(r5, 0x0, 0x1d8)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0xfb0, 0xfffffffe, 0x0, 'queue0\x00'})
write$sndseq(r6, &(0x7f0000000000)=[{0x6, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2620]}}], 0x1c)

621.3551ms ago: executing program 2 (id=1197):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000006110960000000000040f0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2f"], 0x3e)

582.753773ms ago: executing program 3 (id=1198):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x18, &(0x7f0000000080)=ANY=[], 0x1, 0x708, &(0x7f00000005c0)="$eJzs3U9v2/b5APBHjtP65x/QDdtQFEGasmkPCZA5ktw6MHoYNJl22MqiQMpFgh2KonGGoE47NBuweIeul2477CXs0OveRM+777bX0PtO9SDqT2xHltPEtYPg8xFifkU+5Pf50gIfU6GoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACi1l6r1xu16GTdrVvJ0dprRb45Y/l4e98emMzoN6I2+BcLC/HacNZrv3i0+NXBj8txcfjsYiwMJgux+/+v/vS9n8/PjdefkdCpePBw99OPd3a2vzjrRM7IRtrNyjzbbG2kSVbmyerKSv36zfUyWc86aXm77KebSbtIW/28SK60ryaN1dXlJF26nW91N9ZanXQ888Yvm/X6SvL+Ui9tFWXevf7+Utm+mXU6WXejihksHsTcSH77efFB1k/6aWszSe7e29lePi7JQVDjSYKah+adH70YJzOa9Waz0Wg2Gyvvrr57o16fb9YX4sCM+iFxYJWkXp8fv2hrhzf+A/z7aVbiRzN34Fn8efZv9iQO23Ai5kb1PzqRRTe24lYkUx/tWIsi8tg8YvnItxF/qhrX05n97q//4yr/2qPFFwY/Li+Mnl06qv4fkcvpPR7Ew9iNT+Pj2Imd2I4vzjyj031sRBrdyKKMPLLYjFY1JxnNSWI1VmIl6vFR3Iz1KCOJ9ciiE2mUcTvK6EdavaLaUUQarehHHkUkcSXacTWSaMRqrMZyJJHGUtyOPLaiGxuxFq1qK3fjXrXfl2fkOAlqPElQc0bQuJi/NHpdzj/2B8Hs+n9jUv//UdWHB2+fQnHi+XBu3DjZAzg8g71x/Y+9ve/3Bs46IwAAAOCk1ap332uXXpo8X8866W/OOCsAAADgJFWXIV8cTKqrnV+P2uD8v37WaQEAAAAnqBaXRu8CLMYbw9b4k1DeBAAAAIAXRPX//5cGk8VB642oOf8HAACAF81fH91jfzem3mO37M1FxHxE1L7q3Xq7dr81iGvdPzdc79zhLfbXL9ReGW2kmqzMj56104u10d0vJzfB/G40uXvcvf5rRXH+WROImBvFvHlnOL0zWVL1srieddKldt55rxGt1itz/fRW/w+f3ftjxKD3v3U3X6nF3Xs720uffL5zp8rlq8FWvro/upt77Qfk8vt4fRjz+svx2Ih3o3Z+7yedtD7qd3HYb33/+EdjGQ/p//b1+f2UPhf253V5cThdPDj+hcH4G0tHjX6x9vJo/Wca+dfj4LeuvDWcTMmiOSOLal809+//Q/viibKIt47PYvm4LJafMQuAs3J3UoUO1t3zk/r/WN19iqPc6VT3r+PKMObKherAOn9hyhG9PvWIvnfuUI19+ur2z7g6jLk6Dj6qxg7G/PdJv42q328GK3xzZL9l51+j1v3fxfW5h+fjXhW7/VmzubxSf6def7cZ56thjCaDTP+r9gBw0OXq+v9Z37EzPeJcxEvj2v1OvDmMeHRWPahJk4r3s8klBUvxSXweO3EnrlWfNqiuOJja7+K+yxCuxeVRstPPWhf3fcPLtWPO6oax479dniR2+PUyAPAiuXxMHZ7U/8nbx6OIqoQO6/+1fefdC1POuw/W8tlnx/trOQDw40iL72qL/b/UiiLrfdRYXW20+jfTpMjbHyRFtraRJlm3nxbtm63uRpr0iryft/POoPFhtpaWSbnV6+VFP1nPi6SXl9mtX0XWSZPRV7+X6War28/aZa+Ttso0aefdfqvdT9aysp30tn7dycov9/b2BiuXvbSdrWftVj/Lu0mZbxXtdClJyjQdBd5MiyRbS7v9bD0bNLtJr8hejuJ28mHe2dpMk7W0bBdZr58XVTbjvrLuel5sVptdOuudDQDPiQcPdz/9eGdn+4vpjYU4clHV+M/s1YeNsx4jAHDQrCr92NVnAAAAAAAAAAAAAADAmTjm839P36gdmjMXET9WXy9cY+/LU+lr/AEPv53HG9/sm5M8B/mceuOMD0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMMX/AgAA//8a7U+y")
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200400, &(0x7f0000000140)=ANY=[@ANYRES8=<r0=>0x0], 0x3, 0xa73, &(0x7f0000003cc0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=")
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffdc4, &(0x7f00000002c0)=0x4400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004740)=""/102400, 0x19000)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000280)=[{&(0x7f00000003c0)="ed4e82bdc44b4626f17240da75126c6c124490d6e1b548078f2bfbb3b2144213deecccecf4af153de115e85615196635cc86e4ff71d9588a9cb2aba8fd4b07268cf929808a43aaa7e4b44392d9c67e552eb54fb946da44baf093388610fd928d0798bacc3f33eef8267a318bed8dd50596c299dbc4a80c70d3f13ce3cca7301a10769248fa9347cae6ab712db36abae3dece3acffbb18053b17615661d55ad0fcd4799bdf8b390dd43465bf7840fa33567cd5a94db399d6d6d2c942aecc2714b60634c03e6e02b8f8af3d42e5b512cf459f830cb0b6de118b8ffdff41db05d54e8d56c301df18e88080d", 0xea}, {&(0x7f0000000600)}], 0x2}, 0x40040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x2000000000000121, &(0x7f0000000740)=ANY=[@ANYRESDEC=r0], &(0x7f0000000700)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x32}, 0x90)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)=0x100, 0x4)
r3 = socket$inet(0x2, 0x0, 0x0)
getsockopt$inet_mreqsrc(r3, 0x0, 0x0, &(0x7f0000000000)={@initdev, @empty, @remote}, &(0x7f0000000040)=0x8)
quotactl_fd$Q_GETFMT(r3, 0xffffffff80000401, 0x0, &(0x7f00000006c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
open$dir(&(0x7f0000000780)='./file0\x00', 0x0, 0x54)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0x3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004054}, 0x41)
pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5405, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a680000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
getpid()

454.800604ms ago: executing program 2 (id=1199):
r0 = syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x8, 0xe, &(0x7f0000000640)=ANY=[@ANYRES64=r0, @ANYRESHEX=r1], &(0x7f00000001c0)='GPL\x00', 0x105, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xa}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0x8, 0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000702000000feffff7a0af0ff9100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000009000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd005d41ce4e7bb3626d6e0d3e6600cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb059bafe3c6431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d571020260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4071ade12f41de4f6df6a936b4ec3827c739bb39a01000000fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36eb005c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d001000080000000004ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e2b42bf0ed0c8cef3ba2a730a00c87fa550cf960e63fda48a29682881eb8c9cfa72b08eecc952a1a2982492a210e00d2bfea3b8d357d61abe37bafd7c310a5d8f922afe7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d856a25992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7e472f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee278226f24cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4268d99704d9a90cf27e281c1b05077ca60fdecb2717e21f8f197b1866108b6e8c71e26032176066439783568628f0309c3afa716d3706e1fa89917e131fff0000003e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e91a2d2478ce30000000000000000000032ccd19aaa33464267e240b44efe147aa6514ff3fd62efaafb6295f2973c5f90cf33b04a8305536cb5d859d4e274d95f4d024e8fa9d5062c6087e4c999d1bf835a50b42d4e0b36bbada6ef48af5627e279ab229e90fdcc1b254b9c53b79b8016edd205a3aea1373ff2d5b7e1fa51282dfe1ff2f8a615252d0a800022fcc3750d76d3fa4c55c4aeb19e8a25b73bd2294a1d443f20245d6c27924be7204558d988b58e2958cf1f4364e3083247dd5f6659630ad2d834151a474c8616f2a3ab1cca175795aacba246a05a1e965275265c1057487c0f5cc1b47933fc02010090f07469ab5620b151b4d57716c0f402101cdd6193d99ecf67838cf8c2ad356997268446ffce30ead1912bbbad3fe80cf6cc144f8578e9b9cd8737a376bfe0f9f197621489b6b46993a432c5875ea5e3126d4e45ad787f43b1abd550aab300c199708c921a97b4d2a2f82df25470cca25e118a4096adddf947c964a4d15e10cdb403b45c4cb2d97d6fc69f30888a188b5924a9446988f9532ea3a0a2638300d55c8c7691852c"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100)={0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1c}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=<r5=>r3, @ANYBLOB="1fe8d96d3009ed7de3c33b00000008000300", @ANYRES32=r4, @ANYBLOB="21003300d08000000802110000000802110000015050505050500000000000", @ANYRES8=<r6=>r2], 0x40}, 0x1, 0x0, 0x0, 0x48001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0)
r9 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000300)=r9)
ioctl$VHOST_SET_VRING_KICK(r8, 0x4008af20, &(0x7f0000000040)={0x1, r9})
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x18b)
r10 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000500)=ANY=[@ANYRES32=r5, @ANYRESHEX=r10, @ANYBLOB=',rootmode=0000!000000000000040I00,user_ad=', @ANYRES64=r6, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r10, &(0x7f00000077c0)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_INIT(r10, &(0x7f0000000100)={0x50, 0xffffffffffffffda, r11, {0x7, 0x1f, 0x401}}, 0x50)
syz_fuse_handle_req(r10, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

303.988036ms ago: executing program 2 (id=1200):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509", 0x4e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000001ec0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000540)=""/66, 0x42}, {&(0x7f0000001f00)=""/4096, 0x1053}, {&(0x7f00000003c0)=""/160, 0xa0}, {&(0x7f0000000900)=""/43, 0x2b}], 0x4}, 0x0)
recvmsg$kcm(r0, &(0x7f0000003640)={0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 0 (id=1201):
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000200)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x80, 0x0, 0x0, &(0x7f0000000040)=[@mark={{0x14, 0x1, 0x24, 0x9}}], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter, 0x48)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x0, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
semctl$GETALL(0x0, 0x0, 0xd, 0x0)

kernel console output (not intermixed with test programs):

27
[  167.135539][   T27] audit: type=1804 audit(1721211804.978:8): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.653" name="/newroot/146/file1/bus" dev="loop4" ino=10 res=1 errno=0
[  167.310119][   T27] audit: type=1804 audit(1721211805.008:9): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.653" name="/newroot/146/file1/bus" dev="loop4" ino=10 res=1 errno=0
[  167.341718][   T27] audit: type=1804 audit(1721211805.008:10): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.653" name="/newroot/146/file1/bus" dev="loop4" ino=10 res=1 errno=0
[  167.465326][ T3545] syz-executor: attempt to access beyond end of device
[  167.465326][ T3545] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  167.548777][ T5788] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.568433][ T5788] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.586122][ T5788] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  167.599493][ T5788] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  167.763646][ T5788] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  167.773598][ T5788] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  167.959573][ T5788] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  167.999540][ T5788] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.047810][ T5788] usb 2-1: Product: syz
[  168.070145][ T5788] usb 2-1: Manufacturer: syz
[  168.096746][ T5788] usb 2-1: SerialNumber: syz
[  168.226237][ T5959] delete_channel: no stack
[  168.300547][ T5959] sock: sock_timestamping_bind_phc: sock not bind to device
[  168.391941][ T3556] Bluetooth: hci5: Malformed LE Event: 0x0d
[  168.498529][ T5788] cdc_ncm 2-1:1.0: bind() failure
[  168.506465][ T5788] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  168.528382][ T5788] cdc_ncm 2-1:1.1: bind() failure
[  168.583560][ T5788] usb 2-1: USB disconnect, device number 10
[  169.188610][ T3556] Bluetooth: hci2: command tx timeout
[  169.496100][ T5806] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  169.531806][ T5806] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  169.565652][ T5806] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  169.606493][ T5806] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  169.944675][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.003130][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.012909][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.046775][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[  170.075556][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.096765][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.098723][ T5972] loop0: detected capacity change from 0 to 32768
[  170.126933][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.134123][ T5788] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.207511][ T5976] loop4: detected capacity change from 0 to 32768
[  170.225924][ T5972] XFS (loop0): Mounting V5 Filesystem
[  170.226189][ T5938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  170.271803][ T5980] loop1: detected capacity change from 0 to 32768
[  170.289988][ T5980] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.662 (5980)
[  170.297354][ T5938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  170.328873][ T5980] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  170.345475][ T5980] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  170.374789][ T5980] BTRFS info (device loop1): using free space tree
[  170.383885][ T5938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.414381][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.421574][ T5938] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.484138][ T5938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  170.572520][ T5976] XFS (loop4): Mounting V5 Filesystem
[  170.574720][ T5972] XFS (loop0): Ending clean mount
[  170.587105][ T5972] XFS (loop0): Quotacheck needed: Please wait.
[  170.604889][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  170.619293][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  170.635103][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  170.644131][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  170.653007][ T5980] BTRFS info (device loop1): enabling ssd optimizations
[  170.653995][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  170.672598][ T5972] XFS (loop0): Quotacheck: Done.
[  170.689908][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  170.698758][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  170.711711][ T5806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.728017][ T5990] loop3: detected capacity change from 0 to 40427
[  170.734731][ T5806] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  170.759020][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  170.772947][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  170.788975][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  170.858923][ T5976] XFS (loop4): Ending clean mount
[  170.865978][ T5990] F2FS-fs (loop3): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  170.918511][ T5990] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  170.962755][   T27] audit: type=1800 audit(1721211808.838:11): pid=5980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.662" name="bus" dev="loop1" ino=263 res=0 errno=0
[  171.289762][ T5990] F2FS-fs (loop3): Found nat_bits in checkpoint
[  171.523893][ T4416] XFS (loop0): Unmounting Filesystem
[  171.639595][ T3545] XFS (loop4): Unmounting Filesystem
[  171.676523][ T5990] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  171.723154][ T5990] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  171.992429][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  172.033834][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  172.062139][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.672711][ T6052] syz.3.664: attempt to access beyond end of device
[  172.672711][ T6052] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  172.697593][   T27] audit: type=1804 audit(1721211810.548:12): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.664" name="/newroot/162/file1/bus" dev="loop3" ino=10 res=1 errno=0
[  173.058448][   T27] audit: type=1804 audit(1721211810.568:13): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.664" name="/newroot/162/file1/bus" dev="loop3" ino=10 res=1 errno=0
[  173.183105][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  173.201999][   T27] audit: type=1804 audit(1721211810.568:14): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.664" name="/newroot/162/file1/bus" dev="loop3" ino=10 res=1 errno=0
[  173.237575][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  173.251727][ T3559] syz-executor: attempt to access beyond end of device
[  173.251727][ T3559] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  173.274045][ T5806] device veth0_vlan entered promiscuous mode
[  173.308742][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  173.317251][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  173.354525][ T5806] device veth1_vlan entered promiscuous mode
[  173.391169][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  173.409125][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  173.416973][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  173.509239][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  173.517558][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  173.548496][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  173.558904][ T5806] device veth0_macvtap entered promiscuous mode
[  173.598966][ T5806] device veth1_macvtap entered promiscuous mode
[  173.657847][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.708328][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.718192][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.792962][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.817426][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.860893][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.905739][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.945730][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.993417][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.114198][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  174.133250][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  174.156552][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  174.186183][ T5788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  174.215543][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.297318][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.348147][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.607388][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.773712][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.962792][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.046322][ T5806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.117153][ T5806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.141659][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.149290][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  175.162748][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  175.238077][ T6081] delete_channel: no stack
[  175.245223][ T5806] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.275747][ T5806] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.311893][ T6081] sock: sock_timestamping_bind_phc: sock not bind to device
[  175.338077][ T5806] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.373591][ T5806] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.408272][ T4746] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  175.909745][ T3549] Bluetooth: hci4: command 0x0406 tx timeout
[  175.910277][   T48] Bluetooth: hci0: command 0x0406 tx timeout
[  176.793775][ T4479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.815806][ T4479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.876233][ T4028] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  176.913801][ T5224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.952738][ T5224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.011110][ T4028] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  177.138947][ T6123] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  177.521712][ T6136] snd_dummy snd_dummy.0: control 2:0:2:syz1:0 is already present
[  177.790442][ T6087] loop0: detected capacity change from 0 to 32768
[  177.857438][ T6087] XFS: ikeep mount option is deprecated.
[  178.254590][ T6087] XFS (loop0): Mounting V5 Filesystem
[  178.382252][ T6113] loop4: detected capacity change from 0 to 32768
[  178.489084][ T6087] XFS (loop0): Ending clean mount
[  178.556690][ T6087] XFS (loop0): Quotacheck needed: Please wait.
[  178.623943][ T6113] XFS (loop4): Mounting V5 Filesystem
[  178.707464][ T6087] XFS (loop0): Quotacheck: Done.
[  178.748436][ T6113] XFS (loop4): Ending clean mount
[  178.757137][ T4416] XFS (loop0): Unmounting Filesystem
[  179.763903][ T3545] XFS (loop4): Unmounting Filesystem
[  180.034865][ T6145] loop3: detected capacity change from 0 to 32768
[  180.068729][ T6096] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  180.077911][ T6145] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.680 (6145)
[  180.145289][ T6145] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  180.194749][ T6145] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  180.221859][ T6145] BTRFS info (device loop3): using free space tree
[  180.348474][ T6096] usb 2-1: Using ep0 maxpacket: 32
[  180.379821][ T6145] BTRFS info (device loop3): enabling ssd optimizations
[  180.418811][ T6200] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  180.425363][ T6200] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  180.433352][   T27] audit: type=1800 audit(1721211818.298:15): pid=6145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.680" name="bus" dev="loop3" ino=263 res=0 errno=0
[  180.455463][ T6200] vhci_hcd vhci_hcd.0: Device attached
[  180.461118][ T6220] vhci_hcd: connection closed
[  180.462101][   T46] vhci_hcd: stop threads
[  180.476531][   T46] vhci_hcd: release socket
[  180.487993][   T46] vhci_hcd: disconnect device
[  180.498742][ T6096] usb 2-1: New USB device found, idVendor=10cf, idProduct=8068, bcdDevice=2e.fd
[  180.509403][ T6096] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.536649][ T6096] usb 2-1: config 0 descriptor??
[  180.582967][ T6096] vmk80xx 2-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  180.613455][    T7] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  180.797313][ T5938] usb 2-1: USB disconnect, device number 11
[  180.832556][ T6102] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  180.858552][    T7] usb 5-1: Using ep0 maxpacket: 16
[  181.144152][    T7] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  181.163838][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.186504][    T7] usb 5-1: Product: syz
[  181.190804][    T7] usb 5-1: Manufacturer: syz
[  181.212438][    T7] usb 5-1: SerialNumber: syz
[  181.231216][ T6241] snd_dummy snd_dummy.0: control 2:0:2:syz1:0 is already present
[  181.900377][    T7] usb 5-1: config 0 descriptor??
[  181.949979][    T7] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  181.974565][ T6102] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  181.995862][ T6102] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  182.026560][ T6102] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  182.048226][ T6247] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  182.060454][ T6102] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.118794][ T6200] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  182.630392][ T4028] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  182.651790][ T3559] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  182.868601][ T4028] usb 2-1: Using ep0 maxpacket: 8
[  182.988710][ T4028] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  183.002657][ T4028] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.017108][ T4028] usb 2-1: config 0 descriptor??
[  183.061044][ T4028] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  183.075863][ T4028] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input13
[  183.093593][ T6270] loop3: detected capacity change from 0 to 32768
[  183.176340][ T6270] XFS (loop3): Mounting V5 Filesystem
[  183.247139][ T6270] XFS (loop3): Ending clean mount
[  183.263353][ T6256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.288626][ T6256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.308832][    T7] ssu100: probe of 5-1:0.0 failed with error -71
[  183.329088][ T6256] usb usb2: usbfs: process 6256 (syz.1.694) did not claim interface 0 before use
[  183.400479][    T7] usb 5-1: USB disconnect, device number 10
[  183.451533][ T4028] usb 1-1: USB disconnect, device number 16
[  184.089859][ T3559] XFS (loop3): Unmounting Filesystem
[  184.675039][ T6299] snd_dummy snd_dummy.0: control 2:0:2:syz1:0 is already present
[  185.363065][ T6304] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  185.388752][ T4028] usb 2-1: USB disconnect, device number 12
[  185.947530][ T6325] netlink: 9 bytes leftover after parsing attributes in process `syz.2.712'.
[  186.054680][ T3549] Bluetooth: hci2: unexpected event 0x0e length: 1 < 3
[  186.253492][ T6309] loop4: detected capacity change from 0 to 32768
[  186.282653][ T6309] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.707 (6309)
[  186.350989][ T6309] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  186.375261][ T6309] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  186.392056][ T6309] BTRFS info (device loop4): using free space tree
[  186.583237][ T6309] BTRFS info (device loop4): enabling ssd optimizations
[  186.733956][   T27] audit: type=1800 audit(1721211824.608:16): pid=6309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.707" name="bus" dev="loop4" ino=263 res=0 errno=0
[  186.743552][ T6318] loop1: detected capacity change from 0 to 32768
[  187.635198][ T6318] XFS (loop1): Mounting V5 Filesystem
[  187.703269][ T6320] loop0: detected capacity change from 0 to 32768
[  187.729592][ T6368] libceph: resolve '.
[  187.729592][ T6368] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[  187.729592][ T6368] ' (ret=-3): failed
[  187.824076][ T6320] XFS (loop0): Mounting V5 Filesystem
[  187.830706][ T6376] delete_channel: no stack
[  187.847295][ T6318] XFS (loop1): Ending clean mount
[  187.901090][ T6376] sock: sock_timestamping_bind_phc: sock not bind to device
[  187.950323][ T6320] XFS (loop0): Ending clean mount
[  187.992572][ T6320] XFS (loop0): Quotacheck needed: Please wait.
[  188.052210][ T6320] XFS (loop0): Quotacheck: Done.
[  188.068486][ T3549] Bluetooth: hci2: command tx timeout
[  188.266295][ T4746] XFS (loop1): Unmounting Filesystem
[  189.590550][ T4416] XFS (loop0): Unmounting Filesystem
[  189.645426][ T6387] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  189.899625][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.516993][ T6407] netlink: 9 bytes leftover after parsing attributes in process `syz.2.729'.
[  191.315453][ T3549] Bluetooth: hci2: unexpected event 0x0e length: 1 < 3
[  191.324764][ T3549] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  191.480354][ T6419] delete_channel: no stack
[  191.500669][ T6419] sock: sock_timestamping_bind_phc: sock not bind to device
[  192.104978][ T3549] Bluetooth: to_multiplier 7 < 10
[  192.242674][ T6434] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  192.713111][ T6428] loop4: detected capacity change from 0 to 32768
[  192.767030][ T6421] loop2: detected capacity change from 0 to 32768
[  192.779548][ T6428] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.735 (6428)
[  192.805469][ T6428] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.852664][ T6428] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  192.904190][ T6428] BTRFS info (device loop4): using free space tree
[  192.950159][ T6449] netlink: 9 bytes leftover after parsing attributes in process `syz.3.742'.
[  193.507912][ T6421] XFS (loop2): Mounting V5 Filesystem
[  193.510768][ T6426] loop0: detected capacity change from 0 to 32768
[  193.521641][ T3549] Bluetooth: hci4: unexpected event 0x0e length: 1 < 3
[  193.532452][ T6426] XFS (loop0): Mounting V5 Filesystem
[  193.577588][ T6426] XFS (loop0): Ending clean mount
[  193.602208][ T6475] delete_channel: no stack
[  193.610700][ T6475] sock: sock_timestamping_bind_phc: sock not bind to device
[  193.657860][ T6426] XFS (loop0): Quotacheck needed: Please wait.
[  193.740103][ T6421] XFS (loop2): Ending clean mount
[  193.745823][ T6428] BTRFS info (device loop4): enabling ssd optimizations
[  193.780244][ T6426] XFS (loop0): Quotacheck: Done.
[  193.829776][   T27] audit: type=1800 audit(1721211831.708:17): pid=6428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.735" name="bus" dev="loop4" ino=263 res=0 errno=0
[  194.148468][   T48] Bluetooth: hci4: command 0x0406 tx timeout
[  194.325081][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  194.343593][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  194.723309][ T6421] syz.2.732 (6421) used greatest stack depth: 18992 bytes left
[  194.888917][ T4416] XFS (loop0): Unmounting Filesystem
[  194.900048][ T5806] XFS (loop2): Unmounting Filesystem
[  195.160829][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.336423][ T6520] netlink: 9 bytes leftover after parsing attributes in process `syz.3.755'.
[  195.376826][ T6515] fuse: Unknown parameter '"'
[  195.432265][   T48] Bluetooth: hci4: unexpected event 0x0e length: 1 < 3
[  195.440677][   T48] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  195.742281][   T48] Bluetooth: hci5: ISO packet for unknown connection handle 4095
[  195.751378][   T48] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  195.761360][   T48] CPU: 0 PID: 48 Comm: kworker/u5:0 Not tainted 6.1.99-syzkaller #0
[  195.769372][   T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  195.779446][   T48] Workqueue: hci5 hci_rx_work
[  195.784147][   T48] Call Trace:
[  195.787431][   T48]  <TASK>
[  195.790455][   T48]  dump_stack_lvl+0x1e3/0x2cb
[  195.795133][   T48]  ? nf_tcp_handle_invalid+0x642/0x642
[  195.800590][   T48]  ? panic+0x764/0x764
[  195.804668][   T48]  sysfs_create_dir_ns+0x2c6/0x390
[  195.809774][   T48]  ? sysfs_warn_dup+0xa0/0xa0
[  195.814446][   T48]  kobject_add_internal+0x6df/0xd10
[  195.819638][   T48]  kobject_add+0x14e/0x210
[  195.824046][   T48]  ? device_add+0x3c2/0xfd0
[  195.828540][   T48]  ? kobject_init+0x1d0/0x1d0
[  195.833205][   T48]  ? __raw_spin_lock_init+0x41/0x100
[  195.838489][   T48]  ? get_device_parent+0x128/0x400
[  195.843623][   T48]  device_add+0x476/0xfd0
[  195.847958][   T48]  hci_conn_add_sysfs+0xe4/0x1f0
[  195.852905][   T48]  le_conn_complete_evt+0xcc6/0x1320
[  195.858223][   T48]  ? trace_contention_end+0x61/0x170
[  195.863574][   T48]  ? hci_le_big_info_adv_report_evt+0x390/0x390
[  195.869844][   T48]  ? __mutex_unlock_slowpath+0x218/0x750
[  195.875495][   T48]  ? mutex_unlock+0x10/0x10
[  195.880009][   T48]  ? skb_pull_data+0x10e/0x220
[  195.884837][   T48]  hci_le_enh_conn_complete_evt+0x181/0x410
[  195.890746][   T48]  hci_event_packet+0xa40/0x1510
[  195.895691][   T48]  ? hci_remote_host_features_evt+0x210/0x210
[  195.901760][   T48]  ? bis_list+0x290/0x290
[  195.906092][   T48]  ? do_raw_spin_unlock+0x137/0x8a0
[  195.911281][   T48]  ? kcov_remote_start+0x4b5/0x7d0
[  195.916414][   T48]  ? lockdep_hardirqs_on+0x50/0x130
[  195.921606][   T48]  ? hci_send_to_monitor+0x99/0x4d0
[  195.926795][   T48]  hci_rx_work+0x3cd/0xce0
[  195.931194][   T48]  ? do_raw_spin_unlock+0x137/0x8a0
[  195.936381][   T48]  ? process_one_work+0x7a9/0x11d0
[  195.941748][   T48]  process_one_work+0x8a9/0x11d0
[  195.946697][   T48]  ? worker_detach_from_pool+0x260/0x260
[  195.952323][   T48]  ? _raw_spin_lock_irqsave+0x120/0x120
[  195.957859][   T48]  ? kthread_data+0x4e/0xc0
[  195.962373][   T48]  ? wq_worker_running+0x97/0x190
[  195.967393][   T48]  worker_thread+0xa47/0x1200
[  195.972072][   T48]  ? __sched_text_start+0x8/0x8
[  195.976925][   T48]  kthread+0x28d/0x320
[  195.980986][   T48]  ? worker_clr_flags+0x190/0x190
[  195.985991][   T48]  ? kthread_blkcg+0xd0/0xd0
[  195.990573][   T48]  ret_from_fork+0x1f/0x30
[  195.995000][   T48]  </TASK>
[  196.014869][   T48] kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  196.032485][   T48] Bluetooth: hci5: failed to register connection device
[  196.125726][   T48] Bluetooth: to_multiplier 7 < 10
[  196.231674][   T48] Bluetooth: hci4: command 0x0406 tx timeout
[  196.251873][ T6533] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  196.983675][ T6537] loop3: detected capacity change from 0 to 32768
[  197.100826][ T6537] XFS (loop3): Mounting V5 Filesystem
[  197.141720][ T6565] fuse: Unknown parameter '"'
[  197.244204][ T6537] XFS (loop3): Ending clean mount
[  197.358870][ T6576] netlink: 9 bytes leftover after parsing attributes in process `syz.0.767'.
[  197.435405][   T48] Bluetooth: hci1: unexpected event 0x0e length: 1 < 3
[  197.494222][ T6556] loop1: detected capacity change from 0 to 32768
[  197.558016][ T6556] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.763 (6556)
[  197.581682][ T3559] XFS (loop3): Unmounting Filesystem
[  197.652100][ T6556] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  197.695910][ T6556] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  197.708494][ T6556] BTRFS info (device loop1): using free space tree
[  197.853302][ T6558] loop4: detected capacity change from 0 to 32768
[  197.920420][ T6556] BTRFS info (device loop1): enabling ssd optimizations
[  197.966164][   T27] audit: type=1800 audit(1721211835.838:18): pid=6556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.763" name="bus" dev="loop1" ino=263 res=0 errno=0
[  198.007726][ T6581] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  198.068638][   T48] Bluetooth: hci5: command tx timeout
[  198.148869][   T48] Bluetooth: hci1: command tx timeout
[  198.368573][ T3331] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  199.278668][ T3331] usb 3-1: too many configurations: 12, using maximum allowed: 8
[  199.309090][ T6609] delete_channel: no stack
[  199.928863][ T3331] usb 3-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[  199.951222][ T3331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.009922][ T3331] usb 3-1: config 0 descriptor??
[  200.113135][ T6627] fuse: Unknown parameter '"'
[  200.228462][   T48] Bluetooth: hci1: command tx timeout
[  200.344926][ T6586] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(9)
[  200.351472][ T6586] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  200.363270][ T6586] vhci_hcd vhci_hcd.0: Device attached
[  200.449543][ T4746] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  200.559697][ T6267] vhci_hcd: vhci_device speed not set
[  200.628643][ T6267] usb 13-2: new full-speed USB device number 2 using vhci_hcd
[  200.938038][ T6637] vhci_hcd: connection reset by peer
[  200.958551][ T3331] usb 3-1: string descriptor 0 read error: -71
[  200.973489][   T11] vhci_hcd: stop threads
[  200.977770][   T11] vhci_hcd: release socket
[  200.991480][ T3331] usb 3-1: USB disconnect, device number 16
[  201.096769][ T6647] netlink: 9 bytes leftover after parsing attributes in process `syz.4.780'.
[  201.763879][   T11] vhci_hcd: disconnect device
[  201.777771][   T48] Bluetooth: hci0: unexpected event 0x0e length: 1 < 3
[  201.923590][ T6632] loop0: detected capacity change from 0 to 32768
[  201.973413][ T6654] delete_channel: no stack
[  201.986911][ T6632] XFS (loop0): Mounting V5 Filesystem
[  202.129216][ T6632] XFS (loop0): Ending clean mount
[  202.292078][ T6673] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  202.521002][ T4416] XFS (loop0): Unmounting Filesystem
[  203.184275][ T6693] netlink: 9 bytes leftover after parsing attributes in process `syz.3.796'.
[  203.515317][   T48] Bluetooth: hci4: unexpected event 0x0e length: 1 < 3
[  203.523023][   T48] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  203.649454][ T6695] delete_channel: no stack
[  203.786740][ T6707] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  203.828774][   T48] Bluetooth: hci0: command 0x0406 tx timeout
[  203.971454][ T6681] loop4: detected capacity change from 0 to 32768
[  204.008563][ T6681] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.791 (6681)
[  204.094641][ T6681] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.118731][ T6681] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  204.139284][ T6681] BTRFS info (device loop4): using free space tree
[  204.535119][ T6681] BTRFS info (device loop4): enabling ssd optimizations
[  204.952388][   T27] audit: type=1800 audit(1721211842.828:19): pid=6681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.791" name="bus" dev="loop4" ino=263 res=0 errno=0
[  205.632111][ T6760] delete_channel: no stack
[  205.635635][ T6712] loop0: detected capacity change from 0 to 32768
[  205.691298][ T6722] loop1: detected capacity change from 0 to 32768
[  205.699053][ T6722] XFS: noikeep mount option is deprecated.
[  205.712629][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  205.746424][ T6767] netlink: 9 bytes leftover after parsing attributes in process `syz.2.815'.
[  205.756016][ T6267] vhci_hcd: vhci_device speed not set
[  205.767170][ T6722] XFS (loop1): Mounting V5 Filesystem
[  205.782388][ T6712] XFS (loop0): Mounting V5 Filesystem
[  205.852835][ T6712] XFS (loop0): Ending clean mount
[  205.865080][ T1805] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  205.892231][   T48] Bluetooth: hci2: unexpected event 0x0e length: 1 < 3
[  205.899670][   T48] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  205.966208][ T6722] XFS (loop1): Ending clean mount
[  205.981581][ T6722] XFS (loop1): Quotacheck needed: Please wait.
[  206.049563][ T6722] XFS (loop1): Quotacheck: Done.
[  206.093804][ T6787] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  206.109331][ T4746] XFS (loop1): Unmounting Filesystem
[  206.152068][ T4416] XFS (loop0): Unmounting Filesystem
[  206.158565][ T1805] usb 4-1: Using ep0 maxpacket: 8
[  206.278815][ T1805] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  206.309427][ T1805] usb 4-1: config 179 has no interface number 0
[  206.334481][ T1805] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  206.362156][ T1805] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  206.376312][ T6791] [U] 
[  206.379106][ T6791] [U] \ÏfŸN#k·v”„í42yÛìÐláÞ%
[  206.383905][ T6791] [U] ˆŠ
[  206.386877][ T6791] [U] 
[  206.389577][ T6791] [U] 
[  206.394483][ T6791] [U] 
[  206.397206][ T6791] [U] 
[  206.399911][ T6791] [U] 
[  206.402697][ T6791] [U] 
[  206.406140][ T6791] [U] 
[  206.408858][ T6791] [U] 
[  206.411558][ T6791] [U] 
[  206.431214][ T1805] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  206.462978][ T1805] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  206.487253][ T1805] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  206.543436][ T1805] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  206.608776][ T1805] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.658657][ T6758] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  206.693842][ T1805] xpad: probe of 4-1:179.65 failed with error -5
[  207.531994][ T1805] usb 4-1: USB disconnect, device number 11
[  207.644313][ T6789] [U] 
[  208.362290][ T6831] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  208.526221][ T6820] loop4: detected capacity change from 0 to 32768
[  208.534146][ T6823] loop1: detected capacity change from 0 to 32768
[  208.545014][ T6820] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.824 (6820)
[  208.564354][ T6820] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.575465][ T6820] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  208.623437][ T6823] XFS (loop1): Mounting V5 Filesystem
[  208.633289][ T6820] BTRFS info (device loop4): using free space tree
[  208.643076][ T6839] netlink: 9 bytes leftover after parsing attributes in process `syz.3.829'.
[  208.757556][   T48] Bluetooth: hci4: unexpected event 0x0e length: 1 < 3
[  208.765560][   T48] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  208.801894][ T6820] BTRFS info (device loop4): enabling ssd optimizations
[  208.812997][ T6823] XFS (loop1): Ending clean mount
[  208.824091][   T27] audit: type=1800 audit(1721211846.698:20): pid=6820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.824" name="bus" dev="loop4" ino=263 res=0 errno=0
[  208.988419][   T22] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  209.134827][ T6868] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  209.141395][ T6868] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  209.154937][ T6868] vhci_hcd vhci_hcd.0: Device attached
[  209.177170][ T4746] XFS (loop1): Unmounting Filesystem
[  209.184991][ T6869] vhci_hcd: connection closed
[  209.185180][ T4479] vhci_hcd: stop threads
[  209.220289][ T4479] vhci_hcd: release socket
[  209.226525][ T4479] vhci_hcd: disconnect device
[  209.638470][ T1805] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  209.649142][   T22] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  210.235892][ T6879] netlink: 'syz.3.834': attribute type 10 has an invalid length.
[  210.261747][   T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.270792][   T22] usb 3-1: Product: syz
[  210.275006][   T22] usb 3-1: Manufacturer: syz
[  210.280474][   T22] usb 3-1: SerialNumber: syz
[  210.319398][   T22] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  210.323323][ T6879] 8021q: adding VLAN 0 to HW filter on device team0
[  210.350886][ T6879] bond0: (slave team0): Enslaving as an active interface with an up link
[  210.638624][ T1805] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  210.650036][ T1805] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  210.659958][ T1805] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  210.669293][ T1805] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.698649][ T6867] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  210.708659][ T6267] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  210.829201][ T6783] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  210.841843][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  210.978492][   T22] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  211.057697][ T6891] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  211.068656][ T6267] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.079926][ T6783] usb 4-1: Using ep0 maxpacket: 8
[  211.085407][ T6267] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.096001][ T6267] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  211.106349][ T6267] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  211.116586][ T6267] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  211.127359][ T6267] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  211.198165][ T6849] netlink: 'syz.2.830': attribute type 10 has an invalid length.
[  211.198608][ T6783] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  211.220662][ T6783] usb 4-1: config 179 has no interface number 0
[  211.233246][ T6783] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  211.246560][ T6783] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  211.262370][ T6783] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  211.281665][ T6783] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  211.294532][ T6783] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  211.310198][ T6267] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  211.321696][ T6783] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  211.331566][ T6267] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.344403][ T6783] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.353284][ T6267] usb 2-1: Product: syz
[  211.357460][ T6267] usb 2-1: Manufacturer: syz
[  211.367127][ T6267] usb 2-1: SerialNumber: syz
[  211.374058][ T6782] usb 3-1: USB disconnect, device number 17
[  211.391115][ T6889] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  211.409846][ T6783] xpad: probe of 4-1:179.65 failed with error -5
[  211.617443][ T6783] usb 4-1: USB disconnect, device number 12
[  211.626293][ T3549] Bluetooth: hci5: Malformed LE Event: 0x0d
[  211.678736][ T6267] cdc_ncm 2-1:1.0: bind() failure
[  211.686328][ T6267] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  211.693487][ T6267] cdc_ncm 2-1:1.1: bind() failure
[  211.701731][ T6267] usb 2-1: USB disconnect, device number 13
[  211.984548][ T6267] usb 1-1: USB disconnect, device number 17
[  212.065986][ T6902] netlink: 9 bytes leftover after parsing attributes in process `syz.4.843'.
[  212.078549][   T22] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  212.086029][   T22] ath9k_htc: Failed to initialize the device
[  212.102911][ T6782] usb 3-1: ath9k_htc: USB layer deinitialized
[  212.147170][ T3549] Bluetooth: hci0: unexpected event 0x0e length: 1 < 3
[  212.170951][ T3549] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  212.353377][ T6899] loop2: detected capacity change from 0 to 32768
[  213.228584][ T6899] XFS (loop2): Mounting V5 Filesystem
[  213.335992][ T6924] loop4: detected capacity change from 0 to 4096
[  213.365000][ T6899] XFS (loop2): Ending clean mount
[  213.381171][ T6932] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  213.406390][   T27] audit: type=1804 audit(1721211851.278:21): pid=6924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.851" name="/newroot/174/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  213.489540][ T6930] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  213.695322][ T5806] XFS (loop2): Unmounting Filesystem
[  213.960355][ T6782] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  213.986417][ T6950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.857'.
[  214.014308][ T6950] device lo entered promiscuous mode
[  214.025206][ T6920] loop3: detected capacity change from 0 to 32768
[  214.051157][ T6920] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.849 (6920)
[  214.119543][ T6920] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.149646][ T6920] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  214.162763][ T6920] BTRFS info (device loop3): using free space tree
[  214.283730][ T6920] BTRFS info (device loop3): enabling ssd optimizations
[  214.322522][   T27] audit: type=1800 audit(1721211852.198:22): pid=6920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.849" name="bus" dev="loop3" ino=263 res=0 errno=0
[  214.389046][ T6267] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  214.498651][ T6782] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  214.512656][ T6782] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.564026][ T6782] usb 5-1: Product: syz
[  214.572897][ T6782] usb 5-1: Manufacturer: syz
[  214.598122][ T6782] usb 5-1: SerialNumber: syz
[  214.659461][ T6782] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  214.758680][ T6267] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.777855][ T6267] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.825272][ T6267] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  214.872667][ T6267] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  214.883296][ T6267] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  214.893656][ T6267] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  214.920045][ T6983] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  215.058556][ T6267] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  215.072197][ T6267] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.100457][ T6267] usb 2-1: Product: syz
[  215.125433][ T6267] usb 2-1: Manufacturer: syz
[  215.132117][ T6267] usb 2-1: SerialNumber: syz
[  215.270701][ T6782] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  215.391449][ T3549] Bluetooth: hci5: Malformed LE Event: 0x0d
[  215.418074][ T3559] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  215.429726][ T6267] cdc_ncm 2-1:1.0: bind() failure
[  215.441769][ T6991] loop0: detected capacity change from 0 to 4096
[  215.463673][ T6267] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  215.484070][ T6267] cdc_ncm 2-1:1.1: bind() failure
[  215.514790][ T6267] usb 2-1: USB disconnect, device number 14
[  215.613265][ T6939] netlink: 'syz.4.852': attribute type 10 has an invalid length.
[  215.661555][ T6992] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  215.662605][   T27] audit: type=1804 audit(1721211853.538:23): pid=6991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.865" name="/newroot/99/file0/file1" dev="loop0" ino=15 res=1 errno=0
[  215.706549][ T6265] usb 5-1: USB disconnect, device number 11
[  216.388838][ T6782] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  216.399859][ T6782] ath9k_htc: Failed to initialize the device
[  216.427996][ T6265] usb 5-1: ath9k_htc: USB layer deinitialized
[  216.445605][ T7012] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  217.000837][ T7022] loop1: detected capacity change from 0 to 32768
[  217.033963][ T7022] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.876 (7022)
[  217.050786][ T1805] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  217.088545][ T7022] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  217.118198][ T7022] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  217.127652][ T7022] BTRFS info (device loop1): using free space tree
[  217.156080][ T7022] BTRFS info (device loop1): enabling ssd optimizations
[  217.179414][   T27] audit: type=1800 audit(1721211855.058:24): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.876" name="bus" dev="loop1" ino=263 res=0 errno=0
[  217.458366][ T6782] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  217.460086][ T7064] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  217.477240][ T1805] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.491468][ T1805] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.506177][ T1805] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  217.516581][ T1805] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  217.526997][ T1805] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  217.537286][ T1805] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  217.665438][ T7040] loop3: detected capacity change from 0 to 32768
[  217.672772][ T7040] XFS: ikeep mount option is deprecated.
[  217.690556][ T7040] XFS (loop3): Mounting V5 Filesystem
[  217.728572][ T1805] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  217.741877][ T1805] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.750368][ T1805] usb 5-1: Product: syz
[  217.755295][ T1805] usb 5-1: Manufacturer: syz
[  217.765109][ T1805] usb 5-1: SerialNumber: syz
[  217.768920][ T7040] XFS (loop3): Ending clean mount
[  217.799744][ T7040] XFS (loop3): Quotacheck needed: Please wait.
[  217.862475][ T7040] XFS (loop3): Quotacheck: Done.
[  217.898433][ T7040] XFS (loop3): User initiated shutdown received.
[  217.913726][ T7040] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:487).  Shutting down filesystem.
[  217.927553][ T7040] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  217.945644][ T3559] XFS (loop3): Unmounting Filesystem
[  217.989703][ T6782] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  218.008949][ T6782] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.017243][ T6782] usb 1-1: Product: syz
[  218.022886][ T6782] usb 1-1: Manufacturer: syz
[  218.027630][ T3549] Bluetooth: hci0: Malformed LE Event: 0x0d
[  218.041382][ T6782] usb 1-1: SerialNumber: syz
[  218.068620][ T1805] cdc_ncm 5-1:1.0: bind() failure
[  218.084946][ T1805] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  218.089249][ T6782] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  218.101740][ T1805] cdc_ncm 5-1:1.1: bind() failure
[  218.163559][ T1805] usb 5-1: USB disconnect, device number 12
[  218.426819][ T4746] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  218.668720][ T6783] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  218.803162][ T7101] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  218.951727][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  218.962564][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  218.971384][   T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  218.981342][   T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  218.989149][   T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  218.996560][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  219.004771][ T7042] netlink: 'syz.0.885': attribute type 10 has an invalid length.
[  219.082875][ T6098] usb 1-1: USB disconnect, device number 18
[  219.163237][ T7111] loop4: detected capacity change from 0 to 4096
[  219.187275][   T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.206020][ T7118] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  219.260718][   T27] audit: type=1804 audit(1721211857.138:25): pid=7111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.900" name="/newroot/180/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  219.334032][   T27] audit: type=1804 audit(1721211857.168:26): pid=7111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.900" name="/newroot/180/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  219.359167][   T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.467230][   T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.613162][   T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.676114][ T7104] chnl_net:caif_netlink_parms(): no params data found
[  219.751139][ T6783] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  219.758243][ T6783] ath9k_htc: Failed to initialize the device
[  219.798475][ T6098] usb 1-1: ath9k_htc: USB layer deinitialized
[  220.048754][ T7150] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  220.238428][ T7149] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  220.244991][ T7149] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  220.270396][ T7104] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.298540][ T7104] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.312966][ T7104] device bridge_slave_0 entered promiscuous mode
[  220.321389][ T7149] vhci_hcd vhci_hcd.0: Device attached
[  220.325222][ T7159] vhci_hcd: connection closed
[  220.327597][ T3619] vhci_hcd: stop threads
[  220.348875][ T6098] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  220.382835][ T7131] loop2: detected capacity change from 0 to 32768
[  220.392727][ T3619] vhci_hcd: release socket
[  220.452164][ T4066] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (4066)
[  220.519929][ T3619] vhci_hcd: disconnect device
[  220.532840][ T7104] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.542790][ T7104] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.560039][ T7131] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  220.579270][ T7104] device bridge_slave_1 entered promiscuous mode
[  220.586853][ T7131] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  220.613447][ T7131] BTRFS info (device loop2): using free space tree
[  220.685464][ T7131] BTRFS info (device loop2): enabling ssd optimizations
[  220.692732][ T3590] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  220.736158][ T7104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.748592][ T6098] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.761203][ T6098] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.778458][ T6098] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  220.780366][   T27] audit: type=1800 audit(1721211858.658:27): pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.905" name="bus" dev="loop2" ino=263 res=0 errno=0
[  220.792047][ T6098] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  220.819890][ T6098] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  220.829948][ T6098] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  220.872340][ T7104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.008715][ T6098] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  221.025603][ T7104] team0: Port device team_slave_0 added
[  221.028702][   T48] Bluetooth: hci3: command tx timeout
[  221.053143][ T6098] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.078957][ T3590] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  221.090264][ T3590] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  221.098435][ T6098] usb 1-1: Product: syz
[  221.100916][ T3590] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  221.114116][ T3590] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.114857][ T6098] usb 1-1: Manufacturer: syz
[  221.137742][ T7104] team0: Port device team_slave_1 added
[  221.138793][ T7149] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  221.168892][ T6098] usb 1-1: SerialNumber: syz
[  221.278445][ T6782] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  221.325714][ T7104] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.340127][ T7104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.371460][ T7104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.404576][ T7104] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.411731][ T7104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.438650][ T7104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.453580][   T48] Bluetooth: hci1: Unknown advertising packet type: 0x14
[  221.453611][   T48] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  221.470174][ T6782] usb 5-1: device descriptor read/64, error -71
[  221.488742][ T6098] cdc_ncm 1-1:1.0: bind() failure
[  221.500250][ T6098] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  221.510532][ T6098] cdc_ncm 1-1:1.1: bind() failure
[  221.532379][ T6098] usb 1-1: USB disconnect, device number 19
[  221.605259][ T7104] device hsr_slave_0 entered promiscuous mode
[  221.612145][ T7104] device hsr_slave_1 entered promiscuous mode
[  221.623049][ T7104] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  221.630801][ T7104] Cannot create hsr debugfs directory
[  221.748509][ T6782] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  221.936679][ T5806] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.948591][ T6782] usb 5-1: device descriptor read/64, error -71
[  221.998146][   T48] Bluetooth: hci1: command 0x0406 tx timeout
[  222.078602][ T6782] usb usb5-port1: attempt power cycle
[  222.169308][   T46] device hsr_slave_0 left promiscuous mode
[  222.199077][   T46] device hsr_slave_1 left promiscuous mode
[  222.214692][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.235288][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.257298][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.272906][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.293098][   T46] device bridge_slave_1 left promiscuous mode
[  222.337693][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.357161][   T46] device bridge_slave_0 left promiscuous mode
[  222.370536][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.432219][ T7217] loop0: detected capacity change from 0 to 128
[  222.441091][   T46] device veth1_macvtap left promiscuous mode
[  222.450794][   T46] device veth0_macvtap left promiscuous mode
[  222.468233][   T46] device veth1_vlan left promiscuous mode
[  222.475156][   T46] device veth0_vlan left promiscuous mode
[  222.498360][ T6782] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  222.532503][ T7217] affs: No valid root block on device loop0
[  222.598599][ T6782] usb 5-1: device descriptor read/8, error -71
[  222.755959][ T7222] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns
[  222.803258][ T7222] kvm: pic: non byte write
[  222.834352][ T7222] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  222.869376][ T6782] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  222.932914][ T3595] usb 2-1: USB disconnect, device number 15
[  222.968669][ T6782] usb 5-1: device descriptor read/8, error -71
[  223.062045][ T7228] fuse: Unknown parameter 'ÿÿÿÿ0x000000000000000c'
[  223.090691][ T6782] usb usb5-port1: unable to enumerate USB device
[  223.109036][   T48] Bluetooth: hci3: command tx timeout
[  223.482300][   T46] team0 (unregistering): Port device team_slave_1 removed
[  223.518131][   T46] team0 (unregistering): Port device team_slave_0 removed
[  223.559392][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.594487][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.776793][   T46] bond0 (unregistering): (slave team0): Releasing backup interface
[  223.874738][   T46] bond0 (unregistering): Released all slaves
[  224.643574][ T7260] fuse: Unknown parameter '"'
[  224.748235][ T7261] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  224.754799][ T7261] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  224.807872][ T7261] vhci_hcd vhci_hcd.0: Device attached
[  224.822837][ T7265] vhci_hcd: connection closed
[  224.824153][ T4025] vhci_hcd: stop threads
[  224.855135][ T4025] vhci_hcd: release socket
[  224.884838][ T4025] vhci_hcd: disconnect device
[  225.009684][ T7104] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  225.046723][ T7104] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  225.071745][ T7104] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  225.128541][ T3595] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  225.160735][ T7104] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  225.167812][ T7242] loop4: detected capacity change from 0 to 32768
[  225.188518][   T48] Bluetooth: hci3: command tx timeout
[  225.213573][ T7242] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.924 (7242)
[  225.284857][ T7252] loop0: detected capacity change from 0 to 32768
[  225.299018][ T7242] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  225.336154][ T7252] XFS (loop0): Mounting V5 Filesystem
[  225.395038][ T7252] XFS (loop0): Ending clean mount
[  225.402614][ T7252] XFS (loop0): Quotacheck needed: Please wait.
[  225.405941][ T7242] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  225.441769][ T7252] XFS (loop0): Quotacheck: Done.
[  225.457882][ T7242] BTRFS info (device loop4): using free space tree
[  225.628658][ T3595] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  225.659113][ T3595] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  225.670499][ T3595] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  225.679738][ T3595] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.100859][ T7261] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  226.203072][ T7104] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.219883][ T4416] XFS (loop0): Unmounting Filesystem
[  226.421465][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  226.429640][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  226.453788][ T7242] BTRFS info (device loop4): enabling ssd optimizations
[  226.481354][ T7104] 8021q: adding VLAN 0 to HW filter on device team0
[  226.541209][   T27] audit: type=1800 audit(1721211864.418:28): pid=7242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.924" name="bus" dev="loop4" ino=263 res=0 errno=0
[  226.568023][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  226.586936][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  226.636648][ T6267] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.643884][ T6267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.745282][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  226.765064][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  226.805642][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  226.847822][ T6782] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.855046][ T6782] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.912222][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  226.954897][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  226.994462][   T48] Bluetooth: hci1: ACL packet for unknown connection handle 2637
[  227.020174][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  227.031573][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  227.040249][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  227.049651][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  227.060407][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  227.069378][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  227.078835][ T6783] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  227.092263][ T7104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  227.145720][ T7104] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  227.183192][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  227.199317][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  227.268707][   T48] Bluetooth: hci3: command tx timeout
[  227.387191][ T7333] fuse: Unknown parameter '"'
[  227.425839][ T6782] usb 3-1: USB disconnect, device number 18
[  227.787912][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  228.187640][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  228.207962][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  228.247260][ T7104] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.365340][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  228.384098][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  228.480894][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  228.503728][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  228.662434][ T7104] device veth0_vlan entered promiscuous mode
[  228.702103][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  228.731696][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  228.815593][ T7104] device veth1_vlan entered promiscuous mode
[  228.948065][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  228.985954][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  229.069079][ T7104] device veth0_macvtap entered promiscuous mode
[  229.146661][ T7104] device veth1_macvtap entered promiscuous mode
[  229.269766][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.399428][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.467214][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.508358][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.558367][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.608438][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.643539][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.693463][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.710980][ T7344] loop2: detected capacity change from 0 to 32768
[  229.741378][ T7104] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.790846][ T7344] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.943 (7344)
[  229.825432][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  229.839853][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  229.872051][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  229.909732][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  229.975343][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.002716][ T7344] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  230.003736][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.044955][ T7357] loop0: detected capacity change from 0 to 32768
[  230.052020][ T7344] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  230.067763][ T7344] BTRFS info (device loop2): enabling auto defrag
[  230.098162][ T7344] BTRFS info (device loop2): doing ref verification
[  230.115130][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.132752][ T7344] BTRFS info (device loop2): max_inline at 0
[  230.144451][ T7344] BTRFS info (device loop2): force clearing of disk cache
[  230.153751][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.164447][ T7344] BTRFS info (device loop2): turning on sync discard
[  230.172916][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.188835][ T7357] XFS (loop0): Mounting V5 Filesystem
[  230.195008][ T7344] BTRFS info (device loop2): disabling free space tree
[  230.207213][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.332103][ T7104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.346662][ T7357] XFS (loop0): Ending clean mount
[  230.360748][ T7357] XFS (loop0): Quotacheck needed: Please wait.
[  230.400559][ T7104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.418771][ T7357] XFS (loop0): Quotacheck: Done.
[  230.473233][ T7104] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.503340][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  230.522790][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  230.606281][ T7104] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.660793][ T7104] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.703027][ T7405] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  230.711119][ T7104] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.724466][ T7104] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.279792][ T7344] BTRFS error (device loop2): open_ctree failed
[  231.411317][ T4416] XFS (loop0): Unmounting Filesystem
[  231.451185][ T4025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.469774][ T3619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.487616][ T3619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.511036][ T4025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.534086][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  231.578027][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  231.692406][ T7414] delete_channel: no stack
[  231.877470][ T7418] fuse: Unknown parameter '"'
[  232.107155][ T7426] loop3: detected capacity change from 0 to 4096
[  232.202396][ T7432] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  232.249350][   T27] audit: type=1804 audit(1721211870.128:29): pid=7426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.955" name="/newroot/1/file0/file1" dev="loop3" ino=15 res=1 errno=0
[  232.331237][ T7436] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  232.749339][ T7442] loop2: detected capacity change from 0 to 4096
[  232.856440][ T7449] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  233.082959][ T7448] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  233.089544][ T7448] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  233.134408][ T7423] loop4: detected capacity change from 0 to 32768
[  233.159483][ T7448] vhci_hcd vhci_hcd.0: Device attached
[  233.195503][ T7423] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.954 (7423)
[  233.333560][ T7423] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  233.370388][ T7450] vhci_hcd: connection closed
[  233.372453][ T3619] vhci_hcd: stop threads
[  233.409986][ T3619] vhci_hcd: release socket
[  233.420591][ T7423] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  233.440389][ T3619] vhci_hcd: disconnect device
[  233.468388][ T6267] usb 16-1: SetAddress Request (2) to port 0
[  233.478972][ T6267] usb 16-1: new SuperSpeed USB device number 2 using vhci_hcd
[  233.528398][ T6267] usb 16-1: enqueue for inactive port 0
[  233.536819][ T7423] BTRFS info (device loop4): using free space tree
[  233.595175][ T7460] delete_channel: no stack
[  233.685857][ T7465] fuse: Unknown parameter '"'
[  233.832350][ T7423] BTRFS info (device loop4): enabling ssd optimizations
[  233.875771][   T27] audit: type=1800 audit(1721211871.748:30): pid=7423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.954" name="bus" dev="loop4" ino=263 res=0 errno=0
[  233.949022][ T6267] usb usb16-port1: attempt power cycle
[  234.165019][ T7445] loop0: detected capacity change from 0 to 32768
[  234.198231][ T7445] XFS: ikeep mount option is deprecated.
[  234.266974][ T7445] XFS (loop0): Mounting V5 Filesystem
[  234.417682][ T7445] XFS (loop0): Ending clean mount
[  234.437514][ T7445] XFS (loop0): Quotacheck needed: Please wait.
[  234.445723][ T7495] loop1: detected capacity change from 0 to 4096
[  234.498139][ T7501] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  234.499821][ T7445] XFS (loop0): Quotacheck: Done.
[  234.522327][ T7498] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  234.534184][   T27] audit: type=1804 audit(1721211872.408:31): pid=7495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.969" name="/newroot/162/file0/file1" dev="loop1" ino=15 res=1 errno=0
[  234.607430][ T6267] usb usb16-port1: unable to enumerate USB device
[  234.692248][ T4416] XFS (loop0): Unmounting Filesystem
[  234.852888][   T48] Bluetooth: hci5: ACL packet for unknown connection handle 2637
[  234.877969][ T3545] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.433509][ T7515] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  235.440038][ T7515] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  235.491830][ T7515] vhci_hcd vhci_hcd.0: Device attached
[  235.497446][ T7516] vhci_hcd: connection closed
[  235.523754][ T3619] vhci_hcd: stop threads
[  235.535336][ T7520] fuse: Unknown parameter '"'
[  235.550312][ T3619] vhci_hcd: release socket
[  235.564286][ T3619] vhci_hcd: disconnect device
[  235.658687][ T6267] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  236.071295][ T7535] loop4: detected capacity change from 0 to 4096
[  236.128528][ T6267] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  236.152509][ T6267] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  236.169604][ T6267] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  236.181813][ T7539] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  236.194563][ T6267] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.228677][ T7519] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  236.262846][   T27] audit: type=1804 audit(1721211874.138:32): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.981" name="/newroot/193/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  237.106175][ T7538] loop0: detected capacity change from 0 to 32768
[  237.120138][ T7538] XFS: ikeep mount option is deprecated.
[  237.157245][ T7538] XFS (loop0): Mounting V5 Filesystem
[  237.246533][ T7538] XFS (loop0): Ending clean mount
[  237.257434][ T7538] XFS (loop0): Quotacheck needed: Please wait.
[  237.290759][ T7538] XFS (loop0): Quotacheck: Done.
[  237.374883][ T4416] XFS (loop0): Unmounting Filesystem
[  237.620487][ T7543] loop3: detected capacity change from 0 to 32768
[  237.657837][ T7543] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.984 (7543)
[  237.675727][ T7541] loop4: detected capacity change from 0 to 40427
[  237.695502][ T7541] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  237.716448][ T7543] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  237.720035][ T7541] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  237.764444][ T7543] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  237.781192][ T7543] BTRFS info (device loop3): using free space tree
[  237.810855][ T7541] F2FS-fs (loop4): Found nat_bits in checkpoint
[  237.936560][ T7543] BTRFS info (device loop3): enabling ssd optimizations
[  238.043577][ T3595] usb 3-1: USB disconnect, device number 19
[  238.054576][   T27] audit: type=1800 audit(1721211875.928:33): pid=7543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.984" name="bus" dev="loop3" ino=263 res=0 errno=0
[  238.074743][    C1] vkms_vblank_simulate: vblank timer overrun
[  238.076036][ T7541] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  238.126086][ T7592] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  238.138479][ T7541] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  238.383185][ T7594] loop2: detected capacity change from 0 to 4096
[  239.075947][ T7599] syz.4.983: attempt to access beyond end of device
[  239.075947][ T7599] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  239.091397][   T27] audit: type=1804 audit(1721211876.948:34): pid=7599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.983" name="/newroot/194/file1/bus" dev="loop4" ino=10 res=1 errno=0
[  239.447366][ T7601] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  239.467946][ T3545] syz-executor: attempt to access beyond end of device
[  239.467946][ T3545] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  239.543354][   T27] audit: type=1804 audit(1721211877.418:35): pid=7594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.993" name="/newroot/79/file0/file1" dev="loop2" ino=15 res=1 errno=0
[  239.558987][ T7607] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  239.883045][ T7609] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  240.068659][ T3549] Bluetooth: hci5: command tx timeout
[  240.826994][ T7104] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  240.929457][ T3549] Bluetooth: to_multiplier 7 < 10
[  241.013822][ T7631] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  241.414034][ T7642] loop1: detected capacity change from 0 to 512
[  241.417385][ T7640] loop0: detected capacity change from 0 to 4096
[  241.463721][ T7642] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  241.478514][ T7642] UDF-fs: Scanning with blocksize 512 failed
[  241.485964][ T7642] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  241.495056][ T7642] UDF-fs: Scanning with blocksize 1024 failed
[  241.511207][ T7642] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  241.526559][ T7642] UDF-fs: Scanning with blocksize 2048 failed
[  241.543841][ T7645] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  241.555499][ T7642] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  241.578422][ T7642] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  241.632915][   T27] audit: type=1804 audit(1721211879.508:36): pid=7640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1008" name="/newroot/126/file0/file1" dev="loop0" ino=15 res=1 errno=0
[  241.654559][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.679716][ T7646] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  242.304869][ T7656] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns
[  242.369198][ T4746] UDF-fs: error (device loop1): udf_read_inode: (ino 24) failed !bh
[  242.389377][ T4746] UDF-fs: error (device loop1): udf_read_inode: (ino 24) failed !bh
[  242.427057][ T7656] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  242.468457][ T3549] Bluetooth: hci5: command 0x0406 tx timeout
[  242.563882][ T7638] loop4: detected capacity change from 0 to 40427
[  242.602362][ T7638] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  242.628921][ T7638] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  242.697200][ T7638] F2FS-fs (loop4): Found nat_bits in checkpoint
[  242.862356][ T7638] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  242.899590][ T7638] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  242.912192][ T4479] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.948751][ T3549] Bluetooth: hci1: command 0x0406 tx timeout
[  243.173522][ T4479] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.167214][ T3545] syz-executor: attempt to access beyond end of device
[  244.167214][ T3545] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  244.210998][ T7659] loop2: detected capacity change from 0 to 32768
[  244.252435][ T7659] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1014 (7659)
[  244.280616][ T7659] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  244.295915][ T4479] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.307774][ T7659] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  244.319189][ T7659] BTRFS info (device loop2): using free space tree
[  244.436005][ T4479] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.526237][ T3549] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  244.536385][ T3549] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  244.548504][ T3549] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  244.558077][ T3549] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  244.567237][ T3549] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  244.584651][ T3549] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  244.878494][ T7659] BTRFS info (device loop2): enabling ssd optimizations
[  244.957572][   T27] audit: type=1800 audit(1721211882.828:37): pid=7659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1014" name="bus" dev="loop2" ino=263 res=0 errno=0
[  245.312234][ T7676] loop0: detected capacity change from 0 to 32768
[  245.354646][ T7676] XFS: ikeep mount option is deprecated.
[  245.378755][ T7701] loop4: detected capacity change from 0 to 4096
[  245.495756][ T7711] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  245.537808][   T27] audit: type=1804 audit(1721211883.408:38): pid=7701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1020" name="/newroot/197/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  245.589239][ T7676] XFS (loop0): Mounting V5 Filesystem
[  245.694523][ T7687] chnl_net:caif_netlink_parms(): no params data found
[  246.021447][ T7676] XFS (loop0): Ending clean mount
[  246.034126][ T7676] XFS (loop0): Quotacheck needed: Please wait.
[  246.109192][ T5806] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  246.123035][ T7676] XFS (loop0): Quotacheck: Done.
[  246.309914][ T4416] XFS (loop0): Unmounting Filesystem
[  246.578069][ T7687] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.595049][ T7687] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.609622][ T7687] device bridge_slave_0 entered promiscuous mode
[  246.628511][   T48] Bluetooth: hci4: command tx timeout
[  246.717051][ T7687] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.734666][ T7687] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.788496][ T6266] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  246.802862][ T7687] device bridge_slave_1 entered promiscuous mode
[  246.891232][ T7748] loop2: detected capacity change from 0 to 4096
[  246.932142][ T7748] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  247.047073][ T7748] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  247.050383][ T7687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.068005][ T7748] ntfs3: loop2: Failed to load $Extend.
[  247.093004][ T7687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.108511][ T6266] usb 5-1: Using ep0 maxpacket: 8
[  247.229654][ T6266] usb 5-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  247.239562][ T6266] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.258077][ T6266] usb 5-1: config 0 descriptor??
[  247.310513][ T6266] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  247.317554][ T7687] team0: Port device team_slave_0 added
[  247.327239][ T6266] input: xirlink-cit as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14
[  247.492245][ T7687] team0: Port device team_slave_1 added
[  247.513766][ T7743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.546180][ T7743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  247.650999][ T7687] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.671315][ T7687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.724848][ T6267] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  247.768987][ T7687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.805425][ T4479] device hsr_slave_0 left promiscuous mode
[  247.857975][ T4479] device hsr_slave_1 left promiscuous mode
[  247.878099][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  247.903712][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_0
[  247.926395][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  247.947901][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_1
[  247.972809][ T4479] device bridge_slave_1 left promiscuous mode
[  247.994003][ T4479] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.014657][ T4479] device bridge_slave_0 left promiscuous mode
[  248.027620][ T4479] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.108556][ T6267] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.126537][ T6267] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.136396][ T6267] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  248.158340][ T6267] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  248.178370][ T6267] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  248.184279][   T26] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  248.188036][ T6267] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  248.219043][ T4479] device veth1_macvtap left promiscuous mode
[  248.225297][ T4479] device veth0_macvtap left promiscuous mode
[  248.248478][ T4479] device veth1_vlan left promiscuous mode
[  248.254360][ T4479] device veth0_vlan left promiscuous mode
[  248.338434][ T6267] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  248.347504][ T6267] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.378393][ T6267] usb 1-1: Product: syz
[  248.382632][ T6267] usb 1-1: Manufacturer: syz
[  248.398314][ T6267] usb 1-1: SerialNumber: syz
[  248.411117][ T7770] loop2: detected capacity change from 0 to 32768
[  248.424944][ T7770] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1035 (7770)
[  248.471544][ T7770] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  248.489669][ T7770] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  248.506476][ T7770] BTRFS info (device loop2): using free space tree
[  248.554665][ T7770] BTRFS info (device loop2): enabling ssd optimizations
[  248.586548][   T27] audit: type=1800 audit(1721211886.458:39): pid=7770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1035" name="bus" dev="loop2" ino=263 res=0 errno=0
[  248.643069][   T48] Bluetooth: hci1: Malformed LE Event: 0x0d
[  248.702038][ T6267] cdc_ncm 1-1:1.0: bind() failure
[  248.708580][   T48] Bluetooth: hci4: command tx timeout
[  248.715781][ T6267] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  248.728521][ T6267] cdc_ncm 1-1:1.1: bind() failure
[  248.754375][ T6267] usb 1-1: USB disconnect, device number 20
[  248.788840][   T26] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  248.802422][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.812054][   T26] usb 4-1: Product: syz
[  248.816417][   T26] usb 4-1: Manufacturer: syz
[  248.821508][   T26] usb 4-1: SerialNumber: syz
[  248.869430][   T26] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  249.206210][ T5806] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  249.218358][ T4479] team0 (unregistering): Port device team_slave_1 removed
[  249.279960][ T4479] team0 (unregistering): Port device team_slave_0 removed
[  249.322221][ T4479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.456690][ T3590] usb 5-1: USB disconnect, device number 17
[  249.518440][   T26] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  249.619435][ T4479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  250.087814][ T4479] bond0 (unregistering): Released all slaves
[  250.152354][ T7687] batman_adv: batadv0: Adding interface: batadv_slave_1
[  250.159663][ T7687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  250.185963][ T7687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  250.234620][ T7822] netlink: 'syz.3.1036': attribute type 10 has an invalid length.
[  250.274515][    T7] usb 4-1: USB disconnect, device number 13
[  250.353494][ T7687] device hsr_slave_0 entered promiscuous mode
[  250.424519][ T7687] device hsr_slave_1 entered promiscuous mode
[  250.454696][ T7687] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  250.477518][ T7687] Cannot create hsr debugfs directory
[  250.608405][   T26] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  250.615522][   T26] ath9k_htc: Failed to initialize the device
[  250.640865][ T7830] loop4: detected capacity change from 0 to 4096
[  250.642416][    T7] usb 4-1: ath9k_htc: USB layer deinitialized
[  250.707134][ T7837] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.766067][   T27] audit: type=1804 audit(1721211888.638:40): pid=7841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1043" name="/newroot/204/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  250.788463][ T3549] Bluetooth: hci4: command tx timeout
[  251.141953][ T7851] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1049'.
[  251.510372][ T3549] Bluetooth: hci0: unexpected event 0x0e length: 1 < 3
[  251.520243][ T3549] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  252.266534][ T7870] fuse: Unknown parameter '"'
[  252.309859][ T7878] delete_channel: no stack
[  252.397463][ T7878] sock: sock_timestamping_bind_phc: sock not bind to device
[  252.418696][   T26] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  252.621575][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.648389][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.666457][ T7889] netlink: 'syz.2.1057': attribute type 10 has an invalid length.
[  252.674586][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.703164][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.731258][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.751576][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.787679][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.796405][ T7687] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  252.798106][   T26] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.828610][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  252.844899][ T7687] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  252.868573][   T48] Bluetooth: hci4: command tx timeout
[  252.910896][ T7896] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1060'.
[  252.941586][ T7687] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  252.960467][ T7687] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  252.981008][   T26] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.993342][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  253.001653][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  253.009485][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  253.019390][ T3594] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  253.027695][   T26] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  253.037897][ T3594] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  253.044012][ T3549] Bluetooth: hci3: unexpected event 0x0e length: 1 < 3
[  253.054516][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  253.054545][   T26] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  253.339366][   T26] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  253.761406][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.780881][   T26] usb 5-1: Product: syz
[  253.785091][   T26] usb 5-1: Manufacturer: syz
[  253.790283][   T26] usb 5-1: SerialNumber: syz
[  253.996881][ T7687] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.059942][   T48] Bluetooth: hci0: Unknown advertising packet type: 0x14
[  254.059978][   T48] Bluetooth: hci0: Unknown advertising packet type: 0x20
[  254.095639][   T26] cdc_ncm 5-1:1.0: bind() failure
[  254.189132][   T26] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  254.195964][   T26] cdc_ncm 5-1:1.1: bind() failure
[  254.234207][   T26] usb 5-1: USB disconnect, device number 18
[  254.293001][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  254.309833][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  254.352982][ T7687] 8021q: adding VLAN 0 to HW filter on device team0
[  254.379556][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  254.415803][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  254.434757][ T6267] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.442107][ T6267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.464214][ T7919] tipc: Can't bind to reserved service type 0
[  254.469975][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  254.500151][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  254.509168][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  254.527936][ T6264] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.535123][ T6264] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.563258][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  254.601854][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  254.612265][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  254.645540][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  254.672300][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  254.692932][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  254.730707][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  254.749242][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  254.779080][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  254.809569][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  254.829452][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  254.840624][ T7687] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  254.944540][ T7927] fuse: Unknown parameter '"'
[  254.999074][ T7933] delete_channel: no stack
[  255.066829][ T7933] sock: sock_timestamping_bind_phc: sock not bind to device
[  255.198487][   T48] Bluetooth: hci3: command tx timeout
[  255.430461][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.453770][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  255.512402][ T7948] netlink: 'syz.0.1070': attribute type 10 has an invalid length.
[  255.533707][ T7687] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.752309][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  255.762214][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  256.274675][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  256.369111][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  257.078673][ T6267] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  257.488566][ T6267] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.524343][ T6267] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.598370][ T6267] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  257.634805][ T6267] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  257.645752][ T7980] delete_channel: no stack
[  257.655258][ T6267] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  257.686072][ T6267] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  257.713871][ T7981] sock: sock_timestamping_bind_phc: sock not bind to device
[  257.778866][ T7687] device veth0_vlan entered promiscuous mode
[  257.809496][ T7687] device veth1_vlan entered promiscuous mode
[  257.861248][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  257.871182][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  257.878535][ T6267] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  257.903038][ T6267] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.903588][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  257.963021][ T6267] usb 1-1: Product: syz
[  257.977543][ T6267] usb 1-1: Manufacturer: syz
[  257.987653][ T6267] usb 1-1: SerialNumber: syz
[  258.088999][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  258.108418][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  258.117294][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  258.125517][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  258.134499][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  258.170048][ T7687] device veth0_macvtap entered promiscuous mode
[  258.219994][ T7687] device veth1_macvtap entered promiscuous mode
[  258.260894][   T48] Bluetooth: hci1: Malformed LE Event: 0x0d
[  258.296321][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.298518][ T6267] cdc_ncm 1-1:1.0: bind() failure
[  258.350443][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.373153][ T6267] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  258.398474][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.409329][ T6267] cdc_ncm 1-1:1.1: bind() failure
[  258.428538][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.449509][ T6267] usb 1-1: USB disconnect, device number 21
[  258.453696][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.505710][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.548476][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.587299][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.601512][ T7687] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.616060][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  258.634858][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  258.659352][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  258.679715][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  258.702783][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.734787][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.747793][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.758999][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.771353][ T6264] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  258.878137][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.884930][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.900391][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.907867][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.908686][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.928557][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.945780][ T7687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.946252][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.978675][ T7687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.985808][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  258.990171][ T7687] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.002331][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  259.020943][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  259.028358][ T6264] usb 5-1: Using ep0 maxpacket: 16
[  259.035728][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  259.049626][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  259.063809][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  259.075804][ T8008] netlink: 'syz.2.1083': attribute type 10 has an invalid length.
[  259.087377][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  259.089709][ T7687] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.096559][ T5787] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  259.142695][ T7687] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.182191][ T7687] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.233638][ T7687] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.276222][ T5787] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  259.308451][ T6264] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  260.069287][ T6264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.078028][ T6264] usb 5-1: Product: syz
[  260.093904][ T6264] usb 5-1: Manufacturer: syz
[  260.101039][ T6264] usb 5-1: SerialNumber: syz
[  260.107470][ T6264] usb 5-1: config 0 descriptor??
[  260.155280][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.172788][ T6264] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  260.191424][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.330129][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  260.615646][ T3619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.692956][ T3619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.061367][ T5787] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  261.349061][   T48] Bluetooth: to_multiplier 7 < 10
[  261.470529][ T8039] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  261.544526][ T3549] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  261.559969][ T3549] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  261.573425][ T3549] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  261.583411][ T3549] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  261.604909][ T3549] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  261.614502][ T3549] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  261.747754][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.753366][ T6264] ssu100: probe of 5-1:0.0 failed with error -71
[  261.782008][ T6264] usb 5-1: USB disconnect, device number 19
[  261.967217][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.695656][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.480577][ T3549] Bluetooth: hci4: command tx timeout
[  263.881173][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.908590][   T48] Bluetooth: hci1: command tx timeout
[  264.211752][ T8046] chnl_net:caif_netlink_parms(): no params data found
[  264.228639][   T26] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  264.488781][ T8103] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  264.489545][   T26] usb 2-1: Using ep0 maxpacket: 8
[  264.618517][   T26] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  264.630999][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.655879][   T26] usb 2-1: config 0 descriptor??
[  264.707329][ T8046] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.721141][   T26] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  264.730823][   T26] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input15
[  264.739901][ T8046] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.792584][ T8046] device bridge_slave_0 entered promiscuous mode
[  264.953293][ T8079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  264.962778][ T8079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.711264][ T8046] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.718671][ T8046] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.726999][ T8046] device bridge_slave_1 entered promiscuous mode
[  265.733685][ T8079] usb usb2: usbfs: process 8079 (syz.1.1098) did not claim interface 0 before use
[  265.989370][   T48] Bluetooth: hci1: command tx timeout
[  266.052135][ T8046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.066007][ T8046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.221970][ T8046] team0: Port device team_slave_0 added
[  266.256510][ T8046] team0: Port device team_slave_1 added
[  266.360916][ T8046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.368173][ T8046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.397378][ T8046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  266.480649][ T8046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.497964][ T8046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.551574][ T8046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.861349][ T8046] device hsr_slave_0 entered promiscuous mode
[  266.884384][ T8046] device hsr_slave_1 entered promiscuous mode
[  266.920772][ T8046] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  266.937065][ T8046] Cannot create hsr debugfs directory
[  267.046239][ T8164] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  267.265221][ T5789] usb 2-1: USB disconnect, device number 16
[  267.374185][   T11] device hsr_slave_0 left promiscuous mode
[  267.413199][   T11] device hsr_slave_1 left promiscuous mode
[  267.425098][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.435400][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.467876][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  267.475741][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  267.589006][   T11] device bridge_slave_1 left promiscuous mode
[  267.622305][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.699204][   T11] device bridge_slave_0 left promiscuous mode
[  267.725931][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.427961][   T48] Bluetooth: hci1: command tx timeout
[  268.480550][   T11] device veth1_macvtap left promiscuous mode
[  268.488158][   T11] device veth0_macvtap left promiscuous mode
[  268.494874][   T11] device veth1_vlan left promiscuous mode
[  268.500979][   T11] device veth0_vlan left promiscuous mode
[  269.066582][   T11] team0 (unregistering): Port device team_slave_1 removed
[  269.105590][   T11] team0 (unregistering): Port device team_slave_0 removed
[  269.142695][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.179383][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.480151][   T11] bond0 (unregistering): Released all slaves
[  269.983310][ T8204] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  270.398343][ T5789] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  270.468957][   T48] Bluetooth: hci1: command tx timeout
[  270.681526][ T8046] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  270.714565][ T8046] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  270.788354][ T5789] usb 3-1: Using ep0 maxpacket: 8
[  270.789249][ T8046] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  270.891357][ T8046] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  270.948529][ T5789] usb 3-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  270.958072][ T5789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.968728][ T5789] usb 3-1: config 0 descriptor??
[  271.010948][ T5789] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  271.021503][ T5789] input: xirlink-cit as /devices/platform/dummy_hcd.2/usb3/3-1/input/input16
[  271.213131][ T8208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.223631][ T8208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.258671][ T8046] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.329804][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.339869][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  271.352400][ T8046] 8021q: adding VLAN 0 to HW filter on device team0
[  271.494118][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.517357][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.576477][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.583686][ T5789] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.338731][ T8246] delete_channel: no stack
[  272.441436][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  272.451627][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  272.479011][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  272.505231][ T3595] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.512419][ T3595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.557241][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  272.581098][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  272.611153][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  272.631593][ T8261] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  272.652252][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  272.689206][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  272.717192][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  272.753928][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  272.773344][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  272.803156][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  272.980825][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  272.989747][ T5789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  273.003140][ T8046] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  273.149391][   T48] Bluetooth: hci4: ACL packet for unknown connection handle 2637
[  273.182907][ T3595] usb 3-1: USB disconnect, device number 20
[  273.309378][ T8281] delete_channel: no stack
[  273.420075][ T8281] sock: sock_timestamping_bind_phc: sock not bind to device
[  274.176717][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  274.230345][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  274.449649][ T8046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.750182][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  274.787354][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  274.877173][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  274.898623][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  274.941739][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  274.977170][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  275.002557][ T8046] device veth0_vlan entered promiscuous mode
[  275.012617][ T8302] loop4: detected capacity change from 0 to 4096
[  275.042953][ T8046] device veth1_vlan entered promiscuous mode
[  275.059443][ T8282] loop1: detected capacity change from 0 to 32768
[  275.098016][ T8282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1143 (8282)
[  275.158519][ T8306] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  275.169492][ T8282] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  275.196198][ T8282] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  275.212313][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  275.235230][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  275.250287][ T8282] BTRFS info (device loop1): using free space tree
[  275.276359][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  275.286635][   T27] audit: type=1804 audit(1721211913.168:41): pid=8302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1146" name="/newroot/222/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  275.328102][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  275.416799][ T8046] device veth0_macvtap entered promiscuous mode
[  275.571288][ T8046] device veth1_macvtap entered promiscuous mode
[  275.699656][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.729730][ T8282] BTRFS info (device loop1): enabling ssd optimizations
[  275.761744][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.812803][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.848080][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.884887][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.929543][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.965106][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.997577][ T8345] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  276.005508][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.057109][ T8046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  276.105908][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  276.116673][ T7687] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  276.131116][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  276.166651][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  276.185467][ T6267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  276.207492][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.234919][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.269604][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.305120][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.371919][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.403876][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.431310][ T8046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.456559][ T8046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.497071][ T8046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.522112][ T8349] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1151'.
[  276.572891][ T8355] delete_channel: no stack
[  276.598601][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  276.620151][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  276.644050][ T8046] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.665013][ T8046] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.666003][ T8355] sock: sock_timestamping_bind_phc: sock not bind to device
[  276.694663][ T8046] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.733117][ T8046] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.848407][ T6264] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  276.966174][ T5224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.011978][ T5224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.048580][ T6266] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  277.074697][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  277.098572][ T6264] usb 2-1: Using ep0 maxpacket: 8
[  277.111993][ T5224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.140702][ T5224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.218623][ T6264] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  277.242912][ T6264] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.322601][ T6264] usb 2-1: config 0 descriptor??
[  277.338833][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  277.370442][ T6264] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  277.390347][ T6264] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input17
[  277.429358][ T6266] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.487707][ T6266] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.507747][ T6266] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  277.524343][ T6266] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  277.534829][ T6266] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  277.571471][ T6266] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  277.584801][ T8353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.598600][ T8353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.633628][ T8353] usb usb2: usbfs: process 8353 (syz.1.1152) did not claim interface 0 before use
[  277.738764][ T6266] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  277.761735][ T6266] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.811913][ T6266] usb 3-1: Product: syz
[  277.821063][ T6266] usb 3-1: Manufacturer: syz
[  277.833673][ T6266] usb 3-1: SerialNumber: syz
[  277.976436][ T8373] loop3: detected capacity change from 0 to 4096
[  278.002029][ T8375] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  278.032615][   T27] audit: type=1804 audit(1721211915.908:42): pid=8373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1157" name="/newroot/50/file0/file1" dev="loop3" ino=15 res=1 errno=0
[  278.280610][   T48] Bluetooth: hci2: Unknown advertising packet type: 0x14
[  278.280682][   T48] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  278.808456][ T6266] cdc_ncm 3-1:1.0: bind() failure
[  278.833631][ T6266] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  278.840986][ T6266] cdc_ncm 3-1:1.1: bind() failure
[  278.856657][ T6266] usb 3-1: USB disconnect, device number 21
[  278.890849][ T8378] loop0: detected capacity change from 0 to 256
[  278.941923][ T8378] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  280.908612][ T8392] delete_channel: no stack
[  280.926660][ T5787] usb 2-1: USB disconnect, device number 17
[  281.085910][ T8396] delete_channel: no stack
[  281.146533][ T8396] sock: sock_timestamping_bind_phc: sock not bind to device
[  281.341939][ T8398] loop3: detected capacity change from 0 to 4096
[  281.376807][ T8398] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  281.587549][ T8398] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  281.607171][ T8398] ntfs3: loop3: Failed to load $Extend.
[  283.925704][ T3549] Bluetooth: hci2: command 0x0406 tx timeout
[  285.987236][ T8436] delete_channel: no stack
[  286.104095][ T8438] delete_channel: no stack
[  286.162451][ T8438] sock: sock_timestamping_bind_phc: sock not bind to device
[  286.170102][    T7] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  286.488505][ T6264] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  286.548477][    T7] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.562479][    T7] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.572907][    T7] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  286.593751][    T7] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  286.622837][    T7] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  286.643515][    T7] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  286.738726][ T6264] usb 4-1: Using ep0 maxpacket: 32
[  286.818554][    T7] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  286.831407][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.840167][    T7] usb 2-1: Product: syz
[  286.844423][    T7] usb 2-1: Manufacturer: syz
[  286.849227][    T7] usb 2-1: SerialNumber: syz
[  286.858494][ T6264] usb 4-1: New USB device found, idVendor=10cf, idProduct=8068, bcdDevice=2e.fd
[  286.878009][ T6264] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.897419][ T6264] usb 4-1: config 0 descriptor??
[  286.952033][ T6264] vmk80xx 4-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  287.113175][   T48] Bluetooth: hci4: Unknown advertising packet type: 0x14
[  287.113254][   T48] Bluetooth: hci4: Unknown advertising packet type: 0x20
[  287.148641][    T7] cdc_ncm 2-1:1.0: bind() failure
[  287.149744][   T26] usb 4-1: USB disconnect, device number 14
[  287.170980][    T7] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  287.177802][    T7] cdc_ncm 2-1:1.1: bind() failure
[  287.233349][    T7] usb 2-1: USB disconnect, device number 18
[  288.376974][ T8471] delete_channel: no stack
[  290.155546][ T8471] sock: sock_timestamping_bind_phc: sock not bind to device
[  290.446758][ T8477] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  290.494795][ T8489] loop4: detected capacity change from 0 to 256
[  290.614822][ T8489] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  290.718497][    T7] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  290.878659][ T6266] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  290.919066][    T7] usb 2-1: device descriptor read/64, error -71
[  291.827345][    T7] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  292.018107][ T8502] loop3: detected capacity change from 0 to 764
[  292.028373][    T7] usb 2-1: device descriptor read/64, error -71
[  292.110305][ T8504] fuse: Unknown parameter '"'
[  292.193529][    T7] usb usb2-port1: attempt power cycle
[  292.377052][ T8510] rock: directory entry would overflow storage
[  292.393152][ T8510] rock: sig=0x4f50, size=4, remaining=3
[  292.410924][ T8510] iso9660: Corrupted directory entry in block 4 of inode 1792
[  292.498762][ T6266] usb 1-1: device descriptor read/all, error -71
[  292.643773][    T7] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  292.738429][    T7] usb 2-1: device descriptor read/8, error -71
[  295.848330][    T7] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  397.708229][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  397.715288][    C0] rcu: 	1-...!: (1 GPs behind) idle=2c34/1/0x4000000000000000 softirq=30409/30410 fqs=626
[  397.726584][    C0] 	(detected by 0, t=10502 jiffies, g=37929, q=368 ncpus=2)
[  397.733976][    C0] Sending NMI from CPU 0 to CPUs 1:
[  397.739278][    C1] NMI backtrace for cpu 1
[  397.739288][    C1] CPU: 1 PID: 8511 Comm: syz.3.1198 Not tainted 6.1.99-syzkaller #0
[  397.739304][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  397.739326][    C1] RIP: 0010:__lock_acquire+0x6d3/0x1f80
[  397.739353][    C1] Code: c7 00 91 ff 8c 48 89 de e8 ba 43 f9 02 48 8b 34 24 48 ba 00 00 00 00 00 fc ff df e9 65 ff ff ff 65 8b 05 34 ff 97 7e 41 b7 02 <85> c0 48 8b 5c 24 10 75 1f 48 8b 44 24 58 0f b6 04 10 84 c0 0f 85
[  397.739365][    C1] RSP: 0018:ffffc900001e0a00 EFLAGS: 00000006
[  397.739378][    C1] RAX: 0000000000000001 RBX: 0000000000094005 RCX: 0000000000000002
[  397.739388][    C1] RDX: dffffc0000000000 RSI: ffff88802296e420 RDI: ffffffff9049c220
[  397.739398][    C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff2093845
[  397.739409][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  397.739418][    C1] R13: ffff88802296d940 R14: ffff88802296e490 R15: 1ffff1100452dc02
[  397.739429][    C1] FS:  00007f1cb47306c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  397.739442][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  397.739453][    C1] CR2: 000000110c25f5c9 CR3: 0000000066d06000 CR4: 00000000003506e0
[  397.739466][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  397.739474][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  397.739484][    C1] Call Trace:
[  397.739490][    C1]  <NMI>
[  397.739497][    C1]  ? nmi_cpu_backtrace+0x3de/0x560
[  397.739520][    C1]  ? read_lock_is_recursive+0x10/0x10
[  397.739540][    C1]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  397.739565][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  397.739584][    C1]  ? nmi_handle+0x12e/0x440
[  397.739603][    C1]  ? nmi_handle+0x25/0x440
[  397.739621][    C1]  ? __lock_acquire+0x6d3/0x1f80
[  397.739638][    C1]  ? default_do_nmi+0x62/0x150
[  397.739652][    C1]  ? exc_nmi+0xa8/0x100
[  397.739665][    C1]  ? end_repeat_nmi+0x16/0x31
[  397.739688][    C1]  ? __lock_acquire+0x6d3/0x1f80
[  397.739705][    C1]  ? __lock_acquire+0x6d3/0x1f80
[  397.739723][    C1]  ? __lock_acquire+0x6d3/0x1f80
[  397.739740][    C1]  </NMI>
[  397.739744][    C1]  <IRQ>
[  397.739755][    C1]  lock_acquire+0x1f8/0x5a0
[  397.739771][    C1]  ? debug_object_deactivate+0x63/0x380
[  397.739793][    C1]  ? read_lock_is_recursive+0x10/0x10
[  397.739811][    C1]  ? __lock_acquire+0x1f80/0x1f80
[  397.739831][    C1]  ? do_raw_spin_unlock+0x137/0x8a0
[  397.739846][    C1]  ? do_raw_spin_lock+0x14a/0x370
[  397.739861][    C1]  _raw_spin_lock_irqsave+0xd1/0x120
[  397.739877][    C1]  ? debug_object_deactivate+0x63/0x380
[  397.739895][    C1]  ? _raw_spin_lock+0x40/0x40
[  397.739914][    C1]  debug_object_deactivate+0x63/0x380
[  397.739934][    C1]  debug_deactivate+0x1d/0x280
[  397.739951][    C1]  __hrtimer_run_queues+0x334/0xe50
[  397.739974][    C1]  ? hrtimer_interrupt+0x980/0x980
[  397.739989][    C1]  ? ktime_get_update_offsets_now+0x407/0x420
[  397.740009][    C1]  hrtimer_interrupt+0x392/0x980
[  397.740034][    C1]  __sysvec_apic_timer_interrupt+0x156/0x580
[  397.740052][    C1]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  397.740068][    C1]  </IRQ>
[  397.740072][    C1]  <TASK>
[  397.740077][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  397.740095][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[  397.740112][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 f2 9d 4c f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 07 e7 c8 f6 65 8b 05 08 f3 6c 75 85 c0 74 3f 48 c7 04 24 0e 36
[  397.740123][    C1] RSP: 0018:ffffc900052f7b60 EFLAGS: 00000206
[  397.740135][    C1] RAX: bc53577cb1731c00 RBX: 1ffff92000a5ef70 RCX: ffffffff816ad6da
[  397.740146][    C1] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: 0000000000000001
[  397.740155][    C1] RBP: ffffc900052f7bf0 R08: dffffc0000000000 R09: fffffbfff2093845
[  397.740166][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  397.740176][    C1] R13: 1ffff92000a5ef6c R14: ffffc900052f7b80 R15: 0000000000000246
[  397.740189][    C1]  ? mark_lock+0x9a/0x340
[  397.740209][    C1]  ? _raw_spin_unlock+0x40/0x40
[  397.740224][    C1]  ? ktime_get_update_offsets_now+0x407/0x420
[  397.740245][    C1]  clock_was_set+0x179/0x900
[  397.740262][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  397.740279][    C1]  ? destroy_hrtimer_on_stack+0x20/0x20
[  397.740293][    C1]  ? memcpy+0x3c/0x60
[  397.740314][    C1]  ? timekeeping_update+0x3e5/0x450
[  397.740332][    C1]  do_settimeofday64+0x673/0x7e0
[  397.740352][    C1]  ? q931_help+0x1944/0x2b60
[  397.740365][    C1]  ? __x64_sys_clock_settime+0x232/0x270
[  397.740380][    C1]  ? get_device_system_crosststamp+0x920/0x920
[  397.740399][    C1]  ? q931_help+0x1944/0x2b60
[  397.740414][    C1]  ? bpf_lsm_settime+0x5/0x10
[  397.740426][    C1]  ? security_settime64+0x75/0x90
[  397.740447][    C1]  __x64_sys_clock_settime+0x232/0x270
[  397.740461][    C1]  ? print_irqtrace_events+0x210/0x210
[  397.740479][    C1]  ? exit_itimers+0x690/0x690
[  397.740493][    C1]  ? syscall_enter_from_user_mode+0x2e/0x230
[  397.740508][    C1]  ? lockdep_hardirqs_on+0x94/0x130
[  397.740523][    C1]  ? syscall_enter_from_user_mode+0x2e/0x230
[  397.740540][    C1]  do_syscall_64+0x3b/0xb0
[  397.740558][    C1]  ? clear_bhb_loop+0x45/0xa0
[  397.740575][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.740593][    C1] RIP: 0033:0x7f1cb3975a19
[  397.740610][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.740621][    C1] RSP: 002b:00007f1cb4730048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[  397.740636][    C1] RAX: ffffffffffffffda RBX: 00007f1cb3b04110 RCX: 00007f1cb3975a19
[  397.740646][    C1] RDX: 0000000000000000 RSI: 0000000020003c80 RDI: 0000000000000000
[  397.740655][    C1] RBP: 00007f1cb39e4e49 R08: 0000000000000000 R09: 0000000000000000
[  397.740664][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  397.740673][    C1] R13: 000000000000006e R14: 00007f1cb3b04110 R15: 00007ffc137d2f28
[  397.740689][    C1]  </TASK>
[  397.741271][    C0] rcu: rcu_preempt kthread starved for 9244 jiffies! g37929 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  398.333595][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  398.343565][    C0] rcu: RCU grace-period kthread stack dump:
[  398.349450][    C0] task:rcu_preempt     state:R  running task     stack:26648 pid:16    ppid:2      flags:0x00004000
[  398.360241][    C0] Call Trace:
[  398.363526][    C0]  <TASK>
[  398.366489][    C0]  __schedule+0x142d/0x4550
[  398.371011][    C0]  ? _raw_spin_unlock+0x40/0x40
[  398.375887][    C0]  ? __sched_text_start+0x8/0x8
[  398.380746][    C0]  ? lockdep_softirqs_off+0x420/0x420
[  398.386126][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  398.392030][    C0]  ? _raw_spin_unlock+0x40/0x40
[  398.396967][    C0]  schedule+0xbf/0x180
[  398.401038][    C0]  schedule_timeout+0x1b9/0x300
[  398.405891][    C0]  ? console_conditional_schedule+0x40/0x40
[  398.411789][    C0]  ? update_process_times+0x1b0/0x1b0
[  398.417175][    C0]  ? prepare_to_swait_event+0x329/0x350
[  398.422822][    C0]  rcu_gp_fqs_loop+0x2d2/0x1150
[  398.427689][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[  398.433849][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  398.439054][    C0]  ? rcu_gp_init+0x15f0/0x15f0
[  398.443819][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  398.449733][    C0]  ? finish_swait+0xcf/0x1e0
[  398.454334][    C0]  rcu_gp_kthread+0xa3/0x3b0
[  398.458934][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  398.464049][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  398.469968][    C0]  ? __kthread_parkme+0x168/0x1c0
[  398.475014][    C0]  kthread+0x28d/0x320
[  398.479605][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  398.484717][    C0]  ? kthread_blkcg+0xd0/0xd0
[  398.489310][    C0]  ret_from_fork+0x1f/0x30
[  398.493747][    C0]  </TASK>
[  398.496765][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  398.503087][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.99-syzkaller #0
[  398.510720][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  398.520774][    C0] RIP: 0010:acpi_idle_do_entry+0x10f/0x340
[  398.527033][    C0] Code: 27 f5 f6 48 83 e3 08 0f 85 0b 01 00 00 4c 8d 74 24 20 e8 e4 e5 fb f6 0f 1f 44 00 00 e8 3a 23 f5 f6 0f 00 2d 83 f4 b1 00 fb f4 <4c> 89 f3 48 c1 eb 03 42 80 3c 3b 00 74 08 4c 89 f7 e8 5b a7 4c f7
[  398.546646][    C0] RSP: 0018:ffffffff8ce07b20 EFLAGS: 000002d3
[  398.552721][    C0] RAX: ffffffff8a957316 RBX: 0000000000000000 RCX: ffffffff8cebd800
[  398.560698][    C0] RDX: 0000000000000000 RSI: ffffffff8aec0240 RDI: ffffffff8b3d47e0
[  398.568677][    C0] RBP: ffffffff8ce07bb0 R08: ffffffff8a9572f8 R09: fffffbfff19d7b01
[  398.577259][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffffffff19c0f64
[  398.585411][    C0] R13: ffff88801775a004 R14: ffffffff8ce07b40 R15: dffffc0000000000
[  398.593390][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  398.602325][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  398.608914][    C0] CR2: 0000558522e38030 CR3: 000000007c64a000 CR4: 00000000003506f0
[  398.616890][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  398.624861][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  398.633202][    C0] Call Trace:
[  398.636491][    C0]  <IRQ>
[  398.639358][    C0]  ? rcu_check_gp_kthread_starvation+0x1b8/0x220
[  398.645701][    C0]  ? print_other_cpu_stall+0x150c/0x1640
[  398.651352][    C0]  ? print_cpu_stall+0x5f0/0x5f0
[  398.656391][    C0]  ? __lock_acquire+0x1f80/0x1f80
[  398.661521][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  398.666728][    C0]  ? rcu_sched_clock_irq+0xaf6/0x1200
[  398.672106][    C0]  ? rcutree_dead_cpu+0x20/0x20
[  398.676962][    C0]  ? hrtimer_run_queues+0x163/0x450
[  398.682197][    C0]  ? update_process_times+0x147/0x1b0
[  398.687583][    C0]  ? tick_sched_timer+0x386/0x550
[  398.692611][    C0]  ? tick_setup_sched_timer+0x2f0/0x2f0
[  398.698157][    C0]  ? __hrtimer_run_queues+0x5a7/0xe50
[  398.703637][    C0]  ? hrtimer_interrupt+0x980/0x980
[  398.708755][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  398.714844][    C0]  ? hrtimer_interrupt+0x392/0x980
[  398.719991][    C0]  ? __sysvec_apic_timer_interrupt+0x156/0x580
[  398.726324][    C0]  ? sysvec_apic_timer_interrupt+0x8c/0xb0
[  398.732134][    C0]  </IRQ>
[  398.735064][    C0]  <TASK>
[  398.738009][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  398.744180][    C0]  ? acpi_idle_do_entry+0xe8/0x340
[  398.749312][    C0]  ? acpi_idle_do_entry+0x106/0x340
[  398.754526][    C0]  ? acpi_idle_do_entry+0x10f/0x340
[  398.759732][    C0]  ? acpi_idle_enter_bm+0x5e0/0x5e0
[  398.764941][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  398.770931][    C0]  ? __sched_clock_gtod_offset+0xe0/0xe0
[  398.776663][    C0]  acpi_idle_enter+0x352/0x4f0
[  398.781437][    C0]  cpuidle_enter_state+0x516/0xf80
[  398.786659][    C0]  ? cpuidle_enter_s2idle+0x6b0/0x6b0
[  398.792175][    C0]  ? tick_nohz_idle_stop_tick+0x238/0xad0
[  398.797916][    C0]  cpuidle_enter+0x59/0x90
[  398.802340][    C0]  do_idle+0x3ce/0x680
[  398.806415][    C0]  ? print_irqtrace_events+0x210/0x210
[  398.811893][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  398.817107][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  398.822311][    C0]  ? asm_sysvec_error_interrupt+0x11/0x20
[  398.828043][    C0]  ? schedule_idle+0x57/0x90
[  398.832636][    C0]  ? rest_init+0x31/0x300
[  398.836979][    C0]  cpu_startup_entry+0x3d/0x60
[  398.841755][    C0]  rest_init+0x2da/0x300
[  398.846008][    C0]  ? time_init+0x33/0x33
[  398.850281][    C0]  arch_call_rest_init+0xa/0xa
[  398.855055][    C0]  start_kernel+0x496/0x53f
[  398.859566][    C0]  secondary_startup_64_no_verify+0xcf/0xdb
[  398.865658][    C0]  </TASK>