last executing test programs:

4m58.621924344s ago: executing program 32 (id=101):
r0 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x4e20, 0x0, 0xa}, {0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x3b, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in=@multicast1, 0x0, 0x1, 0x2, 0x9, 0x0, 0xfffffffd}}, 0xe8)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}, @ldst={0x3, 0x0, 0x3, 0xa, 0x0, 0xfffffffffffffff4}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0xd2, &(0x7f00000002c0)=""/210, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x41, 0x3, 0x240, 0x0, 0x19, 0x542c, 0xd0, 0x3200, 0x1a8, 0x1f0, 0x1f0, 0x1a8, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @loopback, 0x0, 0xffffffff, 'bond_slave_0\x00', 'vlan1\x00'}, 0x32020000, 0x70, 0xd0, 0x6400, {0x500000000000000, 0xffffffffa0028000}}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @multicast}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x80000, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2a0)

4m50.604156274s ago: executing program 33 (id=144):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1}, 0x18)
sendto$packet(r0, 0x0, 0x0, 0x24000000, 0x0, 0x0)

4m34.680775303s ago: executing program 34 (id=194):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)={0x5c, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x28, 0x51, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_DATA_WEP40={0x9}, @NL80211_KEY_SEQ={0x4}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x5c}}, 0x0)

4m29.604321941s ago: executing program 5 (id=222):
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000002540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000c13, &(0x7f0000004280)={[{@check_relaxed}, {@check_relaxed}, {@nojoliet}, {@block={'block', 0x3d, 0x800}}, {@sbsector}, {@hide}, {@overriderock}, {@map_off}, {@check_relaxed}, {@map_off}, {@showassoc}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}]}, 0x2, 0x9f8, &(0x7f0000002e80)="$eJzs3c1vXOV+B/Dv8UviGJQESCmNgExCEwy4ju2UpBGLNrEnialfKtuRiLoglDhVFLe00EqAKjVIVVdFrdSqi3aHuuoKiU3ZVOzu3d27uosrXfEvoLvKXfnqnBk7Y3vssYPfCJ+PNTPn5Xee53fmnDmP58yZecIPy9KxVWNLS9XtMcdv/u8eZMwBdnX82y++/Ly8ffYgh9KdN4v/S/qS1JKeJC8kvWPjszNTHQq6n9xO8k1SJDmcxuOW3E7xr3n60fg3Kf67rHdDh7ZaMp0s8aO23/sfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcRMXY+PDwSHEoE9M336k1JLV1xsZnZ4osLa2fs7xMw9dVr9/F1x3rTYrylr6+5a6+XzjxaPbzSWpn8mJj7MWqQ/L05dOnnj/+1nM9XcvLb5TN93J468V+9Mmn999bXFz4cFcSOfiu16cn5mYmpq5cr9cm5mZqly9eHD5/49pc7drEZH3u1tx8fao2Nlu/Mj8zWxsYe602cvnyhVp96NbMzenr40OT9eWJl/5gdHj4Yu3toT+rX5mdm5k+//bQ3NiNicnJienrVUw5u4y5VO6IfzoxX5uvX5mq1e7eW1y4sCan7qzZf8ugkU5rUgaNdgoaHR4dHRkZHR35rNl79sqEi29efvPS8HDP8BpZF7FLOy0Hy5GNN/POH8ThMXU12v9kMhOZzs28k1rbv7GMZzYzmdpgftNy+3/2fH3Telvb/2Yr39My+2R5dyYvN0f7Nmj/N8hl7/4+yif5NPfzXhazmIV8uO8ZbevvyPct4Xrqmc5E5jKTiUzlSjWl1pxSy+VczMUM593cyKnMpZZrmchk6pnLrcxlPvVqjxrLbOq5kvnMZDa1DGQsr6WWkVzO5VxILfUM5VZmcjPTuZ7xXKlKuZt71fN+YZMcV4JGthI0uknQusZ82+1/fe0/J/zo7PxBHB7TUrP9P9Q5dGBsLxICAAAAdtzv/TRHTzz7k18lRV6qzstfm5isD+93WgAAAMAOqi7Xe7F86C2HXkrh/T8AAAA8aYrqO3ZFkv6cagwtfxPKSQAAAAB4QlSf/7+c4tSjCd7/AwAAwBOm82/sd4woBpd//rd2p/F4pxnRGCv6r01M1ofGZibfGsm56lcGqm8arCutOyl6q68fvJ7TjajT/XlQPvY/KrGss6+MGhl6aySv50xzRQZeKR9eGWgTOdqIfLUR+WprZHdWRV4oIwHgSXdmk/Z4q+3/6xlsRAyerJr8npNt2uBhLSsAHBQrfez8ptmlWZv2vxnx8kbt/x9u8v6/jHg2d081LikYyvv5IIu5k8E0rzg41a7U5d4IGpchDLacDaisORvQ37xk4eeXujK47nxA38q6tsYuZDSDzTMCR5rzm+cOipXYYjmHC42A7l3YAACwD85s2g5vrf0f7PD+v98lhQBwoKz0YL+LA/u9jgDAalppAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Hlb+gH/n51LFhcXkj3oLGBloG87GW4+0JU9ynnfB7qT7Fftf5xtL1Vu44Py1BlYPbDPByYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2RJF0t5velRxOMpzk/N5ntXse7HcCO6X2eIsVD/MwH+foTqcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBj1/z9/640Hp9qTEpPV3I2ye0kf77fOe6kh/udwL75q+q+5ff/u5LeLBXpaWz2FL1j47MzU+XmLw6X87/94svPy1vnstf3qlAWUNawqnOJZg0tU3pXL/VMtVT/+MJH9//ug7+pjV+tdsyr89cmx6euz/7Jo8Dni68aXSC0doOwnO8/nP3/f2uZfKhZ+Vflmra3tt5rVb3j6+v93XZLb1DvFtxbXBgta5qvvzP/93997+OWWc/mdPLKQDKwuqa/LG8b1HR67fO5WvFd8c/F0fxnblfbv3w2iqWi3ETHqvU/cvfe4sLQ+x8s3lnJ6R9X5XQ8p5LcSfq2ntOp6njSVrXXdfWWtQ5XQeXdiQ7lbaqlxJENntdnql2mf1vrUNt4HSodnvdmRhfaZvTvf/tczm17S5/rUGNbxXfFL4sb+UX+qaX/j65y+59N21dnmyKqyJY9pXXeqpdXVyOyWvPR1hnvri1zw1clu+Bf8hf5o5Xt39Vy/G9uq705HrXU2P51kWz/dfE/x9a1KI9ULdKJNS1S8+jTdoG+lTxPNKI2yPN38kbSc3JbR5Q3OhxRduv1/1/FQH6dB/r/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr4i6W43vSs5m+R4kmPleC1ZWhvz4DHq6+ovHifNHfM4Of/wFBuuaPEwD/Nxju51RgAAAAAAAADsjqvj337x5eflrfo8vju/39WcU0t6khwv/qN3bHx2ZqpDQb3J7eWP9Pu2l8Pt8u7pR+PflGMvdFhofy8fAIAftN8GAAD//z1UbuM=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000002100)='./file0/file0\x00', 0x0, 0x2187017, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)

4m29.178253463s ago: executing program 5 (id=227):
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0))
signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)

4m27.988070167s ago: executing program 5 (id=233):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x69)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000180), &(0x7f0000000200)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000040)='smb3\x00', 0x0, &(0x7f00000000c0)='rdma')

4m27.739525239s ago: executing program 35 (id=233):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x69)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000180), &(0x7f0000000200)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000040)='smb3\x00', 0x0, &(0x7f00000000c0)='rdma')

3m53.309401556s ago: executing program 36 (id=434):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})

3m22.67144016s ago: executing program 37 (id=601):
r0 = socket$kcm(0x2b, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
unshare(0x24020400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f00000001c0), 0x45)

2m23.581459438s ago: executing program 7 (id=941):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000140), 0x4240a2a0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x1e8640, 0x0)

2m23.02885349s ago: executing program 7 (id=944):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_connect$uac1(0x3, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x1e, &(0x7f0000000240)=@string={0x1e, 0x3, "15fbaee9d41afed9d3e54a4855603f64f871825dab1cc5077105c3d9"}}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000010000000000000000"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01"])

2m22.191228083s ago: executing program 7 (id=952):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
chdir(&(0x7f00000001c0)='./file0\x00')
llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)

2m21.766796765s ago: executing program 7 (id=957):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x30000, 0x0, 0x41, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f00000000c0)={@desc={0x4091, 0x0, @desc3}})
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0x4e})

2m21.349335407s ago: executing program 7 (id=961):
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
unshare(0x20400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000200)=r1}, 0x20)

2m20.736922949s ago: executing program 7 (id=967):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000000), 0x4240a2a0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x4000000000400a12, 0x0)

2m20.4218394s ago: executing program 38 (id=967):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000000), 0x4240a2a0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x4000000000400a12, 0x0)

1m19.312591397s ago: executing program 4 (id=1463):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fcntl$setlease(r0, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

1m19.090907927s ago: executing program 4 (id=1467):
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'md5\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x4000000)
listen(r0, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74)

1m18.806008709s ago: executing program 4 (id=1469):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = io_uring_setup(0x3eae, &(0x7f0000000080))
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f0000000ac0)={0x14, 0x0, 0x0}, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

1m17.314286694s ago: executing program 4 (id=1485):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@grpquota}]}, 0xfe, 0x45a, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvzLblt62IP0DQKhqJP1pafsjBi0YTDpqY6AHjqbYLqSzU0JoIIVo94NGQeDfe/QOMJ70Y9WTiVe+GhBguoKc1szMDS9ktXbplofv5JLP73syD974z83bezNttAH1rNHtJIrZGxJ8RMZxnby4wmr9du3J++t8r56eTqNff+SdplLt65fx0WbT8d1vyTL1e5De0qPfC+xFTtVr1TJEfXzj10fj82XMvzZ6aOlE9UT09eeTIwQN7hg5PHupKnFlcV3d9Ord759H3Lr41feziB79+l7V3a7G9OY5uGc33bkvPdruyHtvWlE4GetgQOlKJiOxwDTb6/3BUYtP1bcPxxhc9bRywpur1er3V9bmwWAfWsSR63QKgN8oLfXb/Wy53aehxT7j8an4DlMV9rVjyLQOR5oknB5fc33bTaEQcW/zvm2yJNXoOAQDQ7Mds/PNiq/FfGo/kiaHs5YFiDmUkIh6MiO0R8VBE7IiIhyMaZR+NiMc6rH/pDMmt45/00h0HtwLZ+O+VYm7r5vFfWhYZqRS5bY34B5Pjs7Xq/mKf7IvBDcdnk+rEMnX89PofX7Xb1jz+y5as/nIsWLTj0sCSB3QzUwtTq4m52eXPI3YNtIo/iXIaJ4mInRGx6w7rmH2+/YTQ7eNfRhfmmerfRjyXH//FWBJ/KWk7Pznx8uHJQ+Mbo1bdP16eFbf67fcLb7erf1Xxd0F2/De3PP+vxz+SbIyYP3vuZGO+dr7zOi789WXbe5oOz/+j24rzfyh5t7FiqNjwydTCwpmJiKHkzVvXT97438p8WT6Lf9/e1v1/e9zYE49HxO6I2BMRT2Q3hUXbn4qIpyNi7zLx//LaMx92Hv8yT+W7KIt/5nbHP5qPf+eJysmff+g8/lJ2/A82UvuKNSv5/FtpA1ez7wAAAOB+kTa+A5+kY9fTaTo2ln+Hf0dsTmtz8wsvHJ/7+PRM/l35kRhMyyddw03PQyeKZ8NlfnJJ/kDx3PjryqZGfmx6rjbT6+Chz21p0/8zf1d63Tpgzfm9FvQv/R/6l/4P/SnR/6Gv6f/Qv1r1/8/alh77fk0bA9xVrv/Qv1bQ/xfzt/ajAuD+5PoP/Uv/h77U9rfx6ap+8i+x7hOR3hPNWP+JgRX/MYsOEvXhvP9naza0LNPrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+D8AAP//Yz/jTQ==")
creat(&(0x7f0000000280)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x181102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002d80)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYBLOB="2e5113abb96490e8baa757031fd3113d8fd231aecab2c455591d3bec0b6d42a1d9572dc5078c0de5a68dc252aeb457f345aaef1744f717c71738086a77f819bf8ec2164ad9d225996868d5440c2a1f1759386c920214f5b07fdeaa34d7cbb895ee45108d8715e8678c9e65c8b76f3f4f2a1533de01264b0f6c5a5083f49b6737a25758553b72788c48c129ab89ff000e7d0b1da439dc5e7e6cfad150a664ab7d70dd127f4730976f8f2a3603f45a042d8c3578e6eb3060b986ee9e6b4dbf79896d68301c5d9ea34afe122934", @ANYBLOB="55a288cf517af1b04be776ee9c0ec53f9628c15cb14edefde39762fe236b4ce8c60a7c43543970516a02d827011407c1362a6f3ee218574d1d03907f069e233eb8845406027ad215c6cb94b3c1660b0b307d92fda8ceeaee13ddad398c29967c9b3a2a2f4e8bcaccb748dd4ad650ef7b8befe4f4aa614de8b11d51221fd15e41511f4946f3ea66f5e4386903f94da6eafe8f943cbc7fb75ab04f9afe9f69e5bc6c21ca487b92ca6050937ae8af3ec55050ee8cccf22ea07fbe0f0eac59", @ANYRESDEC=0x0, @ANYRESOCT, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea2840893f38cdddda3da4c78d6059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd514a68d881e7fc7289826cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fcdcfc830dff178a068d9dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabaee22347bdb78b72b400d080a044ebd6f0a08ab25c3d5e9b9a92a996810eef02181022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce76522ed2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205cab0f2a73628eff5b9270a4a55c2d7fc5904a03ae990a004959740d04a67e6d74be88c6a38ff4a4c26fe2e1c1d5416aefca11db7dcdf6b37bc9ce19860861776b03f1b14e4e2aeaf2863b673904db2ce422e79405228e3cb3cfb64943b1ed82dc6816112eb9cccc4d1bbc83ce049caed7af09206535e91e6071809f6fc273c15637b6e4bedd2458728df5a94f0a6ff0f6d146df0268ad108dcef349d5e776d90300d08dedff751175dca2b2cc68830ec7b492a2af85784fd7575e1080403e4af7460e5567696a4bee8bb21823e609ee0ada49d9af89925adb3d810689056c887fef937aaf4fac605aa9180ebb6e22901b0ebcff19f58096f6a978c0d2284d4882c0065103f5a0be702bdc98d7f1ef6eb435dd6c815f84c5dd23914c354db4f4d1092a94ff523fb2b6de2c17dd084cebe0e0e7276c4b0143264194b37398d8918dfc54ac1c14bb960af2615e63cf2a2d072d0481a1135db931076622a8bc9857ff337c32b2832efbcc5bbc24d07c952384bd2aef286c46e6721ec5e63211a43f637385fd678ff883d7a68620e4671b42104cc3bf7d7a1e747bf2d2c24f82da7e6fcc38c2ecd18eb5981206534122d9fffb79fb3af3ace2b87f7f0ee3a39a784f07ce962a09e5b5a5ce4b2dbd2470cef13c7cab9561b1acc60cf2a19bc40cc2215ba367d34917a7e5df5adf322b842040f76ca35fa1fa6b171f05346ecb76d4ce4474431a9b3974c63388a7675538e83d2b904655c065c5ce112045057c43e514400"/936, @ANYRES8, @ANYRES32], 0x0, 0x1c4, &(0x7f0000000440)="$eJzsVb/uEkEQ/uZu4UAtqG0lQqPA2fgG8gA+gAROJB7+4S5RCMVpQ2NhfAkSn8LCRHsLY0xssNBECyxJDGZ359YlasDkyO/3S/ZLyHzzzc7sDpedvZM8TAIAP9fzPmpQIFzARyIIAA3S2qas7Q+2W8YXof0O6y/ZfmabTGfvnmk6u9uL42iSTPcQImDfmh1y0KLDydunuwqhqMpFk9TX/+yfoec7SvC3NZyLE++iOOL/s52vRe9VwrHbAYxCB2R9eKE/52n5Fkci3n9lJeDxldx44uG7ct6v531JbvEUk9pA//IrodZI57W15qIAMoB8bE0doaYl0ADQSscPWsl0dmU07g2jYXQvDJG135znKxq1W7dHcdQm6xieJAIG8p5WrXgJwKff8QwWyDqaxDmA7Fw5f/Ph3LxkJVYBz8q1a+i6r0yNgDX5V9zEZVQAPMpkOGS1DllNQLXWBcFnpyOscwIbeKiowNX+/XiwAIHytCWEqdFZoSQdyoAoZEdFrl037S/Y1tl22S7Zrtjmb1f+JglV4Rt7zQwo43EvTSfq8dLMaKHRwprZ2eNd89eQ8pMEcHBwcHBwcHA4I/gVAAD//7B1VIM=")
creat(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)

1m16.580044067s ago: executing program 4 (id=1492):
r0 = socket$kcm(0x29, 0x2, 0x0)
close(r0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
close(r1)
socket$kcm(0x2, 0x2, 0x73)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r1)

1m14.397761135s ago: executing program 4 (id=1501):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000180)=0x80000001, 0x4)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="34000000100003040300"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5e}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

1m13.966769366s ago: executing program 39 (id=1501):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000180)=0x80000001, 0x4)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="34000000100003040300"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5e}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

52.489722455s ago: executing program 2 (id=1689):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20)
recvfrom$inet6(r0, &(0x7f0000004000)=""/4108, 0x100c, 0xc00100e6, 0x0, 0x0)

52.327742256s ago: executing program 2 (id=1692):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x9, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

52.146208846s ago: executing program 2 (id=1696):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'batadv_slave_1\x00'}}, 0x1e)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x0, @random="7c9ab5135269", 'pim6reg0\x00'}}, 0x1e)

51.952723137s ago: executing program 2 (id=1699):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000800)=ANY=[], 0xd, 0x2ad, &(0x7f0000001100)="$eJzs3U9rI2UYAPBn8q+jIgniRREc0IOnsvXqpVFWEHtSIqgHDe4uSBIWdiFgBeOe+gk8+j38CF68+A0Er4K39lAZmcxMk9KkLTWm0P39Tg/vO8/7Ppl32pzyzNdvTEYPHifx7PiPSNMkGvuxHydJ9KIRtR+jFQDA3XGS5/F3fpPMVmPz1QAA21B+/5duuxYAYDs+/fyLj/sHB/c/ybI0XuseTQdJREyOpoNyvv8ovo1xPIx70Y3TiPxMGX/40cH9aGWFXrw9mU0HRebkq9+q9ft/Rczz96IbvdX5e1lpKX82HbTjxcii/6hdl9qNV1fnv7siPwadeOetpfp3oxu/fxOPYxwPoshd5P+wl2Uf5D8df/9lsU2RnzRisDO/biFvbvNcAAAAAAAAAAAAAAAAAAAAAAC423azLCnb98z79xRDVf+d5ul8fjer9c735ynzk3qhsj9QHlWLnlkeP9f9de5lWZZXF04HnSqhFa+3vFgAAAAAAAAAAAAAAAAAAAAACk+/OxwNx+OHTzYS1N0A6p/133Sd/aWRN+NwNGyuX3Dn2nu9vNxtoKj10jKi1YoN3ZargheKeja+8s7icD+LMqgPZqN7vfJ+uejhaJhVU/VNHg2Tq/ZK64P7ZTGVRsR/LSyfPxKneTnSLh/1SM9KPZ/V2dDd6Ly0cuqfPM/PRooa1q7z3p/lGS3/NV3z2WhXwcoPWATpxbP4df2Csa45R3MD/3YAAAAAAAAAAAAAAAAAAIAVFj/6XTH57NLUxv9WFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs2eL9/3WQRsT5kQvBrEq+7Joq6MSTp7f8EQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgO/BsAAP//tI1Hsg==")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x60200, 0x20)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

51.632368569s ago: executing program 2 (id=1702):
r0 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x5d1d, 0x100, 0x0, 0x1eb}, &(0x7f0000000040), &(0x7f0000000000))
io_setup(0x5, &(0x7f0000000e80)=<r1=>0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000580), &(0x7f0000000080), 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r2, &(0x7f0000000080)="8c", 0x1}])
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)

51.24152001s ago: executing program 2 (id=1706):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xa139, 0x0, 0x3})
openat$null(0xffffff9c, &(0x7f0000000000), 0x20002, 0x0)
r1 = io_uring_setup(0x2c4c, &(0x7f00000000c0)={0x0, 0x1, 0x1000, 0x0, 0x4})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x18, &(0x7f0000000000), 0x1)

50.892474361s ago: executing program 40 (id=1706):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xa139, 0x0, 0x3})
openat$null(0xffffff9c, &(0x7f0000000000), 0x20002, 0x0)
r1 = io_uring_setup(0x2c4c, &(0x7f00000000c0)={0x0, 0x1, 0x1000, 0x0, 0x4})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x18, &(0x7f0000000000), 0x1)

37.894669129s ago: executing program 5 (id=1708):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2800488, &(0x7f0000000100), 0x5, 0x75b, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnr2R7159cdV/wsP0lI1LVY8SGQ2s+m22U03aZJF9/OB1743M5s333kz897uDDMB9KzR9J9cxOGI+DCJGM6mJxExUM/1R5xcW+72ynIxTUmsrr7+e1Jf5tbKcjGaPpM6mBUej4gf3os4kttYb3VxaaZQLpfms/J4bfbCeHVx6ej52cJ0abo0d3xicvLYiedOHN+5QP/8eenQ9Y9eefrrk3+/+9jVD35M4mQcymY3x7FTRmM02yYD6Sa8y8s7XVmXJd1eAbYlPTT71o7yOBzD0VfPAQD/Z29HxCoA0GMS/T8A9JjG7wC3VpaLjdTdXyT21o2XImL/WvyN65trc/qza3b769dBh24ld10ZSSJiZAfqH42Iz79988s0xS5dhwRo5Z3LEXF2ZHTj+T/ZcM/CVj3TwTKj95Sd/2DvfJeOf55vNf7LrY9/osX4Z7DFsbsd9z/+c9d2oJq20vHfi033tt1uij8z0peVHqqP+QaSc+fLpfTc9nBEjMXAYFqe2KSOsZv/3Gw3r3n898fHb32R1p/+f2eJ3LX+wbs/M1WoFR4k5mY3Lkc80d8q/mS9/ZM249/THdbx6gvvf9ZuXhp/Gm8jbYx/d61eiXiqZfvfuaMt2fT+xPH67jDe2Cla+OaXT4fa1d/c/mlK6298F9gLafsPbR7/SNJ8v2Z163X8dGX4+3bz7h9/6/1/X/JGPb8vm3apUKvNT0TsS17bOP3Ync9m5QORLZ/GP/Zk6+N/s/0//U54tsP4+6//9tX2499dafxTW2r/rWeu3p7pa1d/Z+0/Wc+NZVM6Of91uoIPsu0AAAAAAAAAAAAAAAAAAAAAAAAAoFO5iDgUSS6/ns/l8vm1d3g/GkO5cqVaO3KusjA3FfV3ZY/EQK7xqMvhpuehTmTPw2+Uj91TfjYiHomITwYP1Mv5YqU81e3gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzsM37/1O/DnZ77QCAXbO/2ysAAOw5/T8A9B79PwD0Hv0/APQe/T8A9B79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvs9KlTaVr9a2W5mJanLi4uzFQuHp0qVWfyswvFfLEyfyE/XalMl0v5YmX2fn+vXKlcmIy5hUvjtVK1Nl5dXDozW1mYq505P1uYLp0pDexJVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwNdXFpZlCuVyal5GRkVnPdPvMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf8G8AAAD//7WFKeA=")
open(&(0x7f0000000340)='./bus\x00', 0x142342, 0x2)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
chdir(&(0x7f00000000c0)='./file0\x00')

37.247282772s ago: executing program 5 (id=1853):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='sit0\x00', 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r0)
sendmmsg$inet(r0, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="60de72b012f12de7ae4b6b575c593a257842f5455786809e75cfb3e6c402e123ee7516215ff6b0f407243a1752ab1b695973322f4524228db64daadfb982faffe16469faec72a875ec054ad6423dbf5dccc4369b7ae4179a1410e8a0f835c32a5ef7f1e40c86674cb8db2dc2d0bcafb2d8e6f19490362acb190a9f4e3d579a8eb92dc1a00e770249c0545f22fc5d18073fb9d371a00d4126119d00e38526ae0534993a84a9111da8e19448a3d6b961d6cce19f62047e64243296f087eac8218ba3823f081f44ddf1598494666f6033781da87a43aedd6f32a13906d3c3a3182f21d8a02517b2cd87eb47898823e5d14806dc66577c2e59b7a91dbcad98393b303fa3f9965f769e337a8be620ff6e0ed8dc32872cfe914b5a336a79968f95d8697aa5d5e5bc8c6bbf091daec06f6f260c3f6b5e3858309d1c8bc53bec3676878154998ef853bf150af4f70220316359f7d6c40d6189b4991534c7feb1cba481ace4c652968009e32e844c7bb0f325469c6107475b42a6c663a1845cdf46be71794998182cbf9a142ab7ce79021d67a0e3b1ce0f06d909342f73c45fe80e7d88296cc4a8f2dd0c377cab89aee5c7a21069965bf61bddcc70cb548f1e26e92a54bbccfd5a82061c9337ba9536f80f23e03db26e9e76a228c1a7bcb1f33f15d83137cc03d765991f95d809187e167f50f765339b0c008dcef29abab85525d5bc21c27962eb740acf2cab3a06b07648a4d154a2e371f1c5d17d2405592d2f0b06955ac2e77bb9c45f4b3533aa346ed2e961145733de05e4f0806e9f4205a6f8b67f02a742de84656188923824f71ee0ce263c5deb41d74433f266f95a4f22ba18dcb9d648752053b79b48609f1f5a0b06c9f9efd90caa1d00a858fe383240b2d44934127828a652f39bcd88dc9cae8b6227cbec7cc75e51e127cb7862ad3385186782471ac9fb79817f2134bd9ba126cdda55eda36022d6f4a64c8d9329a61a8bcd6e60873f02a2451929a78251eee298dc2da1be91eab831e8ad425ae4744fa9b2996b730fadeea47181fb1bd4f09c2de070f09f757873db45a6760afc033d2e552cff6d1fb612aa77d42e025b2bdf3792eda418c5eff26ff35e412b8d9b3e692f74d6e1eb9135a3c2d6a89ac09d8f3e7fb2023c2a2a963492ec6f397df712eb1983edf758f5b7b2786cb529cb288bcaff85df0d995bb2be1931aff4d28f571bfe66e05782a04de3676cf1e07b4f90c9f0b8eb5d7473b19f12ceb3da35aef0e46f439ec4bfc83689c0b176adf8a1afd8e188a070b081d6ef0f2693c4c8d22413e47b657b741b1d66ec1cc27b82de96de0f3d46557c53af1296b3e8326f6746a77abf1c403ae02bba232b9808441dcc61272f76a8e381a968a8baad036198ad541125c5baeb5184cd5b9f7bbb5c01dbf08c64687b79e8b622d3e4465b03e26d25564c3599925384aa57f12f24efc3a64e98ec87f589fc838376cb634c29445534f25febfe9acb0b86a6adf378249cbf1fa7e1e375588db9f64b7e879cd9d575c1754bb6d9a2c4492c0d9c05ed50fd4809504c1efaf8e6c4aa4d32240a4ea0e4ad8d78e8ca81a42adf6a5438606b1a34286fa14952484772cb076cc61e0f86552624b3a0671739d3fcd54579e749089852f8c6777dc9a4b9b7f75ff37b53f1582fdb88cb7ef516e25f82474a8be2a8a14b504166a753b94e10cde677129d3df67298e586bb75d00a4b5bf753078d7a6d0fa06a9828ea57e1d3122263cb49f6f216963aa79e4e36744436309649b2edfbd420fea18d183c33ac98d30128eee2194372d47f3176f26a364308a2e2fd29b0477a43f095bb69482bf6e48559cb0a4f74bdf973c6f82b429cac1d4db53b0cdc3161941e7de952fdf333e807d7ec734671b81354f22247322b78479a5b8c7602553166eb2c51159f8fd383a601f18e2c9e354fba3eb00a913b7f7c357f352ed8779a3190adba74131d3dab7fc5fbaa84639d468335e47deb34a1b00786bb9fc5d4d827f0cb91ae6e66e9447ff7de5cf4b1d6e5becf7281573123ad88bea3debb57b4ba9664daa8d5fc91313c1d1b39c4a0b13198e948a19cb67cbec6f2612e07e72b8443fb2f27701c1a0ed289b67d5edd533f2e58f121e1a18589cf5c6cf8cfd39f36aa581f2526846acaf45f1cd600df50857a16a836a31fc85b4f840785c12880b92afb84260501e92c3a114943d12a0697842a76e7236c568eedc977976b76a333a15747a193eb575a21af4de860ee57264f09ce6e205893afa464d8c864d3d5208ecedbd9690510bea29e3ef99c59a267ff7d7fd6c0f78002a795c597dcc48abc45433b348e0707e2c95ec48b62cbd685302a79c6fbbaca3124a362bac92c4580bcdbc39e7336b2294de15b30603b208f01928fdada7b02ee32cff4276645fef4e0b6b6372ca46348b7d75f888b49d09d85170804873f50c992a7384f623441fb83e031ba6ca42243ddd679b7542b9acbec5a340224456293f61b924fd057a4cabcf8fcaad9d9007805224dc527aa5c6ab5a06e0284a8ccb555d707be225121b62ccdcff74670063f6dedc1fef7590e06749fcc8f7160f93d33c88bb75371949fbf6e8157bb368eba5936c069ae01b04bd1ef8dbce5ca1beda4d39d48bd80ecf9b46846021ab82c95d79346f20bd7a7555205c1460fac0db2a09fc8ee41169d92fdbbe7c702b6db065c73a0140c99bdfe833d6e7dd03a255597056aa0bdc35ff402197d76ba2fa2d1081017a92c81409a73de22f5c9eb7d4d84da575e8692a10bbb53a82f69adffa8f0235d20c59c95b93390c04773ab2099c8ed0537ff267b604a3f8c1c21c5ebcf8f8d51bcb3ff7ac431675e1cee0d552ac999753f8b2d538a967d08a3690d8ae18ad5778600a63c629a2f7a53dcfd868937a901091ddc64f2ce8f4844fe16da09d27110cc5ed482baa0746f6cadc32fcc32cf1bc8e522de5201a4c73cab8b6fcbc7ea46e994a6b1c3f7b19063f840bf5d16c62f8f3c4d385ba4f115b3405094104cc1aa9e270d05660f5c9fe922e3147b19df18081b8c90d150d62bc647f9d848c3eae2991948ad21bc73a20a335845c8d0d30b0b8bafcc5e55cbdf026827954605e5eeca8f14eaaffed1879ecf4dde4735e1d87c7c02a2cf694eb88cfad9aa20ebc3d3f3b828f9a1893b2a6826eab0a73eb6bb3ae54f59dafc6ec54e4f7a8ee9f78c796802d6acab8bc40587d6ebf60f73f2481be9f98036a0f405d153a136a20b25cad57aacbd541d2658e31e6bfcbcb07ffcddccff9b1d185067a7f840453e6096318c52ed79e90ad793d0834edf6cb00ac173009fd0069bd12edb10d0060da2ac8670f480eecaad36a7eb810d1f66e75939164038716ebcf45c693cf9b9c480648c573999b8edfc13f39a5b0d05eae7547fcdef49c43234df53e55a28238269dbdd0f622a9305711d669c2741370c104fa1350baee86d903eca5e40c2139fff903cb90d3bfb9e4ee287c5cd84153919a22eab4b7b0e9e1744d3a257fce2b6da7cd4e4532357f4d42a95c739088b4abfb3b1150a55baf75c70032c1e01f00d1adecac7d3a24ddc186bec958974d026ee622d362b62cbafc5083ac0b779bdff208b9b749c2994f415c3e9cfbdd0eebb7c628450681bb878a8c655c2911e14ede00ea0c27961b8ceaed998da5218d90d2c66ce31b3cd4ec42996f3b4966e1e6ef902c774737a64016ef9ed1de965fad0a618eb129e470b8548b6d910f90cefaa3b5ee03abc7d9b0c9d37483866c282f06d816daa339e8b867c4557f2b03516d85bf820dda1710364a7a34b00a98af4565185a3c232407c95a938591128970cfef7573935dcbc72df1e20a1c39f002029652e1f790745979f8f6396c815619562fac44056b851e21efbb62ef5866b78fc95f384ef71e3f5a8cbfff0dcc112504f35a24ccb5db876766aff7b378564cac1e125ea5577a001a3a7f76e55bd1ebad50cdc2cbc4b1612c9804da70a0d95c0f3e0f90717773ff8fd43cd4fe4a867f1d97f50563c7861bd41b3d22e7bac41c553a39b488511d23cb53d7328e7", 0xb34}], 0x1}}], 0x1, 0x16da)

35.368427959s ago: executing program 5 (id=1878):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008004}, 0x20004000)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "b1d65ab71f5ef2fe", "9e8ecc7bb5352776725e1047711330ff2bb17b550800", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)

35.03120038s ago: executing program 41 (id=1878):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008004}, 0x20004000)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "b1d65ab71f5ef2fe", "9e8ecc7bb5352776725e1047711330ff2bb17b550800", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)

28.064530606s ago: executing program 9 (id=1941):
rmdir(0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x404})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000f9d000/0x4000)=nil, &(0x7f0000841000/0x4000)=nil, 0x4000, 0x2})
syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x4}, &(0x7f0000000440), &(0x7f0000000480))
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000dee000/0x1000)=nil, &(0x7f00009be000/0x3000)=nil, 0x1000, 0x2})

27.02212919s ago: executing program 9 (id=1948):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

26.429471672s ago: executing program 9 (id=1957):
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b9, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x248a})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0022220000009603000700000000070c00000016b8ef0a1a7083000000000b000017008332"], 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000000)='B')

23.984206361s ago: executing program 9 (id=1991):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@grpquota}]}, 0xfe, 0x45a, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvzLblt62IP0DQKhqJP1pafsjBi0YTDpqY6AHjqbYLqSzU0JoIIVo94NGQeDfe/QOMJ70Y9WTiVe+GhBguoKc1szMDS9ktXbplofv5JLP73syD974z83bezNttAH1rNHtJIrZGxJ8RMZxnby4wmr9du3J++t8r56eTqNff+SdplLt65fx0WbT8d1vyTL1e5De0qPfC+xFTtVr1TJEfXzj10fj82XMvzZ6aOlE9UT09eeTIwQN7hg5PHupKnFlcV3d9Ord759H3Lr41feziB79+l7V3a7G9OY5uGc33bkvPdruyHtvWlE4GetgQOlKJiOxwDTb6/3BUYtP1bcPxxhc9bRywpur1er3V9bmwWAfWsSR63QKgN8oLfXb/Wy53aehxT7j8an4DlMV9rVjyLQOR5oknB5fc33bTaEQcW/zvm2yJNXoOAQDQ7Mds/PNiq/FfGo/kiaHs5YFiDmUkIh6MiO0R8VBE7IiIhyMaZR+NiMc6rH/pDMmt45/00h0HtwLZ+O+VYm7r5vFfWhYZqRS5bY34B5Pjs7Xq/mKf7IvBDcdnk+rEMnX89PofX7Xb1jz+y5as/nIsWLTj0sCSB3QzUwtTq4m52eXPI3YNtIo/iXIaJ4mInRGx6w7rmH2+/YTQ7eNfRhfmmerfRjyXH//FWBJ/KWk7Pznx8uHJQ+Mbo1bdP16eFbf67fcLb7erf1Xxd0F2/De3PP+vxz+SbIyYP3vuZGO+dr7zOi789WXbe5oOz/+j24rzfyh5t7FiqNjwydTCwpmJiKHkzVvXT97438p8WT6Lf9/e1v1/e9zYE49HxO6I2BMRT2Q3hUXbn4qIpyNi7zLx//LaMx92Hv8yT+W7KIt/5nbHP5qPf+eJysmff+g8/lJ2/A82UvuKNSv5/FtpA1ez7wAAAOB+kTa+A5+kY9fTaTo2ln+Hf0dsTmtz8wsvHJ/7+PRM/l35kRhMyyddw03PQyeKZ8NlfnJJ/kDx3PjryqZGfmx6rjbT6+Chz21p0/8zf1d63Tpgzfm9FvQv/R/6l/4P/SnR/6Gv6f/Qv1r1/8/alh77fk0bA9xVrv/Qv1bQ/xfzt/ajAuD+5PoP/Uv/h77U9rfx6ap+8i+x7hOR3hPNWP+JgRX/MYsOEvXhvP9naza0LNPrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+D8AAP//Yz/jTQ==")
creat(&(0x7f0000000280)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x181102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002d80)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYBLOB="2e5113abb96490e8baa757031fd3113d8fd231aecab2c455591d3bec0b6d42a1d9572dc5078c0de5a68dc252aeb457f345aaef1744f717c71738086a77f819bf8ec2164ad9d225996868d5440c2a1f1759386c920214f5b07fdeaa34d7cbb895ee45108d8715e8678c9e65c8b76f3f4f2a1533de01264b0f6c5a5083f49b6737a25758553b72788c48c129ab89ff000e7d0b1da439dc5e7e6cfad150a664ab7d70dd127f4730976f8f2a3603f45a042d8c3578e6eb3060b986ee9e6b4dbf79896d68301c5d9ea34afe122934", @ANYBLOB="55a288cf517af1b04be776ee9c0ec53f9628c15cb14edefde39762fe236b4ce8c60a7c43543970516a02d827011407c1362a6f3ee218574d1d03907f069e233eb8845406027ad215c6cb94b3c1660b0b307d92fda8ceeaee13ddad398c29967c9b3a2a2f4e8bcaccb748dd4ad650ef7b8befe4f4aa614de8b11d51221fd15e41511f4946f3ea66f5e4386903f94da6eafe8f943cbc7fb75ab04f9afe9f69e5bc6c21ca487b92ca6050937ae8af3ec55050ee8cccf22ea07fbe0f0eac59", @ANYRESDEC=0x0, @ANYRESOCT, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea2840893f38cdddda3da4c78d6059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd514a68d881e7fc7289826cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fcdcfc830dff178a068d9dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabaee22347bdb78b72b400d080a044ebd6f0a08ab25c3d5e9b9a92a996810eef02181022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce76522ed2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205cab0f2a73628eff5b9270a4a55c2d7fc5904a03ae990a004959740d04a67e6d74be88c6a38ff4a4c26fe2e1c1d5416aefca11db7dcdf6b37bc9ce19860861776b03f1b14e4e2aeaf2863b673904db2ce422e79405228e3cb3cfb64943b1ed82dc6816112eb9cccc4d1bbc83ce049caed7af09206535e91e6071809f6fc273c15637b6e4bedd2458728df5a94f0a6ff0f6d146df0268ad108dcef349d5e776d90300d08dedff751175dca2b2cc68830ec7b492a2af85784fd7575e1080403e4af7460e5567696a4bee8bb21823e609ee0ada49d9af89925adb3d810689056c887fef937aaf4fac605aa9180ebb6e22901b0ebcff19f58096f6a978c0d2284d4882c0065103f5a0be702bdc98d7f1ef6eb435dd6c815f84c5dd23914c354db4f4d1092a94ff523fb2b6de2c17dd084cebe0e0e7276c4b0143264194b37398d8918dfc54ac1c14bb960af2615e63cf2a2d072d0481a1135db931076622a8bc9857ff337c32b2832efbcc5bbc24d07c952384bd2aef286c46e6721ec5e63211a43f637385fd678ff883d7a68620e4671b42104cc3bf7d7a1e747bf2d2c24f82da7e6fcc38c2ecd18eb5981206534122d9fffb79fb3af3ace2b87f7f0ee3a39a784f07ce962a09e5b5a5ce4b2dbd2470cef13c7cab9561b1acc60cf2a19bc40cc2215ba367d34917a7e5df5adf322b842040f76ca35fa1fa6b171f05346ecb76d4ce4474431a9b3974c63388a7675538e83d2b904655c065c5ce112045057c43e514400"/936, @ANYRES8, @ANYRES32], 0x0, 0x1c4, &(0x7f0000000440)="$eJzsVb/uEkEQ/uZu4UAtqG0lQqPA2fgG8gA+gAROJB7+4S5RCMVpQ2NhfAkSn8LCRHsLY0xssNBECyxJDGZ359YlasDkyO/3S/ZLyHzzzc7sDpedvZM8TAIAP9fzPmpQIFzARyIIAA3S2qas7Q+2W8YXof0O6y/ZfmabTGfvnmk6u9uL42iSTPcQImDfmh1y0KLDydunuwqhqMpFk9TX/+yfoec7SvC3NZyLE++iOOL/s52vRe9VwrHbAYxCB2R9eKE/52n5Fkci3n9lJeDxldx44uG7ct6v531JbvEUk9pA//IrodZI57W15qIAMoB8bE0doaYl0ADQSscPWsl0dmU07g2jYXQvDJG135znKxq1W7dHcdQm6xieJAIG8p5WrXgJwKff8QwWyDqaxDmA7Fw5f/Ph3LxkJVYBz8q1a+i6r0yNgDX5V9zEZVQAPMpkOGS1DllNQLXWBcFnpyOscwIbeKiowNX+/XiwAIHytCWEqdFZoSQdyoAoZEdFrl037S/Y1tl22S7Zrtjmb1f+JglV4Rt7zQwo43EvTSfq8dLMaKHRwprZ2eNd89eQ8pMEcHBwcHBwcHA4I/gVAAD//7B1VIM=")
creat(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)

22.797231395s ago: executing program 9 (id=2001):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x42, 0x1ec)
write$binfmt_script(r0, &(0x7f0000000480)={'#! ', './file0'}, 0xb)
close(r0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
rename(&(0x7f0000000e00)='./file0\x00', &(0x7f0000001800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

20.505882784s ago: executing program 9 (id=2017):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000080)='./file0\x00', 0x2010050, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="574ebc0e94989fcde4c7e6c29d5b7d84ea1d3b850bb44bd48bb9519bc17acbb165391925581f91c0647c1d56315d4d044e055c5842362d6e3547a65f0d1dc45f590e08b80c1182db21b765ab93d407000000a9415a11b2facb5efbeda5c99dab23a7176fd9bdcc116a308a7b3a9e3562550da7ba26451b761e0bc1c92c045eee"], 0xff, 0x2ce, &(0x7f0000000640)="$eJzs3M9LFH8cx/G3uu6uK7p7+PL98i2iN3UpgkG3e7CEUrRQqBtZEIw6W8tOu7IzGBuhduoa/REdxKM3oTp09dKtU5duHgo6JPRjYmdnddUVk9od0+cDdN7OzNvP58OM8hrBWb/17EEx7xh505XueK90iyzKhkiqVolUa5+6RCQudV0SlWaLcr7/87tT45O3r2Wy2ZEx1dHMxMW0qg6efvnw8fKZ127/zZXB1Zispe6uf0p/WPt37f/1HxP3C44WHC2VXTV1qvzejU7Zls4UnKKhesPzTMfSQunNpIh/vOyateN5uzw7W1WzNDOQmK1YjqNmqapFq6oSEalU1bxnFkpqGIYOJAT7iS2NjZkZv4wfuHm6DRPCb7uy68avVDJmj4j07To3t9SpWQEAgMNje/7Xnfnf1xVsa3u+e57X3H+w/L8a3SP/B/m+kf9tq57/Havi/lr+d8vq1vJ/hPx/ALmt/I8jq5b/E8HPr+/JneUhvyD/AwAAAAAAAAAAAAAAAAAAAADwN9jwvKTnecnGtvERC/4lvPF12PNEe3D9j7dxDQrVuIj9dC43lxOxe+s7N6+7JUOSlG/+/RCo16NXsyND6kvJK3sh6F+Yy/X4jZm8FMQWS4YlKanW/cP1ft3e3yuJ5v60JOWf1v3plv1ROXe2qd+QpLydlrLYMuPf11v988Oql69nd/T3+ecBAAAAAHAUGLqp5fO7Yex1vN6fyYv4z9f7/31gx/N1RE5Ewl07AAAAAADHhVN9VDRt26p0sIiLSPvHqq2us+tqUcxfCHP0sItk057GS6Q7Po1I86CxYBZtGuu/5y++/LlveGnl5NfwrmB4v5MAAAAAtMdW6N/7HO9jJ2cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx04nXiYW9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCw+BkAAP//0b8mQA==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r1, 0x89ee, &(0x7f0000000000))

20.147088295s ago: executing program 42 (id=2017):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000080)='./file0\x00', 0x2010050, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="574ebc0e94989fcde4c7e6c29d5b7d84ea1d3b850bb44bd48bb9519bc17acbb165391925581f91c0647c1d56315d4d044e055c5842362d6e3547a65f0d1dc45f590e08b80c1182db21b765ab93d407000000a9415a11b2facb5efbeda5c99dab23a7176fd9bdcc116a308a7b3a9e3562550da7ba26451b761e0bc1c92c045eee"], 0xff, 0x2ce, &(0x7f0000000640)="$eJzs3M9LFH8cx/G3uu6uK7p7+PL98i2iN3UpgkG3e7CEUrRQqBtZEIw6W8tOu7IzGBuhduoa/REdxKM3oTp09dKtU5duHgo6JPRjYmdnddUVk9od0+cDdN7OzNvP58OM8hrBWb/17EEx7xh505XueK90iyzKhkiqVolUa5+6RCQudV0SlWaLcr7/87tT45O3r2Wy2ZEx1dHMxMW0qg6efvnw8fKZ127/zZXB1Zispe6uf0p/WPt37f/1HxP3C44WHC2VXTV1qvzejU7Zls4UnKKhesPzTMfSQunNpIh/vOyateN5uzw7W1WzNDOQmK1YjqNmqapFq6oSEalU1bxnFkpqGIYOJAT7iS2NjZkZv4wfuHm6DRPCb7uy68avVDJmj4j07To3t9SpWQEAgMNje/7Xnfnf1xVsa3u+e57X3H+w/L8a3SP/B/m+kf9tq57/Havi/lr+d8vq1vJ/hPx/ALmt/I8jq5b/E8HPr+/JneUhvyD/AwAAAAAAAAAAAAAAAAAAAADwN9jwvKTnecnGtvERC/4lvPF12PNEe3D9j7dxDQrVuIj9dC43lxOxe+s7N6+7JUOSlG/+/RCo16NXsyND6kvJK3sh6F+Yy/X4jZm8FMQWS4YlKanW/cP1ft3e3yuJ5v60JOWf1v3plv1ROXe2qd+QpLydlrLYMuPf11v988Oql69nd/T3+ecBAAAAAHAUGLqp5fO7Yex1vN6fyYv4z9f7/31gx/N1RE5Ewl07AAAAAADHhVN9VDRt26p0sIiLSPvHqq2us+tqUcxfCHP0sItk057GS6Q7Po1I86CxYBZtGuu/5y++/LlveGnl5NfwrmB4v5MAAAAAtMdW6N/7HO9jJ2cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx04nXiYW9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCw+BkAAP//0b8mQA==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r1, 0x89ee, &(0x7f0000000000))

3.125401108s ago: executing program 6 (id=2191):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f00000000c0)={0x0, 0x0, "a4cd91", 0x9, 0xfc})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448cb, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000040)="05000000010000", 0x7)

2.6933364s ago: executing program 8 (id=2194):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000a5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xb9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r1, r0, 0x5, 0x0, 0x0, @void, @value}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r1, r2, 0x4, 0x0, 0x0, @void, @value}, 0x10)
r3 = socket(0x1, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000680), &(0x7f0000000080)=@udp6=r3}, 0x20)

2.44588608s ago: executing program 8 (id=2198):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_open_procfs(0x0, 0x0)
unshare(0x2c020400)
msgget$private(0x0, 0x0)
r0 = msgget$private(0x0, 0xc)
msgrcv(r0, 0x0, 0x0, 0x1, 0x0)
msgrcv(r0, 0x0, 0x0, 0x3, 0x800)

2.087663822s ago: executing program 6 (id=2199):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000100), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "77746a315690a576", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r0)

1.821802813s ago: executing program 6 (id=2200):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddb357f7adf97affffffff7d1800"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
dup3(r0, r1, 0x0)
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000480)={0xfffd, 0x8003, 0x200, 0x40, 0x15, '\x00\x00\x00\x00 #\x00'})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)

1.614742434s ago: executing program 6 (id=2202):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000d80)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001380)="435d61e778eb38a7b38869e147b2bb2d8ea5f836c654c0d9d14ceca9529604eb9a1f8d24c87b2153413b8bc5d52b8aa671b64b2290f0d96afeaa40f60d23f9f9f7d8b4c37a6409abd84ddbe5264f73200c67d8f9742d0f51951f7bb8fe27a59cc395ba580c12f6e995b8a62901c58273c223abb61def8a24a9d9c3e164fcc9c0ef085049e39d964b4afa4e79d6dc9d4f792776248a6ac45606026857497e7760e7dcc543cbd35aaaca6b30aa8acb8e4e77cd6626b8371a55fa07ede86c92893bad324de1fef3953ff5c36951f9647ffd6924de49d9a66baeb6a75df64352c800a13b897dbd01621199d6d5424e90a346c805c801fd6be1e96f2a69e5937a4e7df9445d776f56182a9c26c219e3462d7ef57f9037d6b14a5f0288", 0x11a}, {&(0x7f0000000b40)="518cf972f4602550447422ed8ab8e292d2b9e8f110c883251bad904148ec2972fe137bd155df9280115c15ef84b13e47e1f03396189a1c190470ee546a28d08515a098686a73a9ad70f822e5140fbfb110391250b8a84802dbf4588dc39d82195d48715ca048c7d8c59a24b6243810e456ba666105704711b987f85fb409a72e0b54194f1fd5a802e4692a1d90af11dc51df1ddced4389edb8073eb6f00f3ed16c292f5ba1ca872d781fd40050ce60814a7b3396efbe6fd294f4cd171446572145fe460ae70a488caf82d6f939612739d6319c182c4346b63cb07a30b4bfcaccd9dfe7d9c9bb755cbdbcee5caa", 0xed}, {&(0x7f0000000380)="5132ac5e8205378f905fac4b0f7b0ad4ff080df00b5a6655e32124d51a45ebebdf4a86101587d502357bfc43f44098742b83caede42f6e007330dc8ab67371c65d39bc126b8f9bf17dce0ba9d14f263efa7056bb8a0291a4842e42342519a9e795b7d8aee13edfa09bd3f9ae3bdc4c2dccc274c0cf4fe85fa17f46ff8c017571490f296ef2ea1cf31486bd4167bb33cb9a5e1f96de2ee8af5074695ddf5d1ec4d17c9508cdd9e77ec5bc62a820e263a31521f0b9031c9e1e1491f0c99b44960df2aaee22480355aa20d280d1ed54ae539055ca1e20a57f81db185fa207", 0xdd}, {&(0x7f0000000280)="661da68e4cccac69431df174bbce91246fce262b3de6a53334d329a142ae0f304e4fbde8fab4d68bedcd182b41227278c65f7de3723a93dbbaeb901b447fb35a9f3f4b671a3e3929c119f9deec5e46cdbe5cac679cad88c9aa61bc7ffd219a18b36ef0bf5ca45da80aa46274c5cda17a4b8588c492dcdd43dee797fe7debf7c1143177d4f4b02255ca5a46", 0x8b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000640)="72126509caec095807090dba7a3967d9884ce638db1b533a4b22559bf9166ba1568930c85350c8e4c4bc40d2f21c8042ef5f78d0c8450382c66ea27d01387272ddb6350a1b9df7af8dc636bd2a4e14c5ead6ff46562bbb74e63c835b9827f0b5be88de7ea0b09ad394495e7a2e45da891ae90f972844a04ac9427903a3102cfc7d7ebe01950d7c3c1a1df3b5c2c7940b81f27ed3e5bbb9db01d84e36e67763cde8eb69ed38a8401e2c6daa808897bf60b8b795aac9afe46e918edb28ea6fe06a6afcfad209e55826dc2000a46b358665fdfee08e82c24a22ef3e7c3a5400"/232, 0xe8}, {&(0x7f00000000c0)="5cab1cd4386d9e0da57f099176822a04ecde038848f2a14590ae331a739346dc6190b07b965aa699ddce8f182904e77610ec", 0x32}, {&(0x7f0000000200)="2807eb239ed0436e9e6e49955dfb4a4d3e1fb254c484ed2da2060d16fe61161b8cdf744a18e00a9b61fc0e090f175efa", 0x30}, {&(0x7f0000000480)="be604475647d7a29472269b80db06ea99d16a1e23f58504441c02e955c5499b328b1bd19909555679e3bbb39e23235037223da6566635d09c0a7192acce97d05ae3077ffe54c98d0c06a98319bc853f4c0177977cff5e33badeed08f6d2ff80d19c30d111c2b98cd96a0f57677161d34c64fb37365fb0ffa931bc4915658f185a359953910493f692868399f95a8", 0x8e}, {&(0x7f0000000c40)="38b4526ae50b033bea476dbff6a39da0edcb079b0fda4152d05cdd28639ff976bf8594edbe9b6b439ddfb8143ab5819a9cde4005fc8adb41ad29a3369003f5e177ea1969e84e2be7d467b594e4b190cbf86b38fb8039818db8014f84e999b0f7b78f9dd8aec01f1c034f1c6246920f83d091bc5145fdedbc235e953816080abf9f87f8705111fd616fecd24134a4616f18a38dbea6ff7ef450e25cbd6477cf4286ad1a1065", 0xa5}], 0x5}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000880)="9b94bd4f7c3a6ece62bebec3ebc3f6245c2cf71ebb80b25d12176c9248f03c509f9c9efa61aac34738d5eb54550e4ee1a5e35c2b82abfcd8c85c175b38e97da83e872522954d2a5ec48d8fa0f5363f20ca098ee73815ead5dccd3b1bd88c69cc612a19197857d16407c95aad3267a5e215e5", 0x72}], 0x1}}], 0x4, 0x2000c044)
sendto$inet(r1, &(0x7f0000000540)=';T', 0x2, 0x80, 0x0, 0x0)

1.513356344s ago: executing program 0 (id=2203):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002d00)=@newtfilter={0x1118, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x10e8, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xffff, 0xfff2}}, @TCA_FLOW_EMATCHES={0x10d4, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x64}}, @TCA_EMATCH_TREE_LIST={0x10a0}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd0}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x8c30}]}}]}, 0x1118}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.378304135s ago: executing program 6 (id=2205):
r0 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x51b, &(0x7f0000001200)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=")
open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX, @ANYRESOCT, @ANYRESOCT=0x0, @ANYRESHEX=r1, @ANYRES32, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESDEC=r0, @ANYRES8=r1, @ANYBLOB="c9f01443b39ee97dc97717af6a444a87257769af378429ec9303fb1784190ab63c2fe49d4893ee8bd420379f9bd9c42aba7789233a8e4bbc5f1715554eeacc13e8e00de798715a6546f1ed936a398359dd3a4064f251fdb0a6f0d1f449a5af413f59435192f15df86391105e2c2b13ac5487e71c235b"], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==")
mkdir(&(0x7f0000000140)='./control\x00', 0x0)

1.356261465s ago: executing program 8 (id=2206):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r0, &(0x7f0000000280)={0x1f, @none, 0xad}, 0xa)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x97, 0x0, 0x0, 0x0, 0xffff0000}}}}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}}, 0x0)

1.201685265s ago: executing program 3 (id=2207):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='8'], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1.135552466s ago: executing program 1 (id=2208):
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x6d, 0x0, &(0x7f0000000000)=0x8)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x85, &(0x7f0000000140)={<r3=>r2, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000040)=0x9c)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, r3}, &(0x7f0000000200)=0x10)

1.133618076s ago: executing program 0 (id=2218):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x60000009, 0x5979f5f9aa0e54f5, 0x0, 0x0, 0x0}, 0x50)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

969.491326ms ago: executing program 1 (id=2209):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000a5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xb9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r1, r0, 0x5, 0x0, 0x0, @void, @value}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r1, r2, 0x4, 0x0, 0x0, @void, @value}, 0x10)
r3 = socket(0x1, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000680), &(0x7f0000000080)=@udp6=r3}, 0x20)

968.698036ms ago: executing program 3 (id=2210):
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400))
chdir(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000001fc0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9}}}, 0x7)

908.476176ms ago: executing program 0 (id=2211):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={<r2=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r1, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)='8', 0x1}], 0x1, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}}], 0x1, 0x4)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0x78)
splice(r0, 0x0, r3, 0x0, 0x39000, 0x0)

820.377937ms ago: executing program 8 (id=2212):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
dup3(r1, r0, 0x0)
recvmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/80, 0x50}], 0x1, &(0x7f0000000940)=""/191, 0xbf}, 0x1}], 0x1, 0x1, 0x0)

758.582067ms ago: executing program 3 (id=2213):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x8, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

757.855837ms ago: executing program 1 (id=2214):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000024c0)=ANY=[])

625.692277ms ago: executing program 0 (id=2215):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = io_uring_setup(0x6281, &(0x7f0000000080))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
pipe(0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

546.562828ms ago: executing program 1 (id=2216):
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f00000001c0)=0x4, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f06007f141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f63047d2900ffffca88faca"], 0xdd12}], 0x1}, 0x0)

525.995677ms ago: executing program 3 (id=2217):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$GTP_CMD_DELPDP(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000840)=ANY=[], 0x24}}, 0x240488c4)
recvmsg$kcm(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/75, 0x4b}], 0x1}, 0x0)
sendmsg$alg(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)

364.395519ms ago: executing program 8 (id=2219):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a"], 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6}, 0x10)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0)

265.872909ms ago: executing program 1 (id=2220):
r0 = socket$kcm(0x29, 0x2, 0x0)
close(r0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
close(r1)
socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r1)

265.467859ms ago: executing program 0 (id=2221):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x769})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ppoll(&(0x7f0000000180)=[{r0, 0x4047, 0x700}], 0x1, 0x0, 0x0, 0x0)
close(r0)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x6559, 0x13580, 0x3}, &(0x7f0000000040), &(0x7f0000000140))

225.356089ms ago: executing program 3 (id=2222):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000000)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020)

214.654209ms ago: executing program 8 (id=2223):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r3=>0x0})
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x28, 0xfffffffd, 0x0, 0x80, 0xfffc}}, 0x50)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@netfilter}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

125.766959ms ago: executing program 6 (id=2224):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000006600)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)

87.578559ms ago: executing program 1 (id=2225):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_clone(0x0, &(0x7f0000001100), 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000380)=r0, 0x12)

485.54µs ago: executing program 0 (id=2226):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
munlock(&(0x7f00002ab000/0x4000)=nil, 0x4000)
munlock(&(0x7f0000e3f000/0xe000)=nil, 0xe000)

0s ago: executing program 3 (id=2227):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000cc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x28}, 0x1, 0x0, 0x0, 0x8004041}, 0x20000814)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000370400"/20, @ANYRES32=r3, @ANYBLOB="83040500010000003000128008000100677265002400028008000700ac"], 0x50}}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty}}}], 0x20}}], 0x1, 0x0)

kernel console output (not intermixed with test programs):

ID (0x2)
[  249.352009][ T8857] BTRFS info (device loop9): force clearing of disk cache
[  249.360712][ T8643] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.398278][ T8857] BTRFS info (device loop9): setting nodatasum
[  249.401279][ T8643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.415994][ T8857] BTRFS info (device loop9): allowing degraded mounts
[  249.495375][ T8857] BTRFS info (device loop9): enabling disk space caching
[  249.525732][ T8857] BTRFS info (device loop9): disk space caching is enabled
[  249.545674][ T8643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.654385][ T8890] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1039'.
[  249.664462][ T8890] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1039'.
[  249.674557][ T8643] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.682062][ T8643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.811338][ T8643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.997598][ T8857] BTRFS info (device loop9): rebuilding free space tree
[  250.006047][ T4258] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  250.023667][ T8643] device hsr_slave_0 entered promiscuous mode
[  250.078576][ T8643] device hsr_slave_1 entered promiscuous mode
[  250.106293][ T8857] BTRFS info (device loop9): disabling free space tree
[  250.145549][ T8857] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  250.190083][ T8857] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  250.674607][ T7471] BTRFS info (device loop9): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  250.954417][ T4255] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  250.963244][ T4255] Bluetooth: hci2: Injecting HCI hardware error event
[  250.973987][ T4255] Bluetooth: hci2: hardware error 0x00
[  251.558116][   T26] audit: type=1326 audit(1734133403.959:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8961 comm="syz.1.1052" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x0
[  252.118455][ T8952] loop3: detected capacity change from 0 to 32768
[  252.208624][ T8952] Process accounting resumed
[  252.232743][ T8952] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  252.232743][ T8952] 
[  252.276878][ T8952] ERROR: (device loop3): remounting filesystem as read-only
[  252.319039][ T8952] xtLookup: xtSearch returned -5
[  252.345120][ T8643] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  252.364653][ T8952] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  252.364653][ T8952] 
[  252.404947][ T8643] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  252.464716][ T8952] ERROR: (device loop3): remounting filesystem as read-only
[  252.483802][ T8643] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  252.504112][ T8643] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  252.511576][ T8952] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  252.511576][ T8952] 
[  252.531057][ T8952] xtLookup: xtSearch returned -5
[  252.546651][ T8952] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt
[  252.546651][ T8952] 
[  252.775590][ T8643] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.826401][ T6534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  252.860531][ T6534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  252.875001][ T8643] 8021q: adding VLAN 0 to HW filter on device team0
[  252.886966][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  252.916858][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  252.983447][ T6538] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.990603][ T6538] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.072193][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.082943][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.102110][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.113634][ T4255] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  253.134034][ T6538] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.141159][ T6538] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.182745][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  253.235006][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  253.296273][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  253.368303][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  253.398341][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  253.439632][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  253.506488][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  253.539685][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.575798][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  253.618774][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  253.664114][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  253.721790][ T8643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  254.146524][ T9031] loop9: detected capacity change from 0 to 512
[  254.188771][ T9031] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  254.255377][ T9031] EXT4-fs (loop9): 1 truncate cleaned up
[  254.263756][ T9031] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  254.483156][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  254.490664][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  254.583250][ T8643] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.835775][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  254.852736][ T9009] overlayfs: failed to clone upperpath
[  255.298518][ T9029] loop3: detected capacity change from 0 to 32768
[  255.359821][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  255.379172][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  255.404777][ T9029] XFS (loop3): Mounting V5 Filesystem
[  255.414316][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  255.449241][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  255.492248][ T8643] device veth0_vlan entered promiscuous mode
[  255.519563][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  255.545166][ T9029] XFS (loop3): Ending clean mount
[  255.568056][ T9029] XFS (loop3): Quotacheck needed: Please wait.
[  255.584311][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  255.594652][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.594740][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  255.600677][ T9089] loop9: detected capacity change from 0 to 2048
[  255.622783][ T9089] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  255.623828][ T8643] device veth1_vlan entered promiscuous mode
[  255.742631][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  255.764740][ T9029] XFS (loop3): Quotacheck: Done.
[  255.778383][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  255.802662][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  255.815552][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  255.832526][ T8643] device veth0_macvtap entered promiscuous mode
[  255.852873][ T8643] device veth1_macvtap entered promiscuous mode
[  255.891402][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.918375][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.937969][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.959063][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.001145][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.031160][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.051307][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.066160][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.116536][ T4258] XFS (loop3): Unmounting Filesystem
[  256.138148][ T8643] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.183463][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  256.223826][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  256.249967][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  256.303544][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  256.353724][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.381707][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.420694][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.461151][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.471060][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.514136][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.534735][ T8643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.555775][ T8643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.608407][ T8643] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.627931][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  256.665418][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  256.699868][ T8643] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.721344][ T8643] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.740429][ T8643] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.755596][ T8643] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.031779][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.081252][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.110664][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  257.157382][ T4552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.193936][ T4552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.253661][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  258.098917][   T26] audit: type=1326 audit(1734133410.499:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.106907][ T9153] loop3: detected capacity change from 0 to 1024
[  258.122361][ T9152] netlink: 'syz.4.1086': attribute type 2 has an invalid length.
[  258.201150][   T26] audit: type=1326 audit(1734133410.539:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.231821][ T9152] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1086'.
[  258.292351][   T26] audit: type=1326 audit(1734133410.539:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.397949][   T26] audit: type=1326 audit(1734133410.539:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.467316][   T26] audit: type=1326 audit(1734133410.549:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.586272][   T26] audit: type=1326 audit(1734133410.549:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.801774][   T26] audit: type=1326 audit(1734133410.549:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  258.925841][   T26] audit: type=1326 audit(1734133410.549:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  259.045188][   T26] audit: type=1326 audit(1734133410.549:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  259.079286][   T26] audit: type=1326 audit(1734133410.549:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.9.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd1f85d19 code=0x7ffc0000
[  259.301321][ T5486] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  259.491275][ T5486] usb 4-1: Using ep0 maxpacket: 8
[  259.502424][ T5486] usb 4-1: config 0 has no interfaces?
[  259.507958][ T5486] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  259.550188][ T5486] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.596210][ T5486] usb 4-1: config 0 descriptor??
[  259.846040][ T5487] usb 4-1: USB disconnect, device number 9
[  260.016754][ T9212] loop4: detected capacity change from 0 to 1024
[  260.055260][ T9212] EXT4-fs: Ignoring removed orlov option
[  260.105970][ T9212] EXT4-fs: Ignoring removed nomblk_io_submit option
[  260.200933][ T9212] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  260.411490][ T8643] EXT4-fs (loop4): unmounting filesystem.
[  261.016464][   T32] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  261.226650][   T32] usb 10-1: Using ep0 maxpacket: 8
[  261.234007][   T32] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  261.271381][   T32] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  261.332387][   T32] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  261.369343][   T32] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  261.420599][   T32] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  261.479317][   T32] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  261.519520][   T32] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.770506][   T32] usb 10-1: usb_control_msg returned -32
[  261.776410][   T32] usbtmc 10-1:16.0: can't read capabilities
[  262.123849][ T9266] usbtmc 10-1:16.0: send_request_dev_dep_msg_in returned -90
[  262.320012][ T9247] loop4: detected capacity change from 0 to 40427
[  262.348318][ T9247] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  262.373907][ T9247] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  262.416376][ T9247] F2FS-fs (loop4): invalid crc value
[  262.478257][ T9247] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  262.561467][ T9247] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  262.568671][ T9247] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  262.652578][ T9247] syz.4.1111: attempt to access beyond end of device
[  262.652578][ T9247] loop4: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  262.750509][ T8643] syz-executor: attempt to access beyond end of device
[  262.750509][ T8643] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  263.192593][ T9299] loop4: detected capacity change from 0 to 512
[  263.245135][ T9299] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  263.271657][ T9299] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  263.283475][ T9299] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1115: Corrupt directory, running e2fsck is recommended
[  263.296750][ T9299] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  263.310835][ T9299] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.1115: corrupted in-inode xattr
[  263.330140][ T9299] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1115: couldn't read orphan inode 15 (err -117)
[  263.359192][ T9299] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  263.390982][ T9299] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  263.402753][ T9299] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  263.418620][ T9299] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1115: Corrupt directory, running e2fsck is recommended
[  263.444254][ T9299] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  263.460629][ T9299] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  263.493391][ T9299] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1115: Corrupt directory, running e2fsck is recommended
[  263.551793][ T9310] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  263.615388][ T9310] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  263.661157][ T9310] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1115: Corrupt directory, running e2fsck is recommended
[  263.716878][ T9299] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  263.806358][ T9310] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.1115: path /8/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  263.829697][   T32] usb 10-1: USB disconnect, device number 8
[  263.870441][ T9310] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 64: comm syz.4.1115: path /8/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.165700][ T8643] EXT4-fs (loop4): unmounting filesystem.
[  264.420206][ T9337] loop9: detected capacity change from 0 to 1024
[  265.400172][ T9335] loop4: detected capacity change from 0 to 32768
[  265.485980][ T9335] Process accounting resumed
[  265.500735][ T9335] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt
[  265.500735][ T9335] 
[  265.564155][ T9335] ERROR: (device loop4): remounting filesystem as read-only
[  265.581466][ T9335] xtLookup: xtSearch returned -5
[  265.607300][ T9335] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt
[  265.607300][ T9335] 
[  265.659335][ T9335] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt
[  265.659335][ T9335] 
[  265.699071][ T9349] loop9: detected capacity change from 0 to 32768
[  265.706229][ T9335] xtLookup: xtSearch returned -5
[  265.717186][ T9335] ERROR: (device loop4): xtTruncate: XT_GETPAGE: xtree page corrupt
[  265.717186][ T9335] 
[  265.736934][ T9349] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 scanned by syz.9.1131 (9349)
[  265.827662][ T9349] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  265.858994][ T9349] BTRFS info (device loop9): using sha256 (sha256-avx2) checksum algorithm
[  265.907063][ T9349] BTRFS info (device loop9): enabling auto defrag
[  265.933984][ T9349] BTRFS info (device loop9): doing ref verification
[  265.944098][ T9349] BTRFS info (device loop9): use no compression
[  265.950384][ T9349] BTRFS info (device loop9): force clearing of disk cache
[  265.988876][ T9349] BTRFS info (device loop9): disabling free space tree
[  266.331018][ T9349] BTRFS info (device loop9): enabling ssd optimizations
[  266.355026][ T9349] BTRFS info (device loop9): rebuilding free space tree
[  266.415902][ T9349] BTRFS info (device loop9): disabling free space tree
[  266.431371][ T9349] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  266.480466][ T9349] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  266.787804][ T7471] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  267.452949][ T9437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1151'.
[  267.545415][ T4294] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  267.761428][ T4294] usb 5-1: Using ep0 maxpacket: 8
[  267.779272][ T4294] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  267.809477][ T4294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.839564][ T4294] usb 5-1: Product: syz
[  267.849687][ T4294] usb 5-1: Manufacturer: syz
[  267.865966][ T4294] usb 5-1: SerialNumber: syz
[  267.897171][ T4294] usb 5-1: config 0 descriptor??
[  268.125934][ T4294] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  268.667288][ T9456] loop9: detected capacity change from 0 to 32768
[  268.691989][ T9456] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop9 scanned by syz.9.1157 (9456)
[  268.732392][ T9456] BTRFS info (device loop9): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  268.780147][ T9456] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm
[  268.831272][ T9456] BTRFS info (device loop9): using free space tree
[  269.054938][ T9456] BTRFS info (device loop9): enabling ssd optimizations
[  269.267723][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  269.267738][   T26] audit: type=1804 audit(1734133421.669:80): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1157" name="/newroot/71/file0/file1" dev="loop9" ino=260 res=1 errno=0
[  269.348194][ T4294] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  269.388628][ T4294] usb 5-1: USB disconnect, device number 5
[  269.400768][ T7471] BTRFS info (device loop9): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  270.897302][   T26] audit: type=1326 audit(1734133423.299:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  270.968341][   T26] audit: type=1326 audit(1734133423.329:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.062540][   T26] audit: type=1326 audit(1734133423.329:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.128759][ T9562] 9pnet_fd: Insufficient options for proto=fd
[  271.171168][   T26] audit: type=1326 audit(1734133423.329:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.237759][   T26] audit: type=1326 audit(1734133423.329:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.291185][   T26] audit: type=1326 audit(1734133423.329:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.346556][   T26] audit: type=1326 audit(1734133423.339:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.387439][   T26] audit: type=1326 audit(1734133423.339:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.423322][   T26] audit: type=1326 audit(1734133423.339:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88a5785d19 code=0x7ffc0000
[  271.437764][ T9552] loop4: detected capacity change from 0 to 32768
[  271.481413][ T4973] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  271.514427][ T9552] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop4 scanned by syz.4.1177 (9552)
[  271.584269][ T9552] BTRFS info (device loop4): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  271.637199][ T9552] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  271.671221][ T9552] BTRFS info (device loop4): using free space tree
[  271.691319][ T4973] usb 10-1: Using ep0 maxpacket: 32
[  271.698287][ T4973] usb 10-1: config 0 has an invalid interface number: 132 but max is 0
[  271.730560][ T4973] usb 10-1: config 0 has no interface number 0
[  271.777829][ T4973] usb 10-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  271.848051][ T4973] usb 10-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  271.901199][ T4973] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.919537][ T4973] usb 10-1: Product: syz
[  271.943263][ T4973] usb 10-1: Manufacturer: syz
[  271.947999][ T4973] usb 10-1: SerialNumber: syz
[  271.967184][ T9552] BTRFS info (device loop4): enabling ssd optimizations
[  271.981199][ T4973] usb 10-1: config 0 descriptor??
[  271.993786][ T9569] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  272.009940][ T4973] em28xx 10-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  272.031206][ T4973] em28xx 10-1:0.132: Video interface 132 found: bulk
[  272.288755][ T8643] BTRFS info (device loop4): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  272.431369][ T4973] em28xx 10-1:0.132: unknown em28xx chip ID (0)
[  272.919974][ T9634] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1197'.
[  272.981188][ T9634] tipc: Started in network mode
[  272.996387][ T9634] tipc: Node identity bridge_sn, cluster identity 8
[  273.081354][ T4973] em28xx 10-1:0.132: failed to read eeprom (err=-110)
[  273.088195][ T4973] em28xx 10-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-110]
[  273.216901][ T9643] overlayfs: failed to clone upperpath
[  273.321259][ T4973] em28xx 10-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  273.342293][ T4973] em28xx 10-1:0.132: analog set to bulk mode.
[  273.395958][ T4973] usb 10-1: USB disconnect, device number 9
[  273.434991][ T4973] em28xx 10-1:0.132: Disconnecting em28xx
[  273.461641][ T4980] em28xx 10-1:0.132: Registering V4L2 extension
[  273.945661][ T4980] em28xx 10-1:0.132: Config register raw data: 0xffffffed
[  273.964135][ T4980] em28xx 10-1:0.132: AC97 chip type couldn't be determined
[  273.996863][ T4980] em28xx 10-1:0.132: No AC97 audio processor
[  274.058926][ T4980] usb 10-1: Decoder not found
[  274.069072][ T4980] em28xx 10-1:0.132: failed to create media graph
[  274.097213][ T4980] em28xx 10-1:0.132: V4L2 device video103 deregistered
[  274.144653][ T4980] em28xx 10-1:0.132: Remote control support is not available for this card.
[  274.188767][ T4973] em28xx 10-1:0.132: Closing input extension
[  274.294825][ T4973] em28xx 10-1:0.132: Freeing device
[  274.296066][ T9639] loop4: detected capacity change from 0 to 32768
[  274.337840][ T9639] XFS: ikeep mount option is deprecated.
[  274.450847][ T9639] XFS (loop4): Mounting V5 Filesystem
[  274.672326][ T9639] XFS (loop4): Ending clean mount
[  274.684693][ T9639] XFS (loop4): Quotacheck needed: Please wait.
[  274.746675][ T9639] XFS (loop4): Quotacheck: Done.
[  275.049411][ T8643] XFS (loop4): Unmounting Filesystem
[  276.321252][   T32] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  276.475651][ T9762] overlayfs: failed to clone upperpath
[  276.523193][   T32] usb 5-1: Using ep0 maxpacket: 32
[  276.543151][   T32] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  276.583911][   T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.615513][   T32] usb 5-1: config 0 descriptor??
[  276.636033][   T32] gspca_main: sunplus-2.14.0 probing 041e:400b
[  276.727961][ T4973] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  276.934351][ T4973] usb 10-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  276.967390][ T4973] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.000442][ T4973] usb 10-1: config 0 descriptor??
[  277.029082][ T4973] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  278.044107][   T32] gspca_sunplus: reg_w_riv err -71
[  278.049324][   T32] sunplus: probe of 5-1:0.0 failed with error -71
[  278.077858][   T32] usb 5-1: USB disconnect, device number 6
[  278.273288][ T4973] usb 10-1: USB disconnect, device number 10
[  278.393747][ T9833] overlayfs: failed to clone upperpath
[  279.868911][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  279.868926][   T26] audit: type=1326 audit(1734133432.259:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9904 comm="syz.0.1271" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff552185d19 code=0x0
[  280.393693][ T9886] loop4: detected capacity change from 0 to 40427
[  280.418410][ T9886] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  280.440374][ T9886] F2FS-fs (loop4): invalid crc value
[  280.462752][ T9886] F2FS-fs (loop4): Found nat_bits in checkpoint
[  280.587296][ T9886] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  280.780257][ T8643] syz-executor: attempt to access beyond end of device
[  280.780257][ T8643] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  282.438528][T10001] loop9: detected capacity change from 0 to 4096
[  283.583887][T10044] loop4: detected capacity change from 0 to 512
[  283.652843][T10044] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  283.689160][T10044] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  283.724849][T10044] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.1301: corrupted in-inode xattr
[  283.741788][T10044] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1301: couldn't read orphan inode 15 (err -117)
[  283.812303][T10044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  283.959157][T10050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1302'.
[  283.970183][T10040] loop9: detected capacity change from 0 to 40427
[  284.018095][T10040] F2FS-fs (loop9): invalid crc value
[  284.076623][T10040] F2FS-fs (loop9): Found nat_bits in checkpoint
[  284.077114][ T8643] EXT4-fs (loop4): unmounting filesystem.
[  284.245652][T10040] F2FS-fs (loop9): Cannot turn on quotas: -2 on 1
[  284.277498][T10040] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  284.481354][T10077] netlink: 566 bytes leftover after parsing attributes in process `syz.1.1308'.
[  284.534450][ T6528] kworker/u4:18: attempt to access beyond end of device
[  284.534450][ T6528] loop9: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  284.639553][T10040] VFS:Filesystem freeze failed
[  285.692686][T10103] loop4: detected capacity change from 0 to 512
[  285.837569][T10103] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2759: inode #12: comm syz.4.1319: corrupted xattr block 142
[  285.941323][T10103] EXT4-fs (loop4): Remounting filesystem read-only
[  285.986612][T10103] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  286.066714][T10103] EXT4-fs (loop4): 1 truncate cleaned up
[  286.106377][T10103] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  286.602903][ T8643] EXT4-fs (loop4): unmounting filesystem.
[  286.745913][T10119] kvm: MONITOR instruction emulated as NOP!
[  286.792954][T10125] overlayfs: failed to clone upperpath
[  288.076528][T10133] loop4: detected capacity change from 0 to 32768
[  288.132282][T10133] XFS: ikeep mount option is deprecated.
[  288.216428][T10133] XFS (loop4): Mounting V5 Filesystem
[  288.424283][T10133] XFS (loop4): Ending clean mount
[  288.433890][T10133] XFS (loop4): Quotacheck needed: Please wait.
[  288.480558][T10189] loop9: detected capacity change from 0 to 1024
[  288.546721][T10189] ext4: Unknown parameter 'dont_appraise'
[  288.578521][T10133] XFS (loop4): Quotacheck: Done.
[  288.983486][ T8643] XFS (loop4): Unmounting Filesystem
[  289.335153][T10221] overlayfs: failed to clone upperpath
[  289.625827][T10200] loop9: detected capacity change from 0 to 32768
[  289.677171][T10200] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop9 scanned by syz.9.1338 (10200)
[  289.760699][T10200] BTRFS info (device loop9): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  289.803248][T10200] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[  289.841562][T10200] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  289.904062][T10200] BTRFS info (device loop9): use zstd compression, level 3
[  289.938810][T10200] BTRFS info (device loop9): using free space tree
[  290.036022][T10243] overlayfs: failed to clone upperpath
[  290.048618][T10240] netlink: 566 bytes leftover after parsing attributes in process `syz.3.1349'.
[  290.301331][T10200] BTRFS info (device loop9): enabling ssd optimizations
[  291.762293][   T26] audit: type=1800 audit(1734133444.169:92): pid=10200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1338" name="file1" dev="loop9" ino=260 res=0 errno=0
[  292.500468][ T7471] BTRFS info (device loop9): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  292.651248][ T4255] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[  293.959315][T10352] loop4: detected capacity change from 0 to 4096
[  294.940308][T10394] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  297.831604][ T4255] Bluetooth: hci1: command 0x0411 tx timeout
[  298.222541][T10518] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  298.681334][  T125] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  298.905005][  T125] usb 5-1: config 0 has an invalid interface number: 59 but max is 0
[  298.935101][  T125] usb 5-1: config 0 has no interface number 0
[  298.969398][  T125] usb 5-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=de.44
[  299.007504][  T125] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.041236][  T125] usb 5-1: Product: syz
[  299.045435][  T125] usb 5-1: Manufacturer: syz
[  299.074016][  T125] usb 5-1: SerialNumber: syz
[  299.109029][  T125] usb 5-1: config 0 descriptor??
[  299.124665][  T125] snd-usb-caiaq 5-1:0.59: can't set alt interface.
[  299.151225][  T125] usb 5-1: unable to init card! (ret=-5)
[  299.166855][  T125] snd-usb-caiaq: probe of 5-1:0.59 failed with error -5
[  299.320979][  T125] usb 5-1: USB disconnect, device number 7
[  299.756706][T10597] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  300.218799][T10615] overlayfs: failed to clone upperpath
[  300.631244][T10638] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  301.092132][T10655] vcan0: tx drop: invalid da for name 0x0000000000000002
[  301.166509][T10658] Invalid option length (1025206) for dns_resolver key
[  301.606004][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.626490][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.643494][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.668743][T10683] overlayfs: failed to clone upperpath
[  301.687133][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.709027][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.739528][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.761228][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.784781][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.813845][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.837531][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.865397][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.887900][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.910254][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.934005][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.957924][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  301.973948][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.001963][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.025302][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.045866][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.066761][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.086984][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.112795][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.139107][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.158774][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.183274][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.206102][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.233559][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.262996][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.295441][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.304977][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.318202][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.328347][ T4983] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.359082][ T4983] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  303.045970][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1480'.
[  303.404655][T10748] loop4: detected capacity change from 0 to 512
[  303.471480][T10748] EXT4-fs: Ignoring removed mblk_io_submit option
[  303.511127][T10748] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  303.571913][T10748] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016c118, mo2=0002]
[  303.597197][T10748] System zones: 1-12
[  303.654852][T10748] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.1485: corrupted in-inode xattr
[  303.714818][T10748] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1485: couldn't read orphan inode 15 (err -117)
[  303.774844][T10748] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  303.882911][T10748] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.1485: bad entry in directory: directory entry overrun - offset=128, inode=18, rec_len=896, size=1012 fake=0
[  304.027686][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.056738][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 0
[  304.087124][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.106541][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 1024
[  304.123796][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.141401][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 2048
[  304.158128][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.175652][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 3072
[  304.193783][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.210930][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 4096
[  304.228331][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.245457][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 5120
[  304.324063][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.345059][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 6144
[  304.362128][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.378839][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 7168
[  304.402762][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  304.449873][ T8643] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /56/file0/lost+found: directory fails checksum at offset 8192
[  304.512374][ T8643] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  306.090774][ T8643] EXT4-fs (loop4): unmounting filesystem.
[  306.154478][T10805] loop9: detected capacity change from 0 to 2048
[  306.176308][    C0] Unknown status report in ack skb
[  306.238467][T10805] EXT4-fs: Ignoring removed mblk_io_submit option
[  306.296264][ T4552] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.328609][T10805] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  306.507474][ T6513] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm kworker/u4:11: bg 0: block 234: padding at end of block bitmap is not set
[  306.530742][ T4552] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.595770][ T6513] EXT4-fs (loop9): Remounting filesystem read-only
[  306.617502][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  306.729174][ T4552] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.944415][ T4552] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.376262][   T22] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  307.511478][ T4261] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  307.538397][ T4261] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  307.551664][ T4261] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  307.564871][ T4261] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  307.574501][ T4261] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  307.582041][ T4261] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  307.628917][   T22] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  307.670881][   T22] usb 10-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  307.721328][   T22] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.765509][   T22] usb 10-1: config 0 descriptor??
[  307.988631][   T22] usb 10-1: USB disconnect, device number 11
[  308.416195][T10841] chnl_net:caif_netlink_parms(): no params data found
[  309.130216][T10841] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.148277][T10841] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.167733][T10841] device bridge_slave_0 entered promiscuous mode
[  309.211647][T10841] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.250611][T10841] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.270418][T10841] device bridge_slave_1 entered promiscuous mode
[  309.571185][T10841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.651254][ T4552] device hsr_slave_0 left promiscuous mode
[  309.664659][ T4552] device hsr_slave_1 left promiscuous mode
[  309.714106][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.724745][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.755301][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.765288][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.803368][ T4261] Bluetooth: hci1: command 0x0409 tx timeout
[  309.813853][ T4552] device bridge_slave_1 left promiscuous mode
[  309.842098][ T4552] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.872123][T10894] loop9: detected capacity change from 0 to 32768
[  309.903286][ T4552] device bridge_slave_0 left promiscuous mode
[  309.909565][ T4552] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.917053][T10894] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.1522 (10894)
[  309.991798][T10894] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  310.025953][ T4552] device veth1_macvtap left promiscuous mode
[  310.046463][T10894] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm
[  310.047045][ T4552] device veth0_macvtap left promiscuous mode
[  310.081002][T10894] BTRFS info (device loop9): setting nodatacow, compression disabled
[  310.082963][ T4552] device veth1_vlan left promiscuous mode
[  310.089127][T10894] BTRFS info (device loop9): max_inline at 0
[  310.089152][T10894] BTRFS info (device loop9): enabling disk space caching
[  310.119659][ T4552] device veth0_vlan left promiscuous mode
[  310.174577][T10894] BTRFS info (device loop9): turning off barriers
[  310.194588][T10894] BTRFS info (device loop9): turning on flush-on-commit
[  310.225767][T10894] BTRFS info (device loop9): doing ref verification
[  310.249413][T10894] BTRFS info (device loop9): force clearing of disk cache
[  310.290565][T10894] BTRFS info (device loop9): enabling ssd optimizations
[  310.323126][T10894] BTRFS info (device loop9): max_inline at 4096
[  310.347953][T10894] BTRFS info (device loop9): disk space caching is enabled
[  310.674543][T10894] BTRFS info (device loop9): rebuilding free space tree
[  310.727500][ T4261] Bluetooth: hci4: Ignoring connect complete event for invalid link type
[  310.754124][T10894] BTRFS info (device loop9): disabling free space tree
[  310.776983][T10894] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  310.794947][T10894] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  311.273396][ T7471] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  311.457177][T10962] overlayfs: failed to clone upperpath
[  311.894738][T10970] loop9: detected capacity change from 0 to 8192
[  311.924649][T10970] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  311.951569][T10970] REISERFS (device loop9): found reiserfs format "3.6" with non-standard journal
[  311.961000][T10970] REISERFS (device loop9): using ordered data mode
[  311.967990][T10970] reiserfs: using flush barriers
[  311.974577][T10970] REISERFS (device loop9): journal params: device loop9, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  311.991202][T10970] REISERFS (device loop9): checking transaction log (loop9)
[  312.032161][ T4261] Bluetooth: hci1: command 0x041b tx timeout
[  312.146874][T10970] REISERFS (device loop9): Using tea hash to sort names
[  312.154328][T10970] REISERFS warning (device loop9): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  312.173838][T10970] REISERFS (device loop9): Created .reiserfs_priv - reserved for xattr storage.
[  312.239683][ T4552] team0 (unregistering): Port device team_slave_1 removed
[  312.255390][T10970] overlayfs: upper fs needs to support d_type.
[  312.261616][T10970] overlayfs: upper fs does not support tmpfile.
[  312.296129][T10970] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  312.335808][ T4552] team0 (unregistering): Port device team_slave_0 removed
[  312.339109][T10970] overlayfs: failed to resolve './file0/../file0': -2
[  312.425641][ T4552] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.504059][ T4552] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.589701][T10975] netlink: 'syz.9.1542': attribute type 1 has an invalid length.
[  312.885427][T10981] loop9: detected capacity change from 0 to 512
[  312.917611][T10981] EXT4-fs: inline encryption not supported
[  312.975738][T10981] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  312.997595][T10981] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.082650][T10981] EXT4-fs error (device loop9): ext4_do_update_inode:5224: inode #2: comm syz.9.1545: corrupted inode contents
[  313.117372][T10981] EXT4-fs error (device loop9): ext4_dirty_inode:6089: inode #2: comm syz.9.1545: mark_inode_dirty error
[  313.139637][T10981] EXT4-fs error (device loop9): ext4_do_update_inode:5224: inode #2: comm syz.9.1545: corrupted inode contents
[  313.159172][T10981] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #2: comm syz.9.1545: mark_inode_dirty error
[  313.206994][   T26] audit: type=1800 audit(1734133464.868:93): pid=10981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1545" name="file0" dev="loop9" ino=18 res=0 errno=0
[  313.293859][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  313.586521][ T4552] bond0 (unregistering): Released all slaves
[  313.679738][T10841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.752723][T10841] team0: Port device team_slave_0 added
[  313.795194][T10841] team0: Port device team_slave_1 added
[  313.881383][T10841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  313.895659][T10988] loop9: detected capacity change from 0 to 2048
[  313.911514][T10841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.962359][T10841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.976510][T10841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.984153][T10841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.012750][T10841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.054266][T10988] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  314.119659][   T26] audit: type=1800 audit(1734133465.710:94): pid=10988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1548" name="bus" dev="loop9" ino=18 res=0 errno=0
[  314.161524][   T26] audit: type=1800 audit(1734133465.738:95): pid=10988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1548" name="bus" dev="loop9" ino=18 res=0 errno=0
[  314.164345][T10841] device hsr_slave_0 entered promiscuous mode
[  314.238470][T10841] device hsr_slave_1 entered promiscuous mode
[  314.250746][ T4261] Bluetooth: hci1: command 0x040f tx timeout
[  314.431790][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  315.212706][ T5487] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  315.432211][ T5487] usb 10-1: Using ep0 maxpacket: 16
[  315.469149][ T5487] usb 10-1: unable to get BOS descriptor or descriptor too short
[  315.499271][ T5487] usb 10-1: unable to read config index 0 descriptor/start: -71
[  315.520774][ T5487] usb 10-1: can't read configurations, error -71
[  316.051264][T10841] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  316.111398][T10841] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  316.162089][T10841] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  316.192396][T10841] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  316.428864][T10841] 8021q: adding VLAN 0 to HW filter on device bond0
[  316.463297][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  316.474287][ T4261] Bluetooth: hci1: command 0x0419 tx timeout
[  316.479079][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  316.541621][T10841] 8021q: adding VLAN 0 to HW filter on device team0
[  316.552978][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  316.614016][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  316.645428][ T6523] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.652553][ T6523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.722043][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  316.752464][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  316.787335][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  316.824708][ T6523] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.831898][ T6523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.862638][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  316.888340][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  316.973473][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  317.011482][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  317.041504][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  317.083842][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  317.105101][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  317.118343][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  317.148330][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  317.177521][T10841] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  317.208695][T11084] loop9: detected capacity change from 0 to 32768
[  317.250736][T10841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  317.265190][T11084] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.1573 (11084)
[  317.306947][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  317.321644][T11103] af_packet: tpacket_rcv: packet too big, clamped from 126 to 4294967286. macoff=82
[  317.327240][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  317.332058][T11084] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  317.373928][T11084] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm
[  317.416010][T11084] BTRFS info (device loop9): turning off barriers
[  317.441725][T11084] BTRFS info (device loop9): allowing degraded mounts
[  317.464383][T11084] BTRFS info (device loop9): setting nodatasum
[  317.508493][T11084] BTRFS info (device loop9): enabling auto defrag
[  317.542769][T11084] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_LZO (0x8)
[  317.588706][T11084] BTRFS info (device loop9): use lzo compression, level 0
[  317.629128][T11084] BTRFS info (device loop9): using free space tree
[  317.976664][T11084] BTRFS info (device loop9): enabling ssd optimizations
[  318.032040][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  318.075773][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  318.104230][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  318.110605][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  318.174353][T10841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  318.245337][   T26] audit: type=1804 audit(1734133469.573:96): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1573" name="/newroot/138/file0/bus" dev="loop9" ino=263 res=1 errno=0
[  318.322376][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  318.343894][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  318.417660][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  318.429703][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.490108][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.506235][ T7471] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  318.538032][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.572393][T10841] device veth0_vlan entered promiscuous mode
[  318.646710][T10841] device veth1_vlan entered promiscuous mode
[  318.863129][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  318.880070][T11158] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1588'.
[  318.892933][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.947960][T10841] device veth0_macvtap entered promiscuous mode
[  319.020552][T10841] device veth1_macvtap entered promiscuous mode
[  319.084497][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.130664][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.162568][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.194302][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.242812][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.274805][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.296518][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.322058][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.356527][T10841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.386862][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  319.403828][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  319.412197][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  319.450282][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  319.484318][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.506072][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.527255][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.552236][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.568637][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.595593][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.627255][T10841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.670763][T10841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.698428][T10841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.726975][T11185] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1597'.
[  319.857851][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  319.896244][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  319.943815][T10841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.999483][T10841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.033092][T10841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.058713][T10841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.419926][ T4552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.448660][ T4552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.486486][ T6532] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.498503][ T6532] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.501526][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  320.551387][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  320.939871][T11217] loop2: detected capacity change from 0 to 128
[  320.989211][T11220] loop9: detected capacity change from 0 to 1024
[  321.048627][T11217] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  321.109282][T11217] ext4 filesystem being mounted at /1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  321.141021][    C0] vkms_vblank_simulate: vblank timer overrun
[  321.375508][ T6532] hfsplus: b-tree write err: -5, ino 4
[  321.516401][T10841] EXT4-fs (loop2): unmounting filesystem.
[  321.801881][T11255] loop9: detected capacity change from 0 to 1024
[  321.872694][   T26] audit: type=1800 audit(1734133472.959:97): pid=11255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1615" name="file1" dev="loop9" ino=20 res=0 errno=0
[  323.166478][ T5932] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  323.382989][ T5932] usb 3-1: Using ep0 maxpacket: 8
[  323.393834][ T5932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  323.446478][ T5932] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  323.476452][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.527819][ T5932] usb 3-1: config 0 descriptor??
[  323.769887][ T5932] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  324.286993][ T4980] usb 3-1: USB disconnect, device number 5
[  324.309804][ T4980] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected
[  324.499771][T11366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1649'.
[  324.543600][T11366] device erspan0 entered promiscuous mode
[  324.570232][T11366] device macvtap1 entered promiscuous mode
[  324.644683][T11370] device macvtap1 left promiscuous mode
[  324.885089][T11377] Process accounting resumed
[  325.010980][T11382] loop2: detected capacity change from 0 to 256
[  325.045209][T11382] exfat: Unknown parameter 'a<Ú_°<"}¸RR—î(z]93ã6ÿ0Ž��@ÞØ”t Bç–€3ü°tÂô¬ø¼ýŸ];7]êýë-׸ê†"W­.ŠlûÉßù‹iâÊ)h¥W.*Ðp{ÔGÿ›-§Z˜þmžÓ‡>…G´qyšÜ^%?HH]�ùþ¤ÊB/{¯½oW¼Óp—8'
[  325.713919][T11417] loop9: detected capacity change from 0 to 256
[  325.795531][T11417] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  325.808261][ T4261] Bluetooth: hci0: command 0x0406 tx timeout
[  327.336256][ T4974] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  327.430349][T11484] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1681'.
[  327.554613][ T4974] usb 10-1: Using ep0 maxpacket: 8
[  327.566775][ T4974] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  327.600756][ T4974] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.651484][ T4974] usb 10-1: config 0 descriptor??
[  328.727968][T11546] loop2: detected capacity change from 0 to 256
[  328.877034][T11546] loop2: detected capacity change from 256 to 0
[  328.975543][    C0] blk_print_req_error: 25 callbacks suppressed
[  328.975561][    C0] I/O error, dev loop2, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  328.991504][T10841] FAT-fs (loop2): Directory bread(block 3) failed
[  329.035426][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.063857][T10841] FAT-fs (loop2): unable to read boot sector to mark fs as dirty
[  329.192265][ T4974] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  329.219166][ T4974] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  329.245230][ T4974] asix: probe of 10-1:0.0 failed with error -71
[  329.270729][ T4974] usb 10-1: USB disconnect, device number 14
[  329.494797][ T6532] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.721642][ T6532] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.952495][ T6532] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.156550][ T6532] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.424754][ T4255] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  330.458561][ T4255] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  330.471134][ T4255] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  330.480826][ T4255] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  330.492008][ T4255] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  330.500604][ T4255] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  330.642404][T11604] loop9: detected capacity change from 0 to 1024
[  330.649441][T11604] EXT4-fs: Ignoring removed orlov option
[  330.655284][T11604] EXT4-fs: Ignoring removed nomblk_io_submit option
[  330.725448][T11604] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  331.267515][T11597] chnl_net:caif_netlink_parms(): no params data found
[  331.329868][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  331.461917][   T26] audit: type=1326 audit(1734133481.920:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.484767][   T26] audit: type=1326 audit(1734133481.920:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.521073][   T26] audit: type=1326 audit(1734133481.920:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.544261][   T26] audit: type=1326 audit(1734133481.986:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.566755][   T26] audit: type=1326 audit(1734133481.986:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.589218][   T26] audit: type=1326 audit(1734133482.014:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.596505][T11597] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.653752][   T26] audit: type=1326 audit(1734133482.014:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.660897][T11597] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.730756][T11597] device bridge_slave_0 entered promiscuous mode
[  331.747170][   T26] audit: type=1326 audit(1734133482.014:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11628 comm="syz.3.1721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  331.762917][T11597] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.804836][T11597] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.813373][T11597] device bridge_slave_1 entered promiscuous mode
[  331.937699][T11597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  332.030001][T11597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  332.040280][T11651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1726'.
[  332.050649][T11651] device bridge_slave_1 left promiscuous mode
[  332.060465][T11651] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.083290][T11651] device bridge_slave_0 left promiscuous mode
[  332.089568][T11651] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.378122][T11597] team0: Port device team_slave_0 added
[  332.401460][T11597] team0: Port device team_slave_1 added
[  332.515293][T11597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.542500][T11597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.641084][T11597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.724140][ T4255] Bluetooth: hci1: command 0x0409 tx timeout
[  332.765678][T11597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.795008][T11597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.824290][T11597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.947892][T11682] overlayfs: failed to clone upperpath
[  333.108006][T11597] device hsr_slave_0 entered promiscuous mode
[  333.165726][T11597] device hsr_slave_1 entered promiscuous mode
[  333.227555][T11597] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.235169][T11597] Cannot create hsr debugfs directory
[  333.532058][T11697] overlayfs: failed to clone lowerpath
[  333.729753][ T6532] device hsr_slave_0 left promiscuous mode
[  333.739036][ T6532] device hsr_slave_1 left promiscuous mode
[  333.798654][ T6532] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  333.814902][ T6532] batman_adv: batadv0: Removing interface: batadv_slave_0
[  333.837067][ T6532] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  333.855434][ T6532] batman_adv: batadv0: Removing interface: batadv_slave_1
[  333.879902][ T6532] device bridge_slave_1 left promiscuous mode
[  333.893309][ T6532] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.958136][ T6532] device bridge_slave_0 left promiscuous mode
[  333.974234][ T6532] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.058828][ T6532] device veth1_macvtap left promiscuous mode
[  334.070077][ T6532] device veth0_macvtap left promiscuous mode
[  334.097446][ T6532] device veth1_vlan left promiscuous mode
[  334.105806][ T6532] device veth0_vlan left promiscuous mode
[  334.947615][ T4255] Bluetooth: hci1: command 0x041b tx timeout
[  334.955072][   T26] audit: type=1326 audit(1734133485.203:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11751 comm="syz.3.1759" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x0
[  335.059463][ T6532] team0 (unregistering): Port device team_slave_1 removed
[  335.131426][ T6532] team0 (unregistering): Port device team_slave_0 removed
[  335.195306][ T6532] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  335.277781][ T6532] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  336.366466][T11776] loop9: detected capacity change from 0 to 1024
[  336.425042][T11776] hfsplus: xattr searching failed
[  336.457269][T11776] hfsplus: request for non-existent node 62977 in B*Tree
[  336.464908][T11776] hfsplus: request for non-existent node 62977 in B*Tree
[  336.497282][T11776] hfsplus: catalog searching failed
[  336.542216][ T6532] bond0 (unregistering): Released all slaves
[  336.555959][ T6514] hfsplus: b-tree write err: -5, ino 3
[  337.148093][T11802] loop9: detected capacity change from 0 to 16
[  337.171025][ T4255] Bluetooth: hci1: command 0x040f tx timeout
[  337.207320][T11802] erofs: Unknown parameter ''
[  337.252253][T11802] loop9: detected capacity change from 0 to 256
[  337.293625][T11802] exfat: Bad value for 'uid'
[  337.677373][T11822] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  338.627681][T11597] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  338.665360][T11597] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  338.697502][T11597] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  338.742905][T11597] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  338.976776][T11597] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.026463][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  339.064318][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  339.093225][T11597] 8021q: adding VLAN 0 to HW filter on device team0
[  339.151690][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  339.161980][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  339.196018][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.203178][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.232398][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  339.241285][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  339.268600][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  339.289261][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.296432][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.316482][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  339.356100][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  339.394847][ T4255] Bluetooth: hci1: command 0x0419 tx timeout
[  339.432720][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  339.480341][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  339.500795][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  339.521178][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  339.558452][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  339.578424][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  339.596828][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  339.616721][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  339.637784][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  339.650224][T11597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  340.143653][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  340.154342][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  340.184773][T11597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.051859][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  341.064309][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  341.108886][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  341.119585][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  341.130984][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  341.169980][ T6532] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  341.193047][T11597] device veth0_vlan entered promiscuous mode
[  341.250795][T11597] device veth1_vlan entered promiscuous mode
[  341.276316][   T22] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  341.315247][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  341.339931][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  341.370224][T11597] device veth0_macvtap entered promiscuous mode
[  341.395254][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  341.422349][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  341.444475][T11597] device veth1_macvtap entered promiscuous mode
[  341.459524][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  341.478999][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  341.500689][   T22] usb 10-1: Using ep0 maxpacket: 32
[  341.507796][   T22] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[  341.516253][   T22] usb 10-1: config 0 has no interface number 0
[  341.541180][   T22] usb 10-1: config 0 interface 12 has no altsetting 0
[  341.552592][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.574801][   T22] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  341.575146][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.600928][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.603139][   T22] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.621341][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.642409][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.650286][   T22] usb 10-1: Product: syz
[  341.664081][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.684087][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.690461][   T22] usb 10-1: Manufacturer: syz
[  341.699294][   T22] usb 10-1: SerialNumber: syz
[  341.701206][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.738992][   T22] usb 10-1: config 0 descriptor??
[  341.748649][T11597] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.786451][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  341.801861][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  341.836249][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.864343][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.885073][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.917810][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.938986][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.960496][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.970355][T11597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.997879][T11597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.023186][T11597] batman_adv: batadv0: Interface activated: batadv_slave_1
[  342.045449][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  342.078338][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  342.115069][T11597] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  342.146062][T11597] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  342.178454][T11597] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  342.200208][T11597] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.218200][ T4261] Bluetooth: hci3: command 0x0406 tx timeout
[  342.405995][ T6514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.437609][ T6514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.496569][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  342.515983][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.555595][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.605454][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  342.921023][T12016] loop5: detected capacity change from 0 to 2048
[  343.028344][T12016] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1708: bad orphan inode 8192
[  343.042803][T12016] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  343.278738][   T22] f81534 10-1:0.12: f81534_set_register: reg: 1002 data: 2f failed: -71
[  343.307441][   T22] f81534 10-1:0.12: f81534_find_config_idx: read failed: -71
[  343.326262][   T22] f81534 10-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  343.347935][   T22] f81534: probe of 10-1:0.12 failed with error -71
[  343.386079][   T22] usb 10-1: USB disconnect, device number 15
[  343.657003][T12050] device batadv_slave_0 entered promiscuous mode
[  343.665535][T12050] device batadv_slave_1 entered promiscuous mode
[  343.684820][T12049] device batadv_slave_1 left promiscuous mode
[  343.691857][T12049] device batadv_slave_0 left promiscuous mode
[  344.219442][T12074] Bluetooth: MGMT ver 1.22
[  344.686598][ T4292] usb 10-1: new low-speed USB device number 16 using dummy_hcd
[  344.900348][ T4292] usb 10-1: unable to get BOS descriptor or descriptor too short
[  344.917467][ T4292] usb 10-1: unable to read config index 0 descriptor/start: -71
[  344.929333][ T4292] usb 10-1: can't read configurations, error -71
[  345.141051][T11597] EXT4-fs (loop5): unmounting filesystem.
[  345.507423][ T6513] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.705933][ T6513] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.861303][ T6513] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.018640][ T6513] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.080881][T12157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1888'.
[  346.317477][ T4255] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  346.331284][ T4255] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  346.340938][ T4255] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  346.352127][ T4257] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  346.360057][ T4257] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  346.368028][ T4257] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  347.009149][T12166] chnl_net:caif_netlink_parms(): no params data found
[  347.410583][T12166] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.432193][T12166] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.456087][T12166] device bridge_slave_0 entered promiscuous mode
[  347.480921][T12166] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.512757][T12166] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.542425][T12166] device bridge_slave_1 entered promiscuous mode
[  347.994665][T12166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  348.245217][T12166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  348.510799][T12166] team0: Port device team_slave_0 added
[  348.545834][ T4261] Bluetooth: hci1: command 0x0409 tx timeout
[  348.555951][T12166] team0: Port device team_slave_1 added
[  348.645181][ T6513] device hsr_slave_0 left promiscuous mode
[  348.678051][ T6513] device hsr_slave_1 left promiscuous mode
[  348.691313][ T6513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.709799][ T6513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  348.734164][ T6513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.763769][ T6513] batman_adv: batadv0: Removing interface: batadv_slave_1
[  348.803344][ T6513] device bridge_slave_1 left promiscuous mode
[  348.820839][ T6513] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.850269][ T6513] device bridge_slave_0 left promiscuous mode
[  348.898676][ T6513] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.005171][ T6513] device veth1_macvtap left promiscuous mode
[  349.028183][ T6513] device veth0_macvtap left promiscuous mode
[  349.052291][ T6513] device veth1_vlan left promiscuous mode
[  349.058179][ T6513] device veth0_vlan left promiscuous mode
[  349.187483][T12263] loop9: detected capacity change from 0 to 32768
[  349.194573][T12263] XFS: ikeep mount option is deprecated.
[  349.263235][T12263] XFS (loop9): Mounting V5 Filesystem
[  349.382391][T12263] XFS (loop9): Ending clean mount
[  349.421719][T12263] XFS (loop9): Quotacheck needed: Please wait.
[  349.621342][T12263] XFS (loop9): Quotacheck: Done.
[  349.730239][ T7471] XFS (loop9): Unmounting Filesystem
[  350.118238][ T6513] team0 (unregistering): Port device team_slave_1 removed
[  350.188592][ T6513] team0 (unregistering): Port device team_slave_0 removed
[  350.251394][ T6513] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  350.366528][ T6513] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  350.769511][ T4261] Bluetooth: hci1: command 0x041b tx timeout
[  351.563326][ T6513] bond0 (unregistering): Released all slaves
[  351.733865][T12353] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  351.765063][T12166] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.785268][T12166] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.850101][T12166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.872331][T12166] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.879306][T12166] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.995486][T12166] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.236417][T12166] device hsr_slave_0 entered promiscuous mode
[  352.289091][T12166] device hsr_slave_1 entered promiscuous mode
[  352.997965][ T4261] Bluetooth: hci1: command 0x040f tx timeout
[  353.086441][   T26] audit: type=1326 audit(1734133502.162:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b5577cce7 code=0x7ffc0000
[  353.143840][   T26] audit: type=1326 audit(1734133502.162:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b55721f29 code=0x7ffc0000
[  353.212596][   T26] audit: type=1326 audit(1734133502.162:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  353.268405][   T26] audit: type=1326 audit(1734133502.162:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b5577cce7 code=0x7ffc0000
[  353.302919][   T26] audit: type=1326 audit(1734133502.162:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b55721f29 code=0x7ffc0000
[  353.333958][   T26] audit: type=1326 audit(1734133502.162:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  353.364489][   T26] audit: type=1326 audit(1734133502.162:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b5577cce7 code=0x7ffc0000
[  353.396017][   T26] audit: type=1326 audit(1734133502.162:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b55721f29 code=0x7ffc0000
[  353.418604][   T26] audit: type=1326 audit(1734133502.162:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b55785d19 code=0x7ffc0000
[  353.468664][   T26] audit: type=1326 audit(1734133502.162:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b5577cce7 code=0x7ffc0000
[  353.771211][T12433] device team_slave_0 entered promiscuous mode
[  353.778265][T12433] device team_slave_1 entered promiscuous mode
[  353.813574][T12433] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  353.834657][T12433] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  353.880804][T12437] device bond0 entered promiscuous mode
[  353.888107][T12437] device bond_slave_0 entered promiscuous mode
[  353.898763][T12437] device bond_slave_1 entered promiscuous mode
[  353.906058][T12437] device macvlan2 entered promiscuous mode
[  353.912115][T12437] device team0 entered promiscuous mode
[  353.993999][T12444] vcan0: tx drop: invalid da for name 0x0000000000000002
[  354.376981][T12166] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  354.415678][T12166] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  354.439932][T12166] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  354.463488][T12166] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  354.580223][ T4292] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  354.693420][T12166] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.729743][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  354.741511][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  354.763120][T12166] 8021q: adding VLAN 0 to HW filter on device team0
[  354.780707][ T4292] usb 10-1: Using ep0 maxpacket: 16
[  354.788081][ T4292] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[  354.800234][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  354.809618][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  354.820401][ T6514] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.827590][ T6514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.827918][ T4292] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024
[  354.870825][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  354.879329][ T4292] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  354.879377][ T4292] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  354.879400][ T4292] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.882513][ T4292] usb 10-1: config 0 descriptor??
[  354.903597][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  354.952271][ T6514] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.959428][ T6514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.016503][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  355.038198][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  355.058523][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  355.091822][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  355.142644][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  355.151759][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  355.198553][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  355.217177][ T4261] Bluetooth: hci1: command 0x0419 tx timeout
[  355.225620][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  355.254170][T12166] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  355.285258][T12166] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  355.309262][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  355.332284][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  355.354777][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  355.364195][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  355.383781][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  355.385686][ T4292] input: HID 045e:07da as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:045E:07DA.000E/input/input15
[  355.500580][ T4292] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[  355.898456][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  355.917977][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  355.937780][T12166] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.016538][   T22] usb 10-1: USB disconnect, device number 18
[  356.390207][T12545] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  356.420646][T12545] device batadv_slave_0 entered promiscuous mode
[  356.743898][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  356.768893][T12564] loop9: detected capacity change from 0 to 512
[  356.774285][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  356.775792][T12564] EXT4-fs: Ignoring removed mblk_io_submit option
[  356.891520][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  356.902759][T12564] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  356.922583][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  356.943724][T12564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016c118, mo2=0002]
[  356.960396][T12166] device veth0_vlan entered promiscuous mode
[  356.975925][T12564] System zones: 1-12
[  357.011519][T12564] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2186: inode #15: comm syz.9.1991: corrupted in-inode xattr
[  357.029886][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  357.056310][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  357.078344][T12564] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.1991: couldn't read orphan inode 15 (err -117)
[  357.113197][T12166] device veth1_vlan entered promiscuous mode
[  357.172594][T12564] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  357.214446][T12166] device veth0_macvtap entered promiscuous mode
[  357.252180][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  357.271695][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  357.312774][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  357.336365][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  357.371679][T12166] device veth1_macvtap entered promiscuous mode
[  357.388521][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  357.398603][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  357.404554][T12564] EXT4-fs error (device loop9): ext4_find_dest_de:2115: inode #2: block 13: comm syz.9.1991: bad entry in directory: directory entry overrun - offset=128, inode=18, rec_len=896, size=1012 fake=0
[  357.442247][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.469748][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.515508][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.558159][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.568034][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.610655][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  357.617015][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.661154][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 0
[  357.662720][T12166] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.696412][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  357.714614][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  357.719258][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  357.755666][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 1024
[  357.776777][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.826573][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.857846][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  357.862513][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.898926][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 2048
[  357.925750][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.939558][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  357.961262][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.984562][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.985545][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 3072
[  358.005559][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.039972][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.051592][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.074070][T12166] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.087283][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 4096
[  358.108519][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  358.119132][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.128453][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  358.143295][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 5120
[  358.159277][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.178217][T12608] netlink: 'syz.0.2003': attribute type 1 has an invalid length.
[  358.188103][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 6144
[  358.219775][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.220125][T12166] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.241538][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 7168
[  358.259926][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.276221][ T7471] EXT4-fs error (device loop9): ext4_readdir:220: inode #11: comm syz-executor: path /211/file0/lost+found: directory fails checksum at offset 8192
[  358.291747][T12166] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.306702][ T7471] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  358.339653][T12166] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.388015][T12166] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.441501][T12609] bond1: (slave gretap1): making interface the new active one
[  358.469138][T12609] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  358.623968][ T6514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.671302][ T6514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.716009][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  358.758853][ T6514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.778158][ T6514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.862697][ T6523] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  358.934274][T12612] overlayfs: failed to clone upperpath
[  359.322408][ T4289] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  359.531045][ T4289] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.563856][ T4289] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.586655][ T4289] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  359.610787][ T4289] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  359.630071][ T4289] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.669721][ T4289] usb 7-1: config 0 descriptor??
[  359.954993][ T7471] EXT4-fs (loop9): unmounting filesystem.
[  360.124639][ T4289] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  360.132647][ T4289] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  360.199516][ T4289] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  360.262881][ T6523] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.414281][ T6523] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.588052][ T6523] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.695260][ T4292] usb 7-1: USB disconnect, device number 3
[  360.785821][ T6523] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.023650][ T4261] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  361.044071][ T4261] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  361.052840][ T4261] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  361.070581][ T4261] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  361.081222][ T4261] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  361.095867][ T4261] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  361.352714][T12695] netlink: 'syz.3.2023': attribute type 10 has an invalid length.
[  361.411260][T12695] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.420141][T12695] team0: Port device bond0 added
[  361.571651][T12682] chnl_net:caif_netlink_parms(): no params data found
[  361.932215][T12682] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.941841][T12682] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.949988][T12682] device bridge_slave_0 entered promiscuous mode
[  362.022731][T12682] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.041677][T12682] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.093919][T12682] device bridge_slave_1 entered promiscuous mode
[  362.250704][T12682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  362.274586][T12682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.656088][T12682] team0: Port device team_slave_0 added
[  362.696640][T12682] team0: Port device team_slave_1 added
[  362.953053][ T6523] device hsr_slave_0 left promiscuous mode
[  362.977384][ T6523] device hsr_slave_1 left promiscuous mode
[  363.007467][ T6523] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  363.024201][ T6523] batman_adv: batadv0: Removing interface: batadv_slave_0
[  363.041113][ T6523] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  363.056332][ T6523] batman_adv: batadv0: Removing interface: batadv_slave_1
[  363.091796][ T6523] device bridge_slave_1 left promiscuous mode
[  363.110787][ T6523] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.129839][ T6523] device bridge_slave_0 left promiscuous mode
[  363.136089][ T6523] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.218706][ T6523] device veth1_macvtap left promiscuous mode
[  363.229283][ T6523] device veth0_macvtap left promiscuous mode
[  363.240055][ T6523] device veth1_vlan left promiscuous mode
[  363.249119][ T6523] device veth0_vlan left promiscuous mode
[  363.256432][ T4261] Bluetooth: hci0: command 0x0409 tx timeout
[  364.291451][ T6523] team0 (unregistering): Port device team_slave_1 removed
[  364.349844][ T6523] team0 (unregistering): Port device team_slave_0 removed
[  364.401190][ T6523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.458561][ T6523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  365.016886][ T6523] bond0 (unregistering): Released all slaves
[  365.115373][T12682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.122551][T12682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.148607][T12682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.168076][T12682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.188422][T12682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.215092][T12682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.391279][T12682] device hsr_slave_0 entered promiscuous mode
[  365.430954][T12682] device hsr_slave_1 entered promiscuous mode
[  365.454320][T12682] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  365.483744][ T4257] Bluetooth: hci0: command 0x041b tx timeout
[  365.507899][T12682] Cannot create hsr debugfs directory
[  367.358557][T12877] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2068'.
[  367.387464][T12877] device bridge_slave_1 left promiscuous mode
[  367.394389][T12877] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.451063][T12877] device bridge_slave_0 left promiscuous mode
[  367.457435][T12877] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.700961][T12682] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  367.703475][ T4257] Bluetooth: hci0: command 0x040f tx timeout
[  367.756868][T12682] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  367.778972][T12682] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  367.836921][T12682] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  368.142914][T12682] 8021q: adding VLAN 0 to HW filter on device bond0
[  368.176175][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  368.201045][T12912] 9pnet: p9_errstr2errno: server reported unknown error ™^Pœ£—¯
[  368.209963][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  368.244297][T12682] 8021q: adding VLAN 0 to HW filter on device team0
[  368.302870][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  368.312146][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  368.353928][ T6514] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.361126][ T6514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.387933][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  368.412063][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  368.443714][ T6514] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.450934][ T6514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.512950][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  368.532604][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  368.552777][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  368.574935][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  368.611764][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  368.636990][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  368.686040][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  368.736398][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  368.773420][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  368.787471][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  368.805500][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  368.831394][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  368.866491][T12682] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  368.908658][T12933] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2089'.
[  368.991512][T12939] bridge0: port 3(syz_tun) entered blocking state
[  369.004914][T12939] bridge0: port 3(syz_tun) entered disabled state
[  369.019977][T12939] device syz_tun entered promiscuous mode
[  369.082758][T12939] bridge0: port 3(syz_tun) entered blocking state
[  369.090260][T12939] bridge0: port 3(syz_tun) entered forwarding state
[  369.407928][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  369.436300][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  369.464071][T12682] 8021q: adding VLAN 0 to HW filter on device batadv0
[  369.927199][ T4257] Bluetooth: hci0: command 0x0419 tx timeout
[  369.952857][  T125] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  370.155709][  T125] usb 7-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  370.174525][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  370.182770][  T125] usb 7-1: New USB device strings: Mfr=223, Product=2, SerialNumber=3
[  370.202724][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  370.223887][  T125] usb 7-1: Product: syz
[  370.229641][  T125] usb 7-1: Manufacturer: syz
[  370.248185][  T125] usb 7-1: SerialNumber: syz
[  370.265468][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  370.273101][  T125] usb 7-1: config 0 descriptor??
[  370.285208][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  370.292102][  T125] ch341 7-1:0.0: ch341-uart converter detected
[  370.322317][T12682] device veth0_vlan entered promiscuous mode
[  370.350523][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  370.363040][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  370.413994][T12682] device veth1_vlan entered promiscuous mode
[  370.464889][T13004] netlink: 'syz.1.2104': attribute type 1 has an invalid length.
[  370.540221][T13004] device bond1 entered promiscuous mode
[  370.603104][T13004] 8021q: adding VLAN 0 to HW filter on device bond1
[  370.627233][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  370.656830][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  370.700783][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  370.743188][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  370.770858][T13008] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2104'.
[  370.816737][T13008] device batadv1 entered promiscuous mode
[  370.833671][T13008] 8021q: adding VLAN 0 to HW filter on device batadv1
[  370.844669][T13008] bond1: (slave batadv1): making interface the new active one
[  370.869498][T13008] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  370.890989][T12682] device veth0_macvtap entered promiscuous mode
[  370.926985][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  370.948086][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  370.982641][T12682] device veth1_macvtap entered promiscuous mode
[  371.040548][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.070966][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.091744][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.137224][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.159002][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.191978][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.226207][T12682] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.257928][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  371.300480][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  371.341718][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.366904][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.392945][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.423642][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.445367][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.476788][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.509945][T12682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.521292][T12682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.543914][T12682] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.569936][T12682] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.595806][T12682] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.612122][  T125] usb 7-1: ch341-uart converter now attached to ttyUSB0
[  371.626248][T12682] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.636880][T12682] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.656603][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  371.688571][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  371.830484][ T6517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.838996][ T6517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.866292][  T125] usb 7-1: USB disconnect, device number 4
[  371.889623][  T125] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  371.891204][ T6514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.924914][ T6513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  371.928787][  T125] ch341 7-1:0.0: device disconnected
[  371.954038][ T6514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.006920][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  372.495518][T13072] loop8: detected capacity change from 0 to 2048
[  372.524218][T13072] EXT4-fs: Ignoring removed mblk_io_submit option
[  372.600505][T13072] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  372.821614][T13072] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.2119: bg 0: block 234: padding at end of block bitmap is not set
[  372.860126][T13072] EXT4-fs (loop8): Remounting filesystem read-only
[  373.161203][T12682] EXT4-fs (loop8): unmounting filesystem.
[  373.340144][T13118] loop8: detected capacity change from 0 to 64
[  373.486519][T13118] hfs: invalid btree extent records
[  373.503096][T13118] hfs: unable to open extent tree
[  373.508203][T13118] hfs: can't find a HFS filesystem on dev loop8
[  373.735969][T13138] loop6: detected capacity change from 0 to 512
[  373.793310][T13138] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  373.809922][T13138] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  373.909350][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2143'.
[  373.971378][T12166] EXT4-fs (loop6): unmounting filesystem.
[  374.830394][T13189] overlayfs: failed to decode file handle (len=7, type=251, flags=0, err=-22)
[  375.475620][T13228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2167'.
[  375.919604][T13245] 9pnet_fd: Insufficient options for proto=fd
[  376.075234][T13223] loop8: detected capacity change from 0 to 32768
[  376.105292][T13223] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop8 scanned by syz.8.2164 (13223)
[  376.144466][T13223] BTRFS info (device loop8): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  376.171495][T13223] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  376.180201][T13223] BTRFS info (device loop8): force zlib compression, level 3
[  376.216003][T13223] BTRFS info (device loop8): max_inline at 4096
[  376.222345][T13223] BTRFS info (device loop8): using free space tree
[  376.423853][T13223] BTRFS info (device loop8): enabling ssd optimizations
[  376.509407][   T26] kauditd_printk_skb: 30 callbacks suppressed
[  376.509423][   T26] audit: type=1800 audit(1734133524.079:147): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2164" name="file1" dev="loop8" ino=260 res=0 errno=0
[  376.605218][   T26] audit: type=1800 audit(1734133524.163:148): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2164" name="file1" dev="loop8" ino=260 res=0 errno=0
[  376.729580][T12682] BTRFS info (device loop8): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  377.619128][T13327] syz.8.2185[13327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  377.619222][T13327] syz.8.2185[13327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  377.635011][ T4261] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  377.655584][ T4261] Bluetooth: hci0: Injecting HCI hardware error event
[  377.667438][ T4261] Bluetooth: hci0: hardware error 0x00
[  377.695859][T13332] Bluetooth: MGMT ver 1.22
[  377.796005][T13327] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  378.450243][T13329] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  379.273797][T13380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2203'.
[  379.307930][T13380] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2203'.
[  379.375317][T13388] loop6: detected capacity change from 0 to 512
[  379.618125][T13388] EXT4-fs error (device loop6): ext4_do_update_inode:5224: inode #16: comm syz.6.2205: corrupted inode contents
[  379.647186][T13388] EXT4-fs error (device loop6): ext4_dirty_inode:6089: inode #16: comm syz.6.2205: mark_inode_dirty error
[  379.689900][T13388] EXT4-fs error (device loop6): ext4_do_update_inode:5224: inode #16: comm syz.6.2205: corrupted inode contents
[  379.726406][T13388] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #16: comm syz.6.2205: mark_inode_dirty error
[  379.782208][T13388] EXT4-fs error (device loop6): ext4_do_update_inode:5224: inode #16: comm syz.6.2205: corrupted inode contents
[  379.855124][T13388] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  379.897047][T13388] EXT4-fs error (device loop6): ext4_do_update_inode:5224: inode #16: comm syz.6.2205: corrupted inode contents
[  379.931258][T13388] EXT4-fs error (device loop6): ext4_truncate:4311: inode #16: comm syz.6.2205: mark_inode_dirty error
[  379.976945][T13388] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  380.028127][T13388] EXT4-fs (loop6): 1 truncate cleaned up
[  380.052224][ T6523] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  380.067159][T13388] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  380.091018][ T6523] EXT4-fs error (device loop6): ext4_release_dquot:6824: comm kworker/u4:16: Failed to release dquot type 1
[  380.109536][T13388] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.164136][   T26] audit: type=1800 audit(1734133527.493:149): pid=13388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2205" name="bus" dev="loop6" ino=18 res=0 errno=0
[  380.243745][T13388] EXT4-fs error (device loop6): ext4_ind_map_blocks:604: inode #19: comm syz.6.2205: Can't allocate blocks for non-extent mapped inodes with bigalloc
[  380.438714][T12166] EXT4-fs warning (device loop6): ext4_dirblock_csum_set:427: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  380.473083][T12166] EXT4-fs warning (device loop6): ext4_dirblock_csum_set:427: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  380.550826][T13440] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2223'.
[  380.569155][T12166] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  380.600804][T12166] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  380.617901][ T4261] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  380.624956][ T4261] ==================================================================
[  380.633041][ T4261] BUG: KASAN: use-after-free in set_powered_sync+0x36/0xb0
[  380.633242][T12166] EXT4-fs error (device loop6): ext4_acquire_dquot:6801: comm syz-executor: Failed to acquire dquot type 1
[  380.640234][ T4261] Read of size 8 at addr ffff88805648b218 by task kworker/u5:7/4261
[  380.640248][ T4261] 
[  380.640269][ T4261] CPU: 1 PID: 4261 Comm: kworker/u5:7 Not tainted 6.1.119-syzkaller #0
[  380.640286][ T4261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  380.640297][ T4261] Workqueue: hci0 hci_cmd_sync_work
[  380.640317][ T4261] Call Trace:
[  380.640333][ T4261]  <TASK>
[  380.640339][ T4261]  dump_stack_lvl+0x1e3/0x2cb
[  380.640364][ T4261]  ? nf_tcp_handle_invalid+0x642/0x642
[  380.640386][ T4261]  ? panic+0x764/0x764
[  380.640403][ T4261]  ? _printk+0xd1/0x111
[  380.640420][ T4261]  ? __virt_addr_valid+0x17f/0x530
[  380.640442][ T4261]  ? __virt_addr_valid+0x17f/0x530
[  380.640464][ T4261]  print_report+0x15f/0x4f0
[  380.724706][ T4261]  ? __virt_addr_valid+0x17f/0x530
[  380.729815][ T4261]  ? __virt_addr_valid+0x17f/0x530
[  380.734941][ T4261]  ? __virt_addr_valid+0x45b/0x530
[  380.740039][ T4261]  ? __phys_addr+0xb6/0x170
[  380.744532][ T4261]  ? set_powered_sync+0x36/0xb0
[  380.749374][ T4261]  kasan_report+0x136/0x160
[  380.753863][ T4261]  ? set_powered_sync+0x36/0xb0
[  380.758702][ T4261]  set_powered_sync+0x36/0xb0
[  380.763366][ T4261]  ? get_supported_settings+0x2b0/0x2b0
[  380.768910][ T4261]  hci_cmd_sync_work+0x224/0x400
[  380.773834][ T4261]  ? process_one_work+0x7a9/0x11d0
[  380.778931][ T4261]  process_one_work+0x8a9/0x11d0
[  380.783859][ T4261]  ? worker_detach_from_pool+0x260/0x260
[  380.789477][ T4261]  ? _raw_spin_lock_irqsave+0x120/0x120
[  380.795011][ T4261]  ? kthread_data+0x4e/0xc0
[  380.799504][ T4261]  ? wq_worker_running+0x97/0x190
[  380.804511][ T4261]  worker_thread+0xa47/0x1200
[  380.809173][ T4261]  ? release_firmware_map_entry+0x186/0x186
[  380.815085][ T4261]  ? _raw_spin_unlock+0x40/0x40
[  380.819951][ T4261]  kthread+0x28d/0x320
[  380.824019][ T4261]  ? worker_clr_flags+0x190/0x190
[  380.829032][ T4261]  ? kthread_blkcg+0xd0/0xd0
[  380.833609][ T4261]  ret_from_fork+0x1f/0x30
[  380.838020][ T4261]  </TASK>
[  380.841027][ T4261] 
[  380.843333][ T4261] Allocated by task 13332:
[  380.847726][ T4261]  kasan_set_track+0x4b/0x70
[  380.852311][ T4261]  __kasan_kmalloc+0x97/0xb0
[  380.858969][ T4261]  mgmt_pending_new+0x61/0x240
[  380.863717][ T4261]  mgmt_pending_add+0x32/0x120
[  380.868460][ T4261]  set_powered+0x315/0x510
[  380.872859][ T4261]  hci_mgmt_cmd+0x9f9/0xf00
[  380.877366][ T4261]  hci_sock_sendmsg+0x797/0x1170
[  380.882284][ T4261]  sock_write_iter+0x394/0x4e0
[  380.887040][ T4261]  vfs_write+0x857/0xbc0
[  380.891266][ T4261]  ksys_write+0x19c/0x2c0
[  380.895581][ T4261]  do_syscall_64+0x3b/0xb0
[  380.899983][ T4261]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  380.905862][ T4261] 
[  380.908168][ T4261] Freed by task 4261:
[  380.912128][ T4261]  kasan_set_track+0x4b/0x70
[  380.916708][ T4261]  kasan_save_free_info+0x27/0x40
[  380.921714][ T4261]  ____kasan_slab_free+0xd6/0x120
[  380.926721][ T4261]  __kmem_cache_free+0x25c/0x3c0
[  380.931644][ T4261]  settings_rsp+0x2b8/0x380
[  380.936130][ T4261]  mgmt_pending_foreach+0xc9/0x120
[  380.941225][ T4261]  __mgmt_power_off+0x10e/0x410
[  380.946056][ T4261]  hci_dev_close_sync+0x5d4/0xfc0
[  380.951066][ T4261]  hci_error_reset+0x12c/0x3c0
[  380.955817][ T4261]  process_one_work+0x8a9/0x11d0
[  380.960740][ T4261]  worker_thread+0xa47/0x1200
[  380.965399][ T4261]  kthread+0x28d/0x320
[  380.969449][ T4261]  ret_from_fork+0x1f/0x30
[  380.973852][ T4261] 
[  380.976158][ T4261] Last potentially related work creation:
[  380.981851][ T4261]  kasan_save_stack+0x3b/0x60
[  380.986517][ T4261]  __kasan_record_aux_stack+0xb0/0xc0
[  380.991873][ T4261]  kvfree_call_rcu+0x116/0x8c0
[  380.996620][ T4261]  cfg80211_update_known_bss+0x16b/0x9e0
[  381.002239][ T4261]  cfg80211_bss_update+0x187/0x2280
[  381.007426][ T4261]  cfg80211_inform_bss_frame_data+0xae4/0x1680
[  381.013574][ T4261]  ieee80211_bss_info_update+0x847/0xf00
[  381.019193][ T4261]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2dd0
[  381.025330][ T4261]  ieee80211_iface_work+0x7aa/0xce0
[  381.030513][ T4261]  process_one_work+0x8a9/0x11d0
[  381.035437][ T4261]  worker_thread+0xa47/0x1200
[  381.040135][ T4261]  kthread+0x28d/0x320
[  381.044183][ T4261]  ret_from_fork+0x1f/0x30
[  381.048588][ T4261] 
[  381.050895][ T4261] Second to last potentially related work creation:
[  381.057455][ T4261]  kasan_save_stack+0x3b/0x60
[  381.062120][ T4261]  __kasan_record_aux_stack+0xb0/0xc0
[  381.067474][ T4261]  kvfree_call_rcu+0x116/0x8c0
[  381.072224][ T4261]  cfg80211_update_known_bss+0x16b/0x9e0
[  381.077843][ T4261]  cfg80211_bss_update+0x187/0x2280
[  381.083032][ T4261]  cfg80211_inform_bss_frame_data+0xae4/0x1680
[  381.089171][ T4261]  ieee80211_bss_info_update+0x847/0xf00
[  381.094791][ T4261]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2dd0
[  381.100926][ T4261]  ieee80211_iface_work+0x7aa/0xce0
[  381.106106][ T4261]  process_one_work+0x8a9/0x11d0
[  381.111027][ T4261]  worker_thread+0xa47/0x1200
[  381.115687][ T4261]  kthread+0x28d/0x320
[  381.119735][ T4261]  ret_from_fork+0x1f/0x30
[  381.124138][ T4261] 
[  381.126446][ T4261] The buggy address belongs to the object at ffff88805648b200
[  381.126446][ T4261]  which belongs to the cache kmalloc-96 of size 96
[  381.140308][ T4261] The buggy address is located 24 bytes inside of
[  381.140308][ T4261]  96-byte region [ffff88805648b200, ffff88805648b260)
[  381.153388][ T4261] 
[  381.155692][ T4261] The buggy address belongs to the physical page:
[  381.162105][ T4261] page:ffffea00015922c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5648b
[  381.172237][ T4261] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  381.179780][ T4261] raw: 00fff00000000200 ffffea000083cfc0 dead000000000005 ffff888017c41780
[  381.188346][ T4261] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[  381.196905][ T4261] page dumped because: kasan: bad access detected
[  381.203303][ T4261] page_owner tracks the page as allocated
[  381.208999][ T4261] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 4253, tgid 4253 (kworker/0:3), ts 65376299043, free_ts 12431367553
[  381.228601][ T4261]  post_alloc_hook+0x18d/0x1b0
[  381.233349][ T4261]  get_page_from_freelist+0x3731/0x38d0
[  381.238876][ T4261]  __alloc_pages+0x28d/0x770
[  381.243448][ T4261]  alloc_slab_page+0x6a/0x150
[  381.248111][ T4261]  new_slab+0x84/0x2d0
[  381.252167][ T4261]  ___slab_alloc+0xc20/0x1270
[  381.256828][ T4261]  __kmem_cache_alloc_node+0x19f/0x260
[  381.262274][ T4261]  kmalloc_trace+0x26/0xe0
[  381.266675][ T4261]  dst_cow_metrics_generic+0x52/0x1b0
[  381.272030][ T4261]  icmp6_dst_alloc+0x2bf/0x470
[  381.276778][ T4261]  mld_sendpack+0x6b9/0xde0
[  381.281273][ T4261]  ipv6_mc_dad_complete+0x84/0x390
[  381.286372][ T4261]  addrconf_dad_completed+0x72e/0xcb0
[  381.291731][ T4261]  addrconf_dad_work+0xd8e/0x16b0
[  381.296745][ T4261]  process_one_work+0x8a9/0x11d0
[  381.301667][ T4261]  worker_thread+0xa47/0x1200
[  381.306329][ T4261] page last free stack trace:
[  381.310979][ T4261]  free_unref_page_prepare+0xf63/0x1120
[  381.316510][ T4261]  free_unref_page+0x33/0x3e0
[  381.321171][ T4261]  free_contig_range+0x9a/0x150
[  381.326005][ T4261]  destroy_args+0xfe/0x997
[  381.330410][ T4261]  debug_vm_pgtable+0x416/0x46b
[  381.335250][ T4261]  do_one_initcall+0x265/0x8f0
[  381.340003][ T4261]  do_initcall_level+0x157/0x207
[  381.344926][ T4261]  do_initcalls+0x49/0x86
[  381.349240][ T4261]  kernel_init_freeable+0x45c/0x60f
[  381.354423][ T4261]  kernel_init+0x19/0x290
[  381.358736][ T4261]  ret_from_fork+0x1f/0x30
[  381.363141][ T4261] 
[  381.365445][ T4261] Memory state around the buggy address:
[  381.371054][ T4261]  ffff88805648b100: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  381.379096][ T4261]  ffff88805648b180: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[  381.387137][ T4261] >ffff88805648b200: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  381.395174][ T4261]                             ^
[  381.400007][ T4261]  ffff88805648b280: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  381.408047][ T4261]  ffff88805648b300: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  381.416085][ T4261] ==================================================================
[  381.432231][ T4261] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  381.439448][ T4261] CPU: 1 PID: 4261 Comm: kworker/u5:7 Not tainted 6.1.119-syzkaller #0
[  381.447692][ T4261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  381.457754][ T4261] Workqueue: hci0 hci_cmd_sync_work
[  381.462973][ T4261] Call Trace:
[  381.466273][ T4261]  <TASK>
[  381.469207][ T4261]  dump_stack_lvl+0x1e3/0x2cb
[  381.473908][ T4261]  ? nf_tcp_handle_invalid+0x642/0x642
[  381.479383][ T4261]  ? panic+0x764/0x764
[  381.483463][ T4261]  ? vscnprintf+0x59/0x80
[  381.487801][ T4261]  panic+0x318/0x764
[  381.491705][ T4261]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  381.497872][ T4261]  ? check_panic_on_warn+0x1d/0xa0
[  381.502996][ T4261]  ? memcpy_page_flushcache+0xfc/0xfc
[  381.508381][ T4261]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  381.514370][ T4261]  ? _raw_spin_unlock+0x40/0x40
[  381.519235][ T4261]  check_panic_on_warn+0x7e/0xa0
[  381.524189][ T4261]  ? set_powered_sync+0x36/0xb0
[  381.529050][ T4261]  end_report+0x66/0x110
[  381.533302][ T4261]  kasan_report+0x143/0x160
[  381.537811][ T4261]  ? set_powered_sync+0x36/0xb0
[  381.542673][ T4261]  set_powered_sync+0x36/0xb0
[  381.547354][ T4261]  ? get_supported_settings+0x2b0/0x2b0
[  381.552908][ T4261]  hci_cmd_sync_work+0x224/0x400
[  381.557857][ T4261]  ? process_one_work+0x7a9/0x11d0
[  381.562976][ T4261]  process_one_work+0x8a9/0x11d0
[  381.567929][ T4261]  ? worker_detach_from_pool+0x260/0x260
[  381.573574][ T4261]  ? _raw_spin_lock_irqsave+0x120/0x120
[  381.579133][ T4261]  ? kthread_data+0x4e/0xc0
[  381.583655][ T4261]  ? wq_worker_running+0x97/0x190
[  381.588700][ T4261]  worker_thread+0xa47/0x1200
[  381.593397][ T4261]  ? release_firmware_map_entry+0x186/0x186
[  381.599316][ T4261]  ? _raw_spin_unlock+0x40/0x40
[  381.604179][ T4261]  kthread+0x28d/0x320
[  381.608255][ T4261]  ? worker_clr_flags+0x190/0x190
[  381.613334][ T4261]  ? kthread_blkcg+0xd0/0xd0
[  381.617935][ T4261]  ret_from_fork+0x1f/0x30
[  381.622371][ T4261]  </TASK>
[  381.625641][ T4261] Kernel Offset: disabled
[  381.629955][ T4261] Rebooting in 86400 seconds..