last executing test programs:

8m54.591045671s ago: executing program 1 (id=2):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000751c0110e60f00989ad1010203010902240001000000000904290202b48cbb0009050402100000fa000905820240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000480)=ANY=[@ANYBLOB="201019"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

8m50.86229931s ago: executing program 1 (id=27):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'pimreg0\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r4, r3, 0x25, 0x0, @val=@netfilter={0x1, 0x0, 0x7}}, 0x20)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

8m50.505082081s ago: executing program 1 (id=30):
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x11, 0x6c7, &(0x7f0000000a80)="$eJzs3U1oHPfdB/DvrFYv64CsJI7jBwLRk0BaampbFkrrXuyWUlwIJbjQnkUsx8Ky48pKcXKolbbQaw+9FtKDe2lPLaVQKBjSc3sLvYmeAoVecnJy6JSZnZVWyq5erFiS28/HjOb/MvOf3/zmbVdYTID/WZdPp/0gnVw+/drdqr52f3Zp7f7szW65tZRkPEkraXdnKW4lxQfJpXSn/F/V2AxXDNvOLxYvXPnw47WPurV2NsarfnSGB9jezV6sNlOmk4w0833YNN4bjzbe+EaxWM9MlbCXe4mDwzaapNzkByc3egYpR/oqQ6934MlRdJ+bfbrX/1RyLMlE74G22u1sHXyEO9rTvWj18cUBAAAAR8bxh/eSu5k87DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSdK8/79oplavPJ2i9/7/sb537I8dcrjDbR/ZRK/woHUQwQAAAAAAAADA4/Xiw/zmSllO9uplkdb3RppKp5m/nTtZaCdncjfzWclKljOTZKpvoLG78ysryzN5qa6d+LQsyzzVXTPLm9Y8P3DN87sMuLPfPQYAAAAAAACA/yoX58br+Y9zOZOHHQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPQrkpHurJ5O9MpTabWTTCQZq5ZbTf7WKz/JHhx2AAAAAHAAjj/Mw9zNZK9eFvV3/pP19/6JvJ1bWcliVrKUhVytfxfQ/dbfWrs/u7R2f/ZmNX123K//a6P8+8kdw6hHTPd3D4O3fKpeopNrWaxbzuSNvJWlXE2rXrNyqhfP4Ljeq2IqLnaVZcZ3k6Crzbza858386Nhqs7I6HpGzlWxFd08Pr19JvqPziNsaSat9d/8nBi+pXav0Mv5xW23Uvy7LLulY72W5Klv75zz0T3tzL5szcT5vrPv5PY5T77wh99+//rSrRvXi9XTR+c0GuTFwc3j/+gdoV4mulazkNm+TDy/60xcu3PEMzFUe1OtlefWy5fzrXw3pzOd17Ocxfww81nJQqbzzbo035zP1c+p7TN1aVPt9Z1iGmuOy8iWmP7/eHe+XUwv1etOZjHfyVu5moW8Wv87n5l8JXOZy4W+I/zcLu60rQFX/R+HB//yF5tCJ8nPmvnRUOX16b689t9zp+q+/pZWyubJ8swenkfb3xt7Nh5Z1ZH4Sd81ePjWMzGR9adEL7pnexkYHZiJX9W3lTtLt24sX5+/vWXcYnXw9l7J5t0/OjeS6nx5Zv0esfnsqPqeHdg3U/edWO9rbe37dWe9b6crdaz5DPfZkc7Xfc8n+WUTbdVXqe7hVd+pvvWqz1sTdd+nZVl2P28BcOQd+9Kxsc4/O3/tvN/5aed657WJb4x/dfyFsYz+ZfRr7XMjr7ReKH6X9/Oj7PwNHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NGdd969Mb+0tLC8pVCW5b0hXY+lkHayqeXPf+pbpn7XWJLdD1gtfamV1C3tNIW9BXbv0XbnvUdNwt+bY3IgCf9cChNDz5+thU/KsjzwCHvvatvz6mXjqOR5v4XeK7L2stah3I6AA3R25ebts3feeffLizfn31x4c+HWhbm5C+cuzL06e/ba4tLEYYcHPEb1s77+nHPYkQAAAAAAAAAAAAC7tbs/zinWW9p7/CsC/7MQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2K/Lp9N+kCIz586cq+pr92eXqqlX3ljykyStJMV0UnyQXEp3ylTfcMWw7awmVz78eO2jbq3dTPXyrf3vxWozZTrJSDMfYGJQY3lv2HhFPc7t4ePtUtFMI+stl/Y1HnxO/hMAAP//dfAMcQ==")
mknod$loop(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c678082004cb59d654cb9b1b165263bdbcef549ba197fce47ddfdd753abd950100172a00ffffff00f7ffffff000000f3e7f20000000200000000000600", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
unlink(&(0x7f0000000080)='./file1\x00')

8m49.920421196s ago: executing program 1 (id=33):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB="0201000000000010ac054182000000000001090224"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="fe4cecb210bc09", @ANYRESDEC=r1], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

8m48.779916343s ago: executing program 1 (id=36):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x18000, &(0x7f0000000080)={[{@journal_dev={'journal_dev', 0x3d, 0x8001}}, {@max_batch_time={'max_batch_time', 0x3d, 0x4a460f54}}, {@minixdf}, {@noload}, {@grpquota}, {@discard}, {@mblk_io_submit}, {@dax_never}, {@dioread_nolock}], [{@audit}]}, 0x80, 0x62d, &(0x7f0000000600)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4810, &(0x7f0000000040)=ANY=[], 0x11, 0x6ba, &(0x7f00000001c0)="$eJzs3c1vHVfdB/DvXF+/3FRy3TZN8zyqhGmkghqR2LFSCJsEhFCQKlSFBWurcRorTlocF6VdYBeQ2LLgDyiLsIEVCCEhIUUqa9hV7CxWlZDYdJV2waCZO9e+du71S1LbSfl8ornnnDkzZ37zm5f7ElkT4H/W5dNp30snl0+/dqdqr9+dW1q/O3ezV08ynqSVtLtFiltJ8WFyKd0p/1fNbIYrhm3nV4sXrnz0yfrH3VY7m+NVL53hAbb3shdrzZTpJCNN+Qi2jPfGw403vlktNjJTJexUL3Fw1EaTlFv86MRmzyDlSF9j6PUOPDmK7vtmn+71P5UcSzLRe0Nb63a2Dj/CXe3rXrR2cHEAAADAodntC/rT91eTO5k8pHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgC6F5/n/RTK1efTpF7/n/Y33P2B874nCH2zmyiV7l3m4PSAQAAAAAAACAJ8CX7ue3V8pystcui/r//F+qG8fr16fyTm5nIcs5kzuZz0pWspzZJFN9A43dmV9ZWZ7trflZWZZD1jw3cM1zewy483nsNQAAAAAAAAB8YVxsyp/mciaPOBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiiSEa6RT0d79Wn0monmUgyVi23lvy9V3+S3TvqAAAAAOAQPH0/93Mnk712WdTf+U/U3/sn8k5uZSWLWclSFnK1/i2g+62/tX53bmn97tzNanpw3G/9e7P+h8ldw6hHTPe3h8FbPlkv0cm1LNZzzuSNvJWlXE2rXrNyshfP4Ljer2IqLnaV5d4SdLUpqz3/ZVMepGLPW5iqMzK6kZGZZs0qG8/snIn+o/MQW5pNa+OXn+P7yPnFHbdS/Kd3TI715iRPfW/3nI/ua2ceyfZMnOs7+05sy8QDUX/lj7/74fWlWzeuF2unD/o0OhDj/9y8arZnYq4vEy/sfE70ZeLa7SczE9u18vxG/XK+mx/kdKbzepazmB9nPitZyHS+U9fmm/O5ep3aOVOXtrRe3y2Ksea4jGyL6ctPd8udYnqpWrcsy9V6yatZyKv1v3OZzddzPudzoe8IP7+Hq7414Kr/0/DgT321qXSS/KIpHw9VXp/py2v/PXeq7uuf00o53l3v2f3eG3e/Ftr/31SqI/Gzpnw8bGRiIhvvEr3onutlYHRgJn5d31ZuL926sXx9/u1t4xZrg7f3crbu/r5uJCP7WXi/qvPl2epg1a2tZ0fV99zAvtm67/hGX2t73286G31Tmcxivp+3hlypY81nuAdHOlf3vTCwb67uO9nXt/l567OyLLuftwB47B175dhY51+dv3U+6Py8c73z2sS3x78x/uJYRv86+s32zMjLrReL3+eD/CS7f0MHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2dfvd927MLy0tLG+rlGW5OqTrQCppJ1vm/OXPfcskqR8GtPcBq6UvtZJ6TjtNZX+BrT7c7rz/sEn4R3NMDiXhn0tlYuj5s73yaVmWj0fMe6mUjQPaRHWQj3pPXynLcsdljvKuBByGsys33z57+933vrZ4c/7NhTcXbl04f/7CzIXzr86dvba4tDDTfT3qKIGD0PcJHAAAAAAAAAAAAHhC7O2Pc4pH+9seAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdw+XTa91JkdubMTNVevzu3VE29+uaSnyZpJSmmk+LD5FK6U6b6hiuGbWctufLRJ+sfd1vtZqqXb+203t6sNVOmk4w05QATg2aWq8PGK+pxyrJcHTLeNsP2otjoqxJ2qpc4OGr/DQAA///ZJR9e")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x1f, 0x4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m48.015077918s ago: executing program 32 (id=36):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x18000, &(0x7f0000000080)={[{@journal_dev={'journal_dev', 0x3d, 0x8001}}, {@max_batch_time={'max_batch_time', 0x3d, 0x4a460f54}}, {@minixdf}, {@noload}, {@grpquota}, {@discard}, {@mblk_io_submit}, {@dax_never}, {@dioread_nolock}], [{@audit}]}, 0x80, 0x62d, &(0x7f0000000600)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4810, &(0x7f0000000040)=ANY=[], 0x11, 0x6ba, &(0x7f00000001c0)="$eJzs3c1vHVfdB/DvXF+/3FRy3TZN8zyqhGmkghqR2LFSCJsEhFCQKlSFBWurcRorTlocF6VdYBeQ2LLgDyiLsIEVCCEhIUUqa9hV7CxWlZDYdJV2waCZO9e+du71S1LbSfl8ornnnDkzZ37zm5f7ElkT4H/W5dNp30snl0+/dqdqr9+dW1q/O3ezV08ynqSVtLtFiltJ8WFyKd0p/1fNbIYrhm3nV4sXrnz0yfrH3VY7m+NVL53hAbb3shdrzZTpJCNN+Qi2jPfGw403vlktNjJTJexUL3Fw1EaTlFv86MRmzyDlSF9j6PUOPDmK7vtmn+71P5UcSzLRe0Nb63a2Dj/CXe3rXrR2cHEAAADAodntC/rT91eTO5k8pHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgC6F5/n/RTK1efTpF7/n/Y33P2B874nCH2zmyiV7l3m4PSAQAAAAAAACAJ8CX7ue3V8pystcui/r//F+qG8fr16fyTm5nIcs5kzuZz0pWspzZJFN9A43dmV9ZWZ7trflZWZZD1jw3cM1zewy483nsNQAAAAAAAAB8YVxsyp/mciaPOBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiiSEa6RT0d79Wn0monmUgyVi23lvy9V3+S3TvqAAAAAOAQPH0/93Mnk712WdTf+U/U3/sn8k5uZSWLWclSFnK1/i2g+62/tX53bmn97tzNanpw3G/9e7P+h8ldw6hHTPe3h8FbPlkv0cm1LNZzzuSNvJWlXE2rXrNyshfP4Ljer2IqLnaV5d4SdLUpqz3/ZVMepGLPW5iqMzK6kZGZZs0qG8/snIn+o/MQW5pNa+OXn+P7yPnFHbdS/Kd3TI715iRPfW/3nI/ua2ceyfZMnOs7+05sy8QDUX/lj7/74fWlWzeuF2unD/o0OhDj/9y8arZnYq4vEy/sfE70ZeLa7SczE9u18vxG/XK+mx/kdKbzepazmB9nPitZyHS+U9fmm/O5ep3aOVOXtrRe3y2Ksea4jGyL6ctPd8udYnqpWrcsy9V6yatZyKv1v3OZzddzPudzoe8IP7+Hq7414Kr/0/DgT321qXSS/KIpHw9VXp/py2v/PXeq7uuf00o53l3v2f3eG3e/Ftr/31SqI/Gzpnw8bGRiIhvvEr3onutlYHRgJn5d31ZuL926sXx9/u1t4xZrg7f3crbu/r5uJCP7WXi/qvPl2epg1a2tZ0fV99zAvtm67/hGX2t73286G31Tmcxivp+3hlypY81nuAdHOlf3vTCwb67uO9nXt/l567OyLLuftwB47B175dhY51+dv3U+6Py8c73z2sS3x78x/uJYRv86+s32zMjLrReL3+eD/CS7f0MHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2dfvd927MLy0tLG+rlGW5OqTrQCppJ1vm/OXPfcskqR8GtPcBq6UvtZJ6TjtNZX+BrT7c7rz/sEn4R3NMDiXhn0tlYuj5s73yaVmWj0fMe6mUjQPaRHWQj3pPXynLcsdljvKuBByGsys33z57+933vrZ4c/7NhTcXbl04f/7CzIXzr86dvba4tDDTfT3qKIGD0PcJHAAAAAAAAAAAAHhC7O2Pc4pH+9seAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdw+XTa91JkdubMTNVevzu3VE29+uaSnyZpJSmmk+LD5FK6U6b6hiuGbWctufLRJ+sfd1vtZqqXb+203t6sNVOmk4w05QATg2aWq8PGK+pxyrJcHTLeNsP2otjoqxJ2qpc4OGr/DQAA///ZJR9e")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x1f, 0x4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m33.636253004s ago: executing program 4 (id=38):
mkdirat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x44)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)

8m33.490812552s ago: executing program 4 (id=97):
r0 = inotify_init1(0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x181)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x2000775)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2000, 0x1a8)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

8m33.020552079s ago: executing program 4 (id=100):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
sendto$inet6(r0, &(0x7f0000000280)="020409fcec07480200000000c52cf7c20675e005b02f0800eb", 0x19, 0x800, 0x0, 0x0)

8m32.552062387s ago: executing program 33 (id=100):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
sendto$inet6(r0, &(0x7f0000000280)="020409fcec07480200000000c52cf7c20675e005b02f0800eb", 0x19, 0x800, 0x0, 0x0)

7m20.388088671s ago: executing program 2 (id=524):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x33, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x6, 0x4, 0x9, '\x00', 0x1})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7m20.063702101s ago: executing program 2 (id=526):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0xfa0, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x2c}, @flat=@weak_binder={0x77622a85, 0x100, 0x2}, @fda={0x66646185, 0x9, 0x1, 0x2}}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

7m19.780473868s ago: executing program 2 (id=528):
socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@multicast1, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe, 0x4}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfc, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0)

7m19.603226478s ago: executing program 2 (id=530):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x800038, 0x7, 0x3, 0x180, 0x6, 0x10, 0xf1, 0x100000001, 0x1, 0xca0, 0xffffffffffffffff, 0x2000000002c, 0x4, 0x6, 0x0, 0xbd9], 0xffff1001, 0x43100})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x2000004, 0x0, 0x2004cb, 0x7ff, 0xa7c, 0x68ff, 0x7, 0x100008000000006, 0x803, 0x0, 0x9], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0xff, 0x42, 0x9, 0x75, 0x6, 0x36, 0x0, 0x2, 0xb4}, {0x100000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x21, 0x1, 0xa2, 0x5, 0x5}, {0x200000, 0xeeee0000, 0x9, 0x7, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe, 0x7}, {0xf000, 0x1000, 0xf, 0x3, 0x16, 0x7, 0xab, 0xb, 0xc, 0x9, 0xf7, 0x97}, {0xeeefa000, 0xdddd0000, 0x6, 0xa0, 0xb, 0x8, 0x1, 0xa0, 0x82, 0x2, 0x1, 0x7}, {0xeeee8000, 0x3000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x0, 0x40, 0x74}, {0xdddd0000, 0x25000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0xa1}, {0xeeee0000, 0x30}, {0x40000, 0x7}, 0xa0000039, 0x0, 0x4, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m19.298967926s ago: executing program 2 (id=532):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
setpgid(0x0, r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x275a, 0x0)

7m19.087486888s ago: executing program 2 (id=533):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x8001, @empty, 0x80000001}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x75)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)

7m3.991917846s ago: executing program 34 (id=533):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x8001, @empty, 0x80000001}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x75)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)

6m53.501577053s ago: executing program 6 (id=659):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xb, 0x1000}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x4, 0x8, 0x8, 0x0, r0, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r2, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)

6m53.248071238s ago: executing program 6 (id=705):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff90adedc4, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x10}}, 0x50)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000083c0)="c91443d5daaf04b192358b692f84d66c60492a57cffd585b0068ccde45d94ded1e86d3670791c21f8e0b2153d10d45d37b72ee2fa06ad61b0a9354045a8dae1bd1cfb49f3c11fe54c17eee632d95574681e6c472eb8a1beaf3a4b88561847a0a0f05fa4a26639d7e74a0c1c2790d6a59d4073b1c55539b7c21b8550efbd5f835c56642f4be57d170e36a6bf3a995f418554f0cab342769089d0777b28daad5c0c4ba56a0bd6c0515d9bf488fdcf49a9a7bbfcf5ad78733f8119f2568daefbd0985a9916c0d048e38765cc7bb1c82e0f3c81d98e7179ec782331bc3cfb2caf58a99668420795e6a00ef41dcf5283bbb61ebaedbb7a675be4fb2d11c31f9b76936d1112c68978c73f42e145b094490d748c1456a14c23fe25e2fdaeaaa7dc0d35dcc9bbfe86361f99f4d04090d1e66aa9714ee9f4608ad66c60f500bf06a1b5b90fbe2f6c42c4b5f337393b0bb201473712c48f898c514fff84c46b50d3aaf44578f41d312bb5a73526db7818617dcb938ebdb17f92423ca2cf7ea2c611483e0baff012fd97e28558317049e4fe2d27f72796d7260b33900cd61f984c087d3c54f6aa11e389a49069ef99ca86c279598b42dd3485f09fc7e119f707438498316cf2f2bc8a293eeb1a35635989327d4f6c9ba6b2d5b9b8ee89a1e13d538b954479663223bb704af6a63ee497734410ea43bfdb0ad3708cb7155df2432c44e8468a7b77b807d345c9b94fedadfdeba12f4b6d11d16fd6dd5fff6cf896d0f40785ffca538dae61d8a5ffee814e96628cd945553e788b8d915762ca3b40124149b3c186ddd5f7af5b75f4725444f2f7e54b999c93e8c5fd4d4fbd7a3b3d7e85df3053c866f1dd247cac6912ed8b0e491101ca5a0b999a21014b573ba3996c76065c9d8bebf431f8be6435837193efd6e5a565b2ced30d04355435f166b09f9dc91ee50412d0daf72b28ec14c505cb155de1a46362f140ac2b633fa42b12109f0a29fa8ba271d6fc2a77af3b16032ee46b3ddead76a481ef52f6bd25cab4494681f0abc2ffc60ebb36cffcc058a067fcdae6c9de670cd6fde6eb8086a65fc05df17cf69f654516ba30ee04a1427b40fb8e81fe46787d557046854ad342442bacd781c7a6063892402fb0d765397448991206b28193e20f285e50d9219ace39b311e572ebcd80702164315656e7fa92960d0fd28c6489406f0b3061218417548e7e78b8aaaf5a623eb47c92aebfebd1c78343bc781f184e0122a28f56b18832da5646ee8405fa2fc040ab30377c447b42d0bfdddc65e064ccdf1ad52a94309a819caeb523e22b25d1ba288b7f2c726290d50021b9839c5d3c471aadb08025d97619935a9880942cf653508a0b2c43838e5aada8b84d22042928dd372dedec14672266ddceb0744c7464ab282d7fbfb2767e891832aa25d1425b33a60c6894a8d5292fdd73e05a868b8e50cb1a412d1249a77ccfc3d3eb35a67221f80bb8960fd93ceb74e102f2a6946b50caae3ccb86a8ec441d6e58dbf24b3eb962c8a28cffeded9b7cf4a54f524a1ef49fbdc91e125aad65a54df6a0f10cd8799f48aa144f7aec977b4a347c5c9628c4805ecf71f305adc9e5ca7c1f313f9ea3e99b3590efd94d831e1ff5cd7a26b72281109547facfa3abac2cfc9177b117a3757b778e95b5069236abb25d8fb032c38d296f87388fdd364b491cb828732177a2c6bcaaf831d138c898bb60c0d9d8a02d8b4b8e7efa87d3ed66221ac52e31ba9c2da488b999eaf82994bc8f1ac29d5e60b8b1cdc30a1c9829aca1cd7881c8aaac9ede0f5d8b85538d2b13751cfc6b37587b0223b9f6b6dd9340753106b1eecdf4f63c51cc2c63a1f86235bad7602e115d1e0ed78a6b170b88eb9584d2098b187695627612189998171d245797391b2b79bb690a79dac4b769e3f18c4d49359f7b460d997c03c793f51a830d5b21faed2ae1c3eb0fce0cdadde3c789ec931b6397c2a2fb2eda87756fec031e5f50f07619130f8e39f1e00004a1f204e5d87780542bdedf0b1ca5168779ad7cb2ebf27e0a5d760a2492b4d92eab24f2bc9af0a3e51140c415a6f885d0faa38ee6dcffc41652b28e628b859db0e7a0f961e37c5806df137e68c5316667f36051eb05c971e208721fdb8a49b8c49f85114be9dd7288f4e95c5f6fb8c1bc1bc7d79f32ba5419d90130a0328ba70d10c770a1540718f7d890dba9c39a116623d492275a1268c91149bfe026ca1c6a458449d4004d653f4b0a234eacd1f4da495fd1f936b4b335f64514fc8091b1dab132f599e26cb127e25011efa30a922b5a3e8807db9a00a9cc732fd323708767c905c8a3cd53e2e8d377d3b43cb971cbd0e66e2e47f3d601d49e29941b2ea4d3c8b7f5698e1a633ebba00f6c178d6d04b9f1544f04cd173e2d49f129a8725a647e1a9e798b5581c6a461b585012a302353178188e55f8102a49343c9c370ee505d09e4be8580d95f5bf39267b00e93adb6b52b2029160d78ac271e4e0c70ed835484e80302b93efd599707d4d22c806476fd04d18ebd6a9bf88c11dc2c96041ac8c3e04ac0aa5d2ac6740972717b543fb871884a7a0434a433571fd621977777984ea9c06914be966da9f349cb1ef3a116c49f0c716eae1df118cd3d5b350b917c06d853c1e1514213f5a29071e42eecee264ff20529c53c3a060a18a680ade2a08b4549e6998f06e61e4f4c36d578e9ad83dd38d1eeb100e7ab023edb38426d5165b867b9507a6b644aa0322da335b208105f2e74a9841ea7c629ea20cef740f6364e9d84a4485d3bb6b5f4e14c7764f78b65c0647870638a8f618381ec0823faed0424a448f753a59fb22e5138e0ca537b6935befb99fc6eea2d9457c01345afbbaaf3a7a96a39478b222af322f86730d137c3f570b38c7363bb9a89bb4b3b8979b9afd232927becbc91c8d4a276febe47bacd4a84c0bfdd54e685080f2c3be0b1e37bc6d21b13b7b1bfd507880f6ad7fa39bf99eaf6b7088d758d9383e38326381088e9e3e792f75d682cf61cf1176953960b0e160b2a535495d52c28f14fa45ed7a3f91e219dcd05afdda2b7e6c1b742b29f6c5f62a040a5fe6606433fce7de757ed76372dfc0b1af9af10c0128bcd335eff1c6c9660b0893730c3ef8de6e50dba419b35d1766eb9a5dce4c2fa518f8e3e2a27855e04d06b89e97578a4406ac03f3314575143db5e43ae3d03a7e90a590b4c188a5acbe1cf23cd4cf60ca98248d4e740122a55ac6e463511b4c4cd47040aafc0bed7878348a4caad4d977671cf4ac319773767ee28f8ccc4c9deae531b029eff5345470f20865549b2f2c4089306304e13e42ca37fbca6839bbcd2f10bd20c81d44ab73ad5ffcc55f51b53efb00d3c68d8d8505e005247ba23e86a803b199f36447fd01f192994b2fa27c9db59ae66b56b30c1ae5cd717407068a9b13ca941b82db254f4ecdbd1751a3f8f1061031bb41af5c04a33ffc98509f456830cf3c94c14451f04d84844e41c618e82958710d07daeba666329b914f2cc7c1d34ffbf6b50620b7c78c25c5d82a5aadcc4d824b3b68c34231fa7c0befe5241c447f90111c55848feed9d1ee67f61095ec2c0b4ac82f5cf169201516082a804c9d1775990d430d21bc65877041905caf385918f44191c134e493d960724b28f01e79fbf3b99eac1e75fbc8ab8dcfdd98b573fa6d7e6a6ead6b15ed78e2a8d564f61d8c52be8104306c104146696e16c9e9bff79a5fc1d92326cf0f2ff5e5c5c252773f2bd2c554bc409aaec03055f71d439daebc1d8b06c9ca0e1fe4729e8e6119616e8fb861b1e2694d1df267cbc496ba4a87013c3317a16b4c1e369748507794a20ad06aad20e4dbfc1834d789d2a8e9395ddad33a74c6c7cf54e61e533cae228909536eba8020f0c3845d2063270cae4d8e8dd8cfe3f112c46751444546ced9f6434741656dcda2185be13eebcc0392c256f384fc16353e89cbdeef8fb2e3cadc1ed2142f3b6485dc2d540fe799d027413128f624aaf8bc1933d3a0e6a954931bfc914921dec7ec822a31ebb652d4f312ab4068cedc6203b0de98e60c5f82296a3482132b288ba0a8eabdd8ac40faf145928e7563dbcb14d0625c92b542860993bb0388d8390dae727ae4086d4de1b7fea9d79f4844374bcd67fa5e1a3a28cd6d8da3f171fcf9d13062bb149fde18917c6650cdfa2be8de33b556ad34fad454db13a446e8a7c40167117e884d874c786768975df0b201ea0077ba735d31d65a832dc122d13c6559601b83899af1f14808f55f077ad465ed61378c63abff3ad742691168fe1e31bfd0dbb9f43d364ddf0bb185f69e69110c9eb1ab808354fdd2cf571838d5ec63bac3d70ca40878dc3c3cea26adffd5a197206d7c80d6a86c202338e72f17dc7185e1df0cfefa9475a2156738f90c6410c1698d1a160fd396548323c796ec5dca3cd59e468ff6a14caf34b4fdb16f1c92acb6bff2e859f9de1266dea0d1828598319b40a3edef657be02188fc94490c1da088d3ec2f315d6b5bb2f262764b67ba321379f4c93bb3ef9bc7db0c0e5f1e680ebfa84463e904d5351ecf25d1d22a98f81f7a1fc4c4fee3934b7672661f0bcd94109706644d0fdac4b7933b5db2acf39b98c0a8106a7a757408404a4c299a077379458e2118fb0a53b798adc1b85d3eb20b539e572741b9855e44a545809f897dde06730145b5caefe9db1c321783450d25d38834532c3e372fa92a53ac9cb4330eaaf65fe1b69a66459058e02d20c6641b7d8edfa8e356baaeb011b61208ef36ed33235144c86d6ce65da89d66da06291d4acc05e3136559ab77a7c4ad229c5307b48ed642d96c28cd06c82dedd4a16ed90bceda81292120438fd5c47b7b41b2646fe0899643f896ddb2d11e7311f8a0cbb9bfa38106507e06f35b3052ad6b6a11ac5f0129bedc59d04aee3737ebbf10f97c80f1a4e3f51ac8ac4488ad9e3f685a7c0dd4074b07774f4efe4b9f2cba400ef49f73b12fc7d96d8f3283a1eaf8c003931fc24a9248e201ac31bb49226c37d535592e00308d86ba0765a7eda13b72686101d352fb959598038b8dec44a0f18e5c8ec089912d325880390ce5186d4585df46e5662987c164f0ccfb8f12f6144f91349051d3ffa35ba597d2b5920e279ca8e139dfe2ba9923c0190fd444c8bf12a627618791a8781d6b54470777e6a5dac8cb505ae1e534b0c3af7db010dd602b1459964e1e15a812f3b4c8038e6bc1dc568ba482ee4944582abeeda1ed012391706ddb1e0ce60efd15acde8283d3612de5d0cf76185ad3a1ce89488e1cea4009573b55a2766d100ecefc5d53c99876cfec65daea82f55cf9687ec70e45cfdba9fe69fc3a822c29ff4be34857bdcd4313fb23d1d01d8a79cbd0057eeb5c1c0b39f75d5a753a2e10bd0ebb91dab1312bdf1a984332d566ab56dfd838d285995bec8726c5d1358fe10b0b6aaa99b9d9b08894c1dbd06356e5c693ddebb9d8b306062defb160db9d8f02ae3df59697866f5adeb34c8c5b27b63b09675030f344197b3bff097b996819dec9059aaf5ec1a6c585a86d16528091543a9e6bca4d850b7963fd1e7d981814dedb165c1a6444ec0a21743a4de8845b386ad4e1e9c9f2873f6a353487d9a8f8f56ae1d0f69124ee56b5c2b2a48c78cc6ba6b313b889adf0acfaebb4e2dc71054a4992366a2b6ff1f5972d7d2f0e9e3b17d7fbe931f43871819dc6e6040ba239ebce2cfa424ff7344b8a880040321909dcd16956594f5d99fdd39ea5d7209b906d2601572c56c72db899f986185194fe5aab45f27d9ac12aa8600b3c2728ef2e589a6886d711edf4d7f95b2e10d9adde3009560ad754f9e7a52808720a973dc475f8177fd5b199b69925f03a44a8bd9f3c3369861802ce5ca4b40cb47d19e2e1bda1b054f16b66ac7b7c0e5205112e011d6957f1df50505003544631ff4385d8128d46838338930aebc0496348045a7c05abd7a56e1079947d3eb1c50e4d8be001d03d8973f8f08f2f21a415174173ccb90f7ab615be5036947e164a434c059637bfeebb8b9f2e87b9774a4595c71122c9fac74347488b9a054e2e7b9c45b7b12fcca0fe789db614c70d4149d44e50fb64aabccee7447288a5b865a60c2640171f89afecda2cb18b7ecea214bd32f43d5ff66e90741697d085f3ee9bfd8662a3cc570999bb151090160d3bf5bf1d85e896d66276cba7ed97f341f595b13c02ac2a1352aec7a5980de2c8f9d890951108947b7602dcf2bdd2aef680667572b87aadf7c54338492eae763df73e89e3c438c196da83d98bc65233a242e08894f2390d8714f0abb801d9e5c42f169555284b6cf079005b373e9938db71a93ee5945c2a43a06e3df580d372318b3d203503c6e968206d7db8116cca2f2a1fae7f5b5195bea92914d66516bc3ceb2d9dc4de59d0d52ab80910aba7ebb696c7deaddcf0fedf56e2a88c3496bb79897c6420a0ef1b03ad89c76b24f67ffd41c9227d464565457bb25f0b32c83e676b0a3284f2acbed39c6875871c5e866a8284f12e383f87f12dd9bbe3078c68b3711eaa9bc17a7ac8413a8ef486922eddf43f01625671b7c3d0a4c6c2dc38217b4135c8cb46df7d936aabfd253e95e0816dd1f92b257e2f96d2a259a320756ba77d99b709711326f2ea42def974d60f817a1f6779121dd32a1cb194c7809e4c8fd052ba357323436491ec45a49fa601ed373aadd2199e4483704fb2f4edd7bf2815b552fb84d09094cab9700b5125887ee508570217c16799bc11d9e3658de8d9812f30dc8078bbecaf887a6527686b026eea70229df1e61759adf19c1b96673419decb382ae29bd685c5f32120b2d56d3e97c9ef00a2c0598c2181b8fa53172312590a9549ff55dffb9070b042c74654b2ae56371b2a6bac8e2808a40fd5d6d0af184c035101394e347521467e0ddb962e0d63614cf1461ac7b9d744084e9f6f26c88d515dbb1b7392b8e9384b81f186224d5c09e266682d8044d8afb1bd6483962b03ed6884759d2647b8f174a6695a437a1f1aac3e6a2f8ca658ee8a8ae44a77393cec61a9f335a1e859825e73df4125828fbde19d3695125992ddb2826ffbc6c7cfbfdbae19ba864c4170c79cce408e8b280a7632c855d802029ebac8627fbd6fec1c3bd858411c969ca035992f2ab909c423158dffd0dd5a407b3e0c2d9b180440996e09e15f17b4e42f365371d9dd58c4609455253c44c2ba73f592e360ab5fcccdb6e90ae0c60ada9325c4824242c0d866e7dfbefe091067d5c7ff0432814f733591eb0096659738b34cfa8c6c988ec628f34fe08f31dc0156dc39866412932d045168f4f3a48f24fb3b884be1384845d496c3009626f1c41b0189e95c9055d24eb5a0390596f6ccf50d3727e607875a3b2cf076a277e12ac07ddc59da78ee16e1952706ac6a1a9ade80b867d889789c935d196cc4da67aa35ba80ef2077ee4dd69c5f31a0410f7fd0739303ddcdbff2f53e0a44ec5de0f062e533444bd946959a1d9c25b297b6fc7675ca4add9e24e8ff390e0375f3b15e1d3e8129007d743e384659f191bd23ffe02140fa64d5c6d75937b28d51afcaa9d207f57c878f2f54493025e9eff5b5ce0c997d11c9690262e38e1e83c7f1a0ed3f200d9d0472739d59dea3cc6e8783758e3e3201731cf27211267702594356345449b42fa64b64c6f00a8f26665524fe2208b1a7c5fbdc822ea611c1811526471e4f52ab5e3a43de8fd4eba2fb2796a206e348de9b0be78ded78204dc82d9e9adccbe408d7ff538aab3d663eab189927a9cd597388e8dc5063d2db42cd65415fa32d20288da017c9f94e788dfe7cc3a0f6b6ab06116ed3f72f3c048cb1e51abf308ed7169908d1ad5b7ab3a86a3316d164084f8d88c6f96142d888ccb158efa586015914c116db114aa82c44a55d4c33bd901dc34e820d3120d57def03ea4f01b263913cc02ca586b208506d149ef03a706fd5360a12b83acb7bf97ac1f1f85389d4fbfdcf38551e9dbce760a05e8e4023d85038570d3697b3e7de73aac9c7feb39b6ccd1a775c8ce01b08d7190e28866aa7bb8d0cff0fc45b452fcb6a290f98f4b5ec125224c8a93918b1f2888befba6de3d294ee1f13a9c56e92eaac0b8e6c6905e77a60ea7e1d1ed979b6b2606652e7d75750a065c57c7efb1ef5708719ef04e354bd861b15e0a1cbc7cfe65c8a3d9a2b790260d6e6eb60bd4e0fb3f040dfa27fa00797664122add0750a23a8b20fcd68b6be1e21620dda4bf0561f4c5ed74f41612a0676dcdbf669df3436cbf2ce253e69319e3ab36e6e6314f11e0d0882ee3d7f3d3b3dcfe3cd7f061e301369207545676e09801f9bc4bc4c3dcaf48e5320a4b3211051a7525868a0ac1278ed6fc9531ed89cf4205458acc05d5351bcab7ea50250b6cb4c6fdd0cd96f30cdc9a820f495d0a3e14eb6c493a85a87e3b7fb8e5f23431c3c5359f5802f1fc11ff71c3172c6b57b5587ab38579b79e328792edb7a81d60762bc6c88693a00712f811cab9b075a97535c904396dbd2fa0994ba9c9b06fe9c042cb6860d22844b94863bf7b68a1ab8639e4487b38d48e40da4a98dedd7d73ca4b575bf4c604a364a9247c2ea5e3b127ff42f9bce1d3d37c2428edab1708ebd71ac0e4a408a9c6eb97407a4a8b5e912e2c63fadd1abad9a772a96fc4666f7d2b604adbde6f1136de2adfe38994491ab0f34ff1fd20cb8034ad39aae4c5c0076da2e7a157764b770e1c5f35b6f323ce809b2e92be1345204021d74712368e0ef77056afd85f065bba085793c9b6950d3c3fc6c445afbdd5a80cf7b0bb13055fd486700be1500bdf8771e286a63962e56d4771ed5eefbf111ba7380f02d6f96eed174246820b73bd772689c072bb3d8e43ef96f5466dce5c9392e34b7176821d2f4df3dab4c6ef5e0238ffe61582812fdacc987fbb6d98cad5a2d7af0e4c8dd3f800cd75c38a515d4d4c7118c5f81c6f7504e7ae452370c56c4b7fb4daa65bf26919c12081485d09e9d142965320211f483ed2a0a6836fa2488a878eaf9653b0528c3680b75a1920a25b5c5c17548c7ceb9a1656a0cf6a404aec14f7ed8a1dcf8ed32e1cf94dc2f60b65aa102650b7a22d9e708c606ce8403ceb81434bd9938b2c4e5a8530a156a1df7d143b2da54071ba3e673ce11760f72c32273b7bcd9a48da2a6caeb4b782cf1c3a044c1731f3ad61ce32bbd0b52cbb187cb3ecc1e85a67ffe27cf86769a0d69fe293dd30f060b8a0f26ccd0287d0b8d941ee7410a7c6aa430add67c2dd60db292e24f294ce80b0321aaa4d054a6f5d9981e1d5e859b454f5005be082bd59baca5775eedb7994333c62c452ef7b2893e4d03a28c0e368928b4bdd6e31f52a83cd7e162975405fd128321e0a8e3e77fd93257b0c46b309e16203974382ced818faac3a02e74141e9ea36c4a1b98bd859fafce43b2984d856c832f61b1ca562cee96f5843adc14b35bec1ccdafedd214f1a344345373f3c9eccee8324950a23c3e77d55dbde9a7ac1b7804927affb8b0e1488dcd8919d227bd1f50a35abf25e3f120c25b0dfb4d85b4c2a2c69cf7047c76c45e4e901e7396140496f9a322c2c2ac777a27adff5a6daf32e852b1bac89f1086739a603cf0f6838f792351c08e38ab130e5a83aa5a4f2da19df131770a308d810eed0059a2e5546a2169b9d0119f6df7c18981f4b4f119c76fdaac031ce7551f25678b5c4d8815a7ea9565e63389fca6ea0bcd40e71ac72124113dc0041ce26a0c9979ff76d7f1f2c0cd2c16d8c7a36930b909ed7e2d4adfa8352b12b99bdcbc25b485f652539fab7ac983c1ae925967c15ba2345e45d6bafe13b3e9d7acf1a592422ea09c3a45f7fe24e235bd70b106cdaa665584e74cdaf9f39b804bc6c4e7f0bf572225acd4dfe010081b91c2d5970d4f43d2e1a0e05f84baaf50642991b3704034aed74572e6a4715b79276432d06660b39c989570fc0d5d0071a7c690658caee447370d3295db3b5dc625e697e1ca2675b5430b9969024835c7d001fbce86c5165c4fe8f2d46b883daaa3fbf42dc5cf61209379013896df740b9cc32638358ea8079a33f04197f650471086e67e5cf9779268d7973c73bbbde2f1c11e1a8e2b154aaa8b4b74f8a03f14ceb7afc4ba35e6620b7af89c969021d20cb260c1868f3fa432ce7e509db06001ae6540531b126c1e3a851acbf0a9c1354bece05c094d69d9bd87f99391e23306911383d2082997339daebd67d8a707c9b496a309b7921696f39a07864f31208802db7188881e346b41c34f4129fca9c6a13172a4dabfe791584d240fc03685057d53c08737aa1d486233318eb4545f2e8d18087705b9d3a7658564592f56aea3aee53d66c249988bf353853728553a1577062e24af533f47dc012ae90c5c085babc121be2993c063e203ab949a088041271ac0527c56edd4b7a87e98323a0137cd493aa05fe38d02754a66d89348b119e6200d5919bc366788eb67115fc57c4c1a9dd42c7411d6709ad82de8662a1849445b39beb2ba8f894860e41a054f61337179a9214b0884f3964c95ed2a4ab37de8038566bba76fbaa7502c0460558ff4bf4793ca68d78e50f384a81da4cfa23723747e906b82290e0b8ea07e3404bee0915800d4c3c07f94c43e7aafbc7a44d923de97963d0d1586bee06fc90aadbe5758fb9933ff7df346d62e082223741f5cb26ef953ca654ab983a72b30b296891c9e3f1ed5216b0e588eb25f5d4ccad6f96973cc2d26196bbd37c83266473071ccd84d9e3c74f22621e8bd60afa4bcad6c853c7591fe5d4298a954ea5006f682a7a65aeb26b230f3866a28a58bf532aca8fd5eaec64f442ac510a7df4114f00fd6ff7e02d77f8e72797222556959958c4c4d166c5af18a6e25588cac9871a3d5bb453889ff8d13db22024a997bf97a5afdf698b1deaff3101e27868d2de47b92c403ce82e15f3239d8923e8ca0c01e3781b5dd6121f57d2238dc3ff8a1bde3e371efd33838c552e43588042b360f55d7ca92f11987630364b263428e18601d7bf23f6432b3a9aa2c500cd9ac5f73cbe309443858a2806956b0cdcfc19904567bb1703641017c6199e768410e03d8ba603eb34249d567370202f39639ae8f6d52d9d5dbfc544c5b85ac8187095c63f1f613fe4af179fc5c837e6e0ccc21e62ac22ac045c4ac3b1ca6a4cbdbe29ea465240fc0aed1f0e086d7580bcf81d4e2a4d55a8e3bc57110e7cf1e1895df07974f0686dd2ea2b12bbfd64e7a9d0c62c662f0370e6ed495eeb2ee5029042147a1f2e5fcd6068b06567be893cb80e2cbb5fbb12847313811c13cf685698d5e2175959579e510279b9e959ac2c3f94fec653c6b521f8909d633ccedbc1109285ecbd52d27cd2891eaf354db2c966d1e3086718848433c12658fe7f6fbfef930b963139a63f6c4caee5a1964d3a038dd0db403c0a251d702c07a0fba4a3576ec6668a78e9e26efc6ad83a670a47608bf4207979bf196b3160c95e7ccc6406d46f529d34676b76d72396262e1448df051130a21484e0e977df1f7f0a259ac762eef9506877498b9998e1286d6294cf60b95352e81c3", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)={0x150, 0x0, 0x0, [{{0x4, 0x0, 0x28000, 0xfffffffffffffff8, 0x9, 0x10001, {0x4, 0x9, 0x4, 0xb, 0x6, 0x20000000002, 0x6, 0x1, 0x6, 0x1000, 0x4, 0x0, 0x0, 0x8001, 0x80000000}}, {0x1, 0x1, 0x1, 0x32540194, '\x00'}}, {{0x4, 0x0, 0x7ff, 0x7fffffffffffffff, 0xfff, 0x7ff, {0x3, 0x9, 0x3, 0x634, 0x5, 0x9, 0x2, 0x3ff, 0x7, 0x1000, 0xffffffff, r2, 0x0, 0x5, 0x3}}, {0xfffffffffffffffd, 0x2, 0x1, 0x300, '\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r3, 0x0, 0x0)

6m52.854841962s ago: executing program 6 (id=707):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB=',ro'])
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f00000004c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x9, 0xa, 0x99ea, 0x0, {0x3, 0xc4, 0x6, 0x3, 0x9, 0x80000000, 0x2, 0x9, 0x80007f, 0x6000, 0xa, 0x0, 0x0, 0x3, 0x7}}, {0x0, 0x4}}}, 0xa0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000080)={0xe0003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m52.340533022s ago: executing program 6 (id=713):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

6m52.179557261s ago: executing program 6 (id=717):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10f, 0x4})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000280)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x66642a85, 0x0, 0x0, 0x0, 0x40000000000002, 0x400070742a85}, @ptr={0x70742a85, 0x20000000, &(0x7f0000000580)=""/229, 0xe5, 0x2}, @fda={0x66646185, 0x9, 0x1, 0x3d}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

6m36.610601697s ago: executing program 35 (id=717):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10f, 0x4})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000280)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x66642a85, 0x0, 0x0, 0x0, 0x40000000000002, 0x400070742a85}, @ptr={0x70742a85, 0x20000000, &(0x7f0000000580)=""/229, 0xe5, 0x2}, @fda={0x66646185, 0x9, 0x1, 0x3d}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

22.319190087s ago: executing program 7 (id=1813):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
r2 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x29, 0x15, &(0x7f00000000c0), 0xb9)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, 0x0, 0x0, 0x10008095, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x6, 0x0)
r4 = socket(0x2b, 0x80801, 0x1)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r4, 0x29, 0x44, &(0x7f0000000040)={'IDLETIMER\x00'}, &(0x7f0000000080)=0x1e)
close_range(r0, 0xffffffffffffffff, 0x0)

21.338979395s ago: executing program 7 (id=1815):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6362, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f0000000180)="bad330fbc9b554000400004fcdf6", 0xe, 0x2000c005, &(0x7f00000001c0)={0x11, 0x1, r3, 0x1, 0xd8, 0x6, @local}, 0x14)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x4)

20.757489049s ago: executing program 7 (id=1818):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000140)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)

17.263630925s ago: executing program 7 (id=1820):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
socket$inet(0x2, 0x3, 0x30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, 0x0, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r4, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x20, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795", 0x5}], 0x2, &(0x7f0000000180)=[@ip_retopts={{0x10}}], 0x10}, 0x800)

17.248568105s ago: executing program 3 (id=1822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)

16.748814285s ago: executing program 0 (id=1823):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES16, @ANYBLOB="d81058c357d34b1e1b334deb6597aa756f36b6c8d8bed0ad6709442e674aecd3303d61370cba4bbf296b2a55aad551c35f8de560402a9aacd150974d703b97208852b0c2eca74757d331895cad7f2f93e063ac5502265b1e91479406e7e6382f9b2038995985fa956a2454a469428f6ee839584438795250f5df8e9f85a6185174366a2a14e1156340580a35b0e726531ce8156ffe7aa8c28e5c233ce263ce7a4644efb8bdffd47c6875f319775b3bc36edf54058cc29cbdf0f2cc6689fcf3030cdbfd", @ANYRES64, @ANYRES8, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x171, &(0x7f0000000580)="$eJzs281O4mAUxvGnwBSG+WKGmVkYFyYudCPlI5K400shUAmxqBE3EBd6BV6DV+XWC9CFO1diaFq/KG2ikRfh/9vwlicnHBannJBUABbWtlZkyZI9uljOFc6LlumWAEzJMHi9HwJYPOk70x0AMONmR7qSdH170lTaHtsPRvlpmKey4/mZtJQJciunr6/3iwtpLay38pH1+cf8W2S+vhp+/nf90E/9UkG/9UfFIG8F9Tn9f8cmBADA4rBUen55GZGX4upT2u14bnli/sXPKxNz28+rCXltYp7181LzwGvFtQkgQkqx4504/+mE+c8kzD8Ac3r9wV7D89wjDhzm/GDPRhszdci8uAOE/96N3jF8YwLw4Zzj7qHT6w82Ot1G2227+9Vyeau+WavUq46/2Tvx+z2Az+vp1990JwAAAAAAAAAAAAAA4K3+6p/pFgAAAABMyTSeNDL9HQEAAAAAAAAAAAAAAAAAmDcPAQAA//9W9x5W")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0)
recvmmsg(r4, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

16.352115068s ago: executing program 3 (id=1825):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@dmask={'dmask', 0x3d, 0x887}}, {@discard}, {@utf8}, {@umask={'umask', 0x3d, 0x4}}]}, 0x1, 0x1509, &(0x7f0000002a40)="$eJzs3AvUT9XWMPA511qbh6R/kvuaa27+yWWRJLkkySVJkpAQEpIkSZLkllsSkpB7kntI7iT3+y33JHklSRISEtY3VO/nnFO9nff9zjnO+z3zN8YaY017z/Wf2xx7//fez3ieb9oNqFinUrmazAx/DP9wi/6bXboAQAoA9AaAawAgAoBimYplurQ9ncYu/8WHiH+5WpOvdAXiSpL+p27S/9RN+p+6Sf9TN+l/6ib9T92k/6mb9F+IVG1q9mtl/LNG6AxwpWv4r8ff9/7/j8n7///N5Ps/dZP+p27S/9RN+p+6Sf9TN+l/6ib9//9GzTT/gyTpf+om/RciVfs3eAf9zxv4b1DDf3+k/Vf+zEAIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhPgXOBsuMwDw8wQhXOm6hBBCCCGEEEII8Y8T0l7pCoQQQgghhBBCCPHPh6BAg4EI0kBaSIF0kB6uggxwNWSEayAB10ImuA4yw/WQBbJCNsgOOSAn5AILBA4YYsgNeSAJN0BeuBHyQX4oAAXBQyEoDDdBEbgZisItUAxuheJwG5SAklAKSsPtUAbugLJwJ5SDu6A8VICKUAnuhspwD1SBe6Eq3AfV4H6oDg9ADXgQakItqA0PQR14GOpCPagPj0ADaAiN/kf5L0JHeAk6QWfoAl2hG7wM3aEH9IRe0BtegT7wKvSF16Af9IcB8DoMhDdgELwJg2EIDIW3YBgMhxEwEkbBaBgDb8NYeAfGwbswHibARJgEk2EKTIX3YBpMhxnwPsyED2AWzIY5MBfmwXxYAAthEXwIi+EjWAJLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAh/DVtgG22EH7IRdsBs+gT3wKeyFz2AffP7fzD/zN/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3oxFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksh+WwPJbHilgR78a78R6sglWwKlbFalgNq2N1rIE1sCbWxNpYG+tgHayLdbE+1scG2AAbYSNsjI2xCTbBZtgMm2NzbIEtsCW2xFbYCltja2yDbbAttsV22A7b4wv4Ar6IL+JL+BJ2xvKqK3bDbtgdu2NP7IW98BXsg6/iq/ga9sP+OABfx9fxDRyEp3EwDsGhOBTLqOE4Akciq9E4BsfgWByL43AcjscJOAEn4WScglNxKk7D6Tgd38eZ+AF+gLNxNs7FeTgPF+BCXISLcDGewSW4FJfhclyBK3EFrsY1uBrX4XpchxtxI27GzfgxfozbcBvuwB24C3fhJ/gJfoqfYj/ch/twP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4nsCTeAJP4Sk8jWfwLJ7Fc3gOz+N5vIgXL5386hKjjEqj0qgUlaLSq/Qqg8qgMqqMKqESKpPKpDKrzCqLyqKyqWwqh8qhcqlcihQpVrHKrXKrpEqqvCqvyqfyqQKqgPLKq8KqsCqiiqiiqqgqpm5VxdVtqoQqqZr60qq0KqOa+bLqTlVOlVPlVQVVUVVSlVRlVVlVUVVUVVVVVVPVVHX1gKqhumJPrKUudaaO6o911QCsrx5RDVRD9QY+qhqrQdhENVXN1ONqCA7GFqqxb6meUq3UCGytnlEj8VnVVo3Gdup51V69oDqoF1VH1cR3Up3VeOyquqlJ2F31UD1VLzUNK6hLHauoXlP9VH81QL2u5uIbapB6Uw1WQ9RQ9ZYapoarEWqkGqVGqzHqbTVWvaPGqXfVeDVBTVST1GQ1RU1V76lparqaod5XM9UHapaareaouWqemq8WqIVqkfpQLVYfqSVqqVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqst6mO1VW1T29UOtVPtUrvVJ2qP+lTtVZ8lfr2AqwPqC3VQfakOqa/UYfW1OqK+UUfVt+qY+k4dVyfUSfW9OqV+UKfVGXVW/ajOqZ/UeXVBXVRBgUattNZbINJpdFqdotPp9PoqnUFfrTPqa3RCX6sz6et0Zn29zqKz6mw6u86hc+pc2mrSTrOOdW6dRyf1DTqvvlHn0/l1AV1Qe11IF9Y36SL6Zl1U36KL6Vt1cX2bLqFL6lK6tL5dl9F36LL6Tl1O36XL6wq6oq6k79aV9T26ir5XV9X36Wr6fl1dP6Br6Ad1TV1L19YP6Tr6YV1X19P19SO6gW6oG+lHdWP9mG6im+pm+nHdXD+hW+gndUv9lG6ln9at9TO6jX5Wt9XP6Xb6ed1ev6A76Av6og66k+6su+iuupt+WXfXPXRP3Uv31q/oPvpV3Ve/pvvp/nqAfl0P1G/oQfpNPVgP0UP1W3qYHq5H6JF6lB6tx+i39Vj9jh6n39Xj9QQ9UU/Sk/UU3fPXlWb8Hfnv/E5+358/fbPeoj/WW/U2vV3v0Dv1Lr1b79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cn9A/BgDQP+jT+ow+o3/U5/Q5ff7X/wMwaJTRxpjIpDFpTYpJZ9KbJABcbTKaa0zCXGsymetMZnO9yWKymmwmu8lhcppcxhoyzrCJTW6TxyTNDSavudHkM/lNAVPQeFPIFDY3/T/n/359V5kM5pf6GplGprFpbJqYJqaZaWaam+amhWlhWpqWppVpZVqb1qaNaWPamramnWln2pv2poPpYDqajqaT6WS6mC6mm3nZdDc9TE/Ty/Q2r5g+po/pa/qafqafGWAGmIFmoBlkBpnBZrAZaoaaYWaYGWFGmFFmlBljxpixZqwZZ8aZ8Wa8mWgmmslmsplqppppZpqZYWaYmWammWVmmTlmjpln5pkFZoFZZBaZxWaxWWKWmqVmuVluVpqVZrVZbdaatWa9WW82mo1midlitpitZqvZbrabnWan2W12mz1mj9lr9pp9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6Om5PmpDllTpnT5rQ5a86ac+acOW/Om4vm4qXbvkhFKjKRidJEaaKUKCVKH6WPMkQZooxRxigRJaJMUaYoc3R9lCXKGmWLskc5opxRrshGAC7iKI5yR3miZHRDlDe6McoX5Y8KRAUjHxWKCkc3RUWim6Oi0S1RsejWqHh0W1QiKhmVikpHt0dlojuistGdUbnorqh8VCGqGFWK7o4qR/dEVaJ7o6rRfVG16P6oevRAVCN6MKoZ1YpqRw9FdaKHo7pRvah+9EjUIGoYNfoHrp8ShXA662O+k+1su9iutpt92Xa3PWxP28v2tq/YPvZV29e+ZvvZ/naAfT0FAOwg+6YdbIfYofYtO8wOtyPsSDvKjrZj7Nt2rH3HjrPv2vF2gp1oJ9nJdoqdat+z0+x0O8O+b2faD+wsO9vOsXPtPDvfLrAL7SL7oV1sP7JL7FK7zC63K+xKu8qutmvsWrvOrrcb7Ea7yW62W+zHdqvdZrfbHXan3WV320/sHvup3Ws/s/vs53a//Q97wH5hD9ov7SH7lT1sv7ZH7Df2qP3WHrPf2eP2hD1pv7en7A/2tD1jz9of7Tn7kz1vL9iLNly6ub/09U6GDKWhNJRCKZSe0lMGykAZKSMlKEGZKBNlpsyUhbJQNspGOSgH5aJcdAkTU27KTUlKUl7KS/koHxWgAuTJU2EqTEWoCBWlolSMilFxKk4lqASVolJ0O91Od9AddCfdSXfRXVSBKlAlqkSVqTJVoSpUlapSNapG1ak61aAaVJNqUm2qTXWoDtWlulSf6lMDakCNqBE1psbUhJpQM2pGzak5taAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSJ+pEXagLdaNu1J26U0/qSb2pN/WhPtSX+lI/6kcDaAANpIE0iAbRYBpCQ+ktGkbDaQSNpFE0msbQGBpLY2kcjaPxNJ4m0kSaTJNpKk2laTSNZtAMmkkzaRbNojk0h+bRPFpAC2gRLaLFtJiW0BJaRstoBa2gVbSK1tAaWkfraANtoE20ibbQFtpKW2k7baedtJN2027aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6SSfpFJ2i03SaztJZOkc/0Xm6QBcpUIpL59K7q1wGd7XL6K5xfxtnc9ldDpfT5XLWZXFZ/yom51w+l98VcAWdd4VcYXfTb+ISrqQr5Uq7210Zd4cr+5u4srvHVXH3uqruPlfJ3f1XcTV3v6vuHnY1XD1X0z3iaruGro572NV19Vx9l9Y1cA1dc/eEa5Hyn8+4T/8SuyddS/eUa+WedgvcQrfGrXXr3Hq3x33qzrof3RH3jTvnfnKdXGfX273i+rhXXV/3muvn+v8mHurecsPccDfCjXSj3OjfxBPdJDfZTXFT3Xtumpv+m3iem+9mukVulpvt5ri5P8eXalrkPnSL3UduiVvqlrnlboVb6Va51f+31uVuo9vkNrvd7hO31W1z290Ot9Pt+jm+dBx73Wdun/vcHXZfuwPuC3fQHXWH3Fc/x5eO76j71h1z37nj7oQ76b53p9wP7rQ78/PxXzr2790Fd9EFB4ysWLPhiNNwWk7hdJyer+IMfDVn5Gs4wddyJr6OM/P1nIWzcjbOzjk4J+diy8SOmWPOzXk4yTdwXr6R83F+LsAF2XMhLsw3cRG+mYvyLVyMb+XifBuX4JJcikvz7VyG7+CyfCeX47u4PFfgilyJ7+bKfA9X4Xu5Kt/H1fh+rs4PcA1+kGtyLa7ND3Edfpjrcj2uz49wA27IjfhRbsyPcRNuys34cW7OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AHfpE78kvciTtzF+7K3fhl7s49uCf34t78CvfhV7kvv8b9uD8P4Nd5IL/Bg/hNHsxDeCi/xcN4OI/gkTyKR/MYfpvH8js8jt/l8TyBJ/IknsxTeCq/x9N4Os/g93kmf8CzeDbP4bk8j+fzAl7Ii/hDXswf8RJeyst4Oa/glbyKV/MaXsvreD1v4I28iTfzFv6Yt/I23s47eCfv4t38Ce/hT3kvf8b7+HPez//BB/gLPshf8iH+ig/z13yEv+Gj/C0f4+/4OJ/gk/w9n+If+DSf4bP8I5/jn/g8X+CLHBhijFWsYxNHcZo4bZwSp4vTx1fFGeKr4wshhER8bZwpvi7OHF8fZ4mzxtni7HGOOGecK7YxxS7mOI5zx3niZHxDnDe+Mc4X548LxAVjHxeKC8c3xUXim+Oi8S1xsfjWuHh8W1wiLhmXikvHt8dl4jvisvGdcbn4rrh8XCGuGFeK744rx/fEVeJ746rxfXHR+P64evxAXCN+MK4Z14prxw/FdeKH47pxvbh+/EjcIG4YN4ofjRvHj8VN4qZxs/jxuHn8RNwifjJuGT8Vt4qf/tPtXeKucbf45fjlOIR79Zzk3OS85PzkguTCRr9eUpJLkkuTy5LLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5KbkyFUSgsevfLaGx/5ND6tT/HpfHp/lc/gr/YZ/TU+4a/1mfx1PrO/3mfxWX02n93n8Dl9Lm89eefZxz63z+OT/gaf19/o8/n8voAv6L0v5Av7hr6Rb+Qb+8d8E9/UN/OP+8f9E/4J/6R/0j/lW/mnfWv/jG/jn/Vt/XP+Of+8b+9f8B38i76jf8l38p19F9/Fd/PdfHff3ff0PX1v39v38X18X9/X9/P9/AA/wA/0A/0gP8gP9oP9UD/UD/PD/Ag/wo/yo/wYP8aP9WP9OD/Oj/fj/UQ/0U/2k/1UP9VP89P8DD/Dz/Qz/Sw/y8/xc/w8P88v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/xev9fv8/v8fr/fH/AH/EH/pT/kv/KH/df+iP/GH/Xf+mP+O3/cn/An/ff+lP/Bn/Zn/Fn/oz/nf/Ln/QV/0Qc/JvF2Yv6vDR2fmJCYmJiUmJyYkpiaeC8xLTE9MSPxfmJm4oPErMTsxJzE3MS8xPxwTWJhYlHiw8TixEeJJYmliWWJ5YkViZWJEHJujUPukCckww0hb7gx5Av5Q4FQMPhQKBQON4Ui4eZQNNwSioVbQ/FwWygRSoZSoV6oHx4JDULD0Cg8GhqHx0KT0DQ0C4+H5uGJ0CI8GVqGp0Kr8HRoHZ4JbcKzoW14LrQLz4f24YXQIbwYOoaXQqfQOXQJXUO38HLoHnqEnqFX6B1eCX3Cq6FveC30C/3DgPB6GBjeCIPCm2FwGBKGhrfCsDA8jAgjw6gwOowJb4ex4Z0wLrwbxocJYWKYFCaHKWFqeC9MC9PDjPB+mBk+CLPC7DAnzA3zwvywICwMi8KHYXH4KCwJS8OysDysCCvDqrA6rAlrw7qwPmwIG8OmsDlsCR+HrWFb2B52hJ1hV9gdPgl7wqdhb/gs7Aufh/3hP8KB8EU4GL4Mh8JX4XD4OhwJ34Sj4dtwLHwXjocT4WT4PpwKP4TT4Uw4G34M58JP4Xy4EC6GIL+zJoQQQgjxd9B/sr3r7/yb+nVc0g0Art6W/dDfrrkhyy/zHmpPqwQAPNW5Xa3/HLVqdenS5dd9l2iI8swGgMTl/DRwOV4KzeAJaAlNocjv1tdDlUL+k/WTtwKk/4ucFLgcX17/5j9Yv978P11/NkC+PJdz0sHl+PL6Rf9g/V3N/2T9dF+MAWjyFzkZ4HJ8ef3C8Bg8DS3/ak8hhBBCCCGEEOIXPdS59n/2fHvp+TyHuZyTFi7Hf/Z8LoQQQgghhBBCiCvv2Rc6PPloy5ZN2/wyCZ1/niAAtHlWwV9ukslV/x5lyOR/5QT/jrMpZ8rvnpVXZHKlr0xCCCGEEEKIf7TLN/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL1+lf8ObErfYxCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA//8HQ1Z1")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x4)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x401, "5debca56de5667430241dbfaf876b2ff", 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

15.588576483s ago: executing program 0 (id=1826):
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$nvram(0xffffff9c, &(0x7f0000002000), 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000000000010811798080000000000010902"], 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
pipe2$watch_queue(&(0x7f0000000040), 0x80)
pipe2(&(0x7f0000000080), 0x4800)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}}, 0x0)

14.248180712s ago: executing program 0 (id=1827):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0xa1300)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x28c42)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3}, 0x5})

12.997494266s ago: executing program 0 (id=1829):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
socket(0x10, 0x80002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x1, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}}}, 0x108)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
accept4$unix(r2, 0x0, 0x0, 0x80000)

10.936443346s ago: executing program 3 (id=1831):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0), 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc010)
socket$inet6(0xa, 0x80002, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f000001b200)='net/netstat\x00')
read$FUSE(r2, &(0x7f0000019080)={0x2020}, 0x2020)

10.815700974s ago: executing program 3 (id=1832):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r5}, &(0x7f00000007c0), &(0x7f0000000640)=r4}, 0x20)

9.598547856s ago: executing program 3 (id=1833):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xf, 0x200cc, 0x6, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4af, r5}, 0x38)

8.499127921s ago: executing program 5 (id=1835):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r5, @in6={{0xa, 0x3, 0x4, @dev={0xfe, 0x80, '\x00', 0xf}, 0x8}}}, &(0x7f0000000040)=0x84)

8.427504174s ago: executing program 7 (id=1836):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x10000, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x3af4701e)

7.255463243s ago: executing program 5 (id=1837):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000b2b000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000280)="66b8000000000f23c00f21f8663500000c000f23f8640f0054f40f08bad104b009ee0f08d1b9050066b9390a000066b80000000066ba010000000f300fc7b60090f20f2c71481308", 0x48}], 0x1, 0x25, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000003c0)={'dummy0\x00', &(0x7f0000000180)=@ethtool_perm_addr={0x4b, 0x6, "4f27d9a3603a"}})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.392402003s ago: executing program 7 (id=1838):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r4, 0x0, 0x0, 0x40000020, 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x4e21, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2600fcffffbc43efa8698d0a881c51852e4451b57d037ad3c0459428242588eb17b53ae414015acd00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "743fcbb2c5e304000000000000dafe09"}}}}}}}, 0x0)

5.127065269s ago: executing program 5 (id=1839):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d00)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4870000002000000480000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44ae8a3a3641110bfc4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd5821124dcecb0c005d2a1bcf9436e101040000f73902ebcfcf49822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2ba7f1521b3ebb0cc52f49129b9b6150e320c9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e5efdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d255be1ed66d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3a9a7d85832f9acee4f1b56e9623128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcb02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184e5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8eae87691e6e365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca7a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c05000000000000000c4736c81936315418f26770cca4e2f89800d18c2a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41fa7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea0000000000000080ca02ee3686da707b56d8db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09832d4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e4acd27dfa82cafc6b64b1f4659834aecbed6d44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c20680c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea2417952cf6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0fb5bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905906e611be56e9eb0cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a068658e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b7cbe066c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b4907c49f604e5a92e3f9de595d31dd084adfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f7c6294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1ac225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf667fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b133b249b800a34b0942d97b55d808c41ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d947ffff0000eb38030d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57bdf4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6b93d28db8ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70c0860c1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd5d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e666e80f34d0adad1e2116bc385f888405d48f0d386da0cc6068018e45772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8957176578f44ffb8895fbd4e2a757a4249a855632ca30e09789811bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d6410000000400008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3bfb41cb630343b32ee5f9329dcaf33be8c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d934927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353c959fd965702f1cd5bcb3c16d4b8bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e006f09f5173e260b82f80ae10adebbf9f623f75bfd4d83c4859ca9b652cea33daeeef07b60c78a21965bcf91919071c7ded1ca0fbea5cbe54ee42fb6809317dc0b7587d9322f8cd09e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e64420f2f5fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538b011cb3928b4306301855c89afe795d881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8b57a2a35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406ba14bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da8646dc1379d1aceb72fd929e7de4e9620000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b0755d6be5afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c4468a4808ae562a6bb1ff447d6e12da22ee9f0422a84f361684861169f498909c4841f4d5a0fa3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb70042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45a4450753b576af95820540e1ac91a43954f0b1260fa3b351b5a424d2b2944866aff582486308aca33c9571d1928175737473eaba14c9818c05d57de4df75f08206c24f781a72f26159b0abf05a90364414c4be434323c0f1050494aed7d791966edcb89d555e9907222e9af2546f0d6f9e51d40e30c85bb10cef93aacbb2d1278ddfcb9c65fd6d55239b1b7097c262740c13c53937b6f11ca6d544789ad36df5721e198f3d7f3a70d987c534cd7ac8da762e6d8752637405ffc1399a79f6c266dda1593f18ea2fb93111c1416f5a07fd7d74f956b2f4f4f3e9bcc03613cfb2b89b42babeb5756a21af5d2f980f1eb505cee397fd4e2cf068804b31b8be623a04c103e0dd4f0c3626f6bffa8f9d597123da046692211f7ad0711469f4839d394ed227336c2394b9ba1c299e88bca4fd70723dcab03ed8de938a69c31cdb5dcc77df25bcae53d9f35125c9d19d6f948f29ed4cab2cff308f3d6230c0e1442f21163ed895e869bd37653abbf7ab3d48c15d8f4a99a1c84bfe7b76c0bb42cf72a1b871b6edf1ce441c720054ab2aaa9f1d7ce20f8827c967f61a4acffb1ffbe54dbf4b65f23f1e740412a6e90dbeaee4d177f7bd016ebf7aec4a80671f193d28eaf71043ca144f9dbdc8743d9dd16d17f87c8a84f66053460fa6de2a29c2ba81e4780689b03bb02c0249a645cb6282b91f7d0f412a823b81c8d6c39a4483efeaf68e6920255a38f3459b89eb3c1ebba6a1507dadd4e7bcbec4d5c6be67f2760ac557c71e79b79939d0f41ae12241b464390d2ff9c60d49c3cfb455ffa1a8cbe9df811bc8a917f2199884edcd83ff6978f9d1ddf702864330e896ef31c914685f74a4198d71b35fb3b6fe08d0bf6ede50ae5eea1633621f5b4ca1829d5525ff4e0b357e8dcc9026206d6ff395db6b034d6bdf697d0d05d79917684b1ba7153caee53f8769b72c566d8bf9545d857d6db6a9ad9f0d36d3bea290d73cbfd15044d245db5a8624a94555777cad157b12b98bbb1e4a71a3ca616c652fcf6c0354b96f20effea6bbbabe9287becc537db31fcca6216e63ac479f383a7de333167c0179b146806b71cbf473f05320a51373bcbf7cc2cde3e108bb8e2229ddb771c1bd8a0982cf85d01efcc572276f8dac8ce8cab40b409c8e9f9dc086ce70645d411be8563236eb1a5db6337e9d03c5cf3012eb1fe916038236df9cc3327fd0b4342f630e58d35fb5f635adcc92338f4d68ef91886b4392fd5b384600000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000003080102000000074441980000000000050003"], 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

3.846929204s ago: executing program 3 (id=1840):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000440), 0x0)
connect$unix(r1, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0xf08, &(0x7f00000003c0)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0})
r3 = socket$kcm(0xa, 0x2, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @private=0xa010102, 0x4e21, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0x8a010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x20076}, {@remote, 0x4e20, 0x4, 0x400cd}}, 0x44)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e26, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000080)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

3.757119129s ago: executing program 0 (id=1841):
r0 = getpgrp(0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x6004, 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)

2.508124403s ago: executing program 5 (id=1842):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412b", 0xf}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead", 0x51}], 0x2, 0x0, 0x0, 0x20000000}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000600)=""/129, 0x81}, {0x0}], 0x2}, 0x20)

2.506140403s ago: executing program 0 (id=1843):
syz_emit_vhci(0x0, 0xd)
syz_open_procfs(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x10004, &(0x7f0000000c80)=ANY=[])
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000200)="ac0c775772090000000000000061266339ab5c3d2d74627245ba39e20ad20ca53e83e21f5bc3b802a7cbb25c5cc253bede2a7c57f070af1db90d9a", 0x3b})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000001c0)='>', 0x1})
close(r3)

1.348594611s ago: executing program 5 (id=1844):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000140)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r5, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
tee(r4, r7, 0xfffffffffffffc01, 0xa)
read$FUSE(r6, &(0x7f00000002c0)={0x2020}, 0x2020)

0s ago: executing program 5 (id=1845):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70ad2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x10, 0x4}, {}, {0x8, 0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x3, 0xfff2}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000091}, 0x20000000)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x6fc84b579dfed949, 0x0)
close(r6)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)

kernel console output (not intermixed with test programs):

ess (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.774991][ T5990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.793688][ T5990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.826394][ T5990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.852830][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.897056][ T5990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.927696][ T5990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.951699][ T5990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.976472][ T5990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.008915][ T5990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.031948][ T5990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.045758][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.068888][ T5990] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.083042][ T5990] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.105196][ T5990] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.127525][ T5990] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.349698][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.381710][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.473073][   T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.507788][   T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.623802][ T6230] netlink: 'syz.0.93': attribute type 9 has an invalid length.
[  113.662430][ T6230] netlink: 32 bytes leftover after parsing attributes in process `syz.0.93'.
[  113.697785][ T6233] netlink: 'syz.2.94': attribute type 1 has an invalid length.
[  113.754984][ T6233] 8021q: adding VLAN 0 to HW filter on device bond1
[  113.821553][ T6236] bond1: (slave veth3): Enslaving as an active interface with a down link
[  114.118443][ T6233] batman_adv: batadv0: Interface deactivated: dummy0
[  114.155120][ T6233] batman_adv: batadv0: Removing interface: dummy0
[  114.208723][ T6233] bond1: (slave dummy0): making interface the new active one
[  114.219669][ T6233] dummy0: entered promiscuous mode
[  114.240124][ T6233] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  114.272499][ T6236] netlink: 'syz.2.94': attribute type 10 has an invalid length.
[  114.324164][ T6252] fuse: Bad value for 'fd'
[  114.338088][ T6236] netlink: 40 bytes leftover after parsing attributes in process `syz.2.94'.
[  114.410865][ T6236] bond1: (slave dummy0): Releasing active interface
[  114.577612][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.925790][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.219503][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.407101][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.829953][ T5780] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  115.850022][ T5780] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  115.868719][ T5780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  115.879311][ T5780] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  115.888202][ T5780] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  115.895923][ T5780] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  116.200949][ T6292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.109'.
[  116.808387][ T6282] chnl_net:caif_netlink_parms(): no params data found
[  117.084029][ T6312] loop3: detected capacity change from 0 to 4096
[  117.096807][ T6282] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.105640][ T6282] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.113036][ T6282] bridge_slave_0: entered allmulticast mode
[  117.120734][ T6282] bridge_slave_0: entered promiscuous mode
[  117.130163][ T6282] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.139274][ T6282] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.147908][ T6282] bridge_slave_1: entered allmulticast mode
[  117.165132][ T6282] bridge_slave_1: entered promiscuous mode
[  117.212219][   T28] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  117.402409][   T28] usb 3-1: Using ep0 maxpacket: 32
[  117.411133][ T6282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.444503][   T28] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[  117.459807][   T28] usb 3-1: config 0 has no interface number 0
[  117.469715][ T6282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.497968][   T28] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  117.513971][   T28] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.542208][   T28] usb 3-1: Product: syz
[  117.546594][   T28] usb 3-1: Manufacturer: syz
[  117.551267][   T28] usb 3-1: SerialNumber: syz
[  117.605268][   T28] usb 3-1: config 0 descriptor??
[  117.620503][   T28] asix: probe of 3-1:0.188 failed with error -22
[  117.761732][ T6282] team0: Port device team_slave_0 added
[  117.817017][   T12] hsr_slave_0: left promiscuous mode
[  117.866818][   T12] hsr_slave_1: left promiscuous mode
[  117.882754][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.890134][   T28] usb 3-1: USB disconnect, device number 2
[  117.921349][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.966772][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.992788][ T5776] Bluetooth: hci0: command tx timeout
[  118.001484][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.031370][   T12] bridge_slave_1: left allmulticast mode
[  118.047750][   T12] bridge_slave_1: left promiscuous mode
[  118.060600][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.088559][   T12] bridge_slave_0: left allmulticast mode
[  118.109810][   T12] bridge_slave_0: left promiscuous mode
[  118.123571][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.180624][   T12] veth1_macvtap: left promiscuous mode
[  118.202845][   T12] veth0_macvtap: left promiscuous mode
[  118.208597][   T12] veth1_vlan: left promiscuous mode
[  118.223189][   T12] veth0_vlan: left promiscuous mode
[  118.291943][ T6337] fuse: Bad value for 'fd'
[  118.599224][ T6343] loop3: detected capacity change from 0 to 128
[  118.688861][ T6343] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  118.703578][ T6343] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.758301][ T6343] fscrypt (loop3, inode 12): Direct key flag not allowed with different contents and filenames modes
[  119.012217][   T28] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  119.212207][   T28] usb 3-1: Using ep0 maxpacket: 16
[  119.233383][   T28] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  119.266787][   T28] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  119.277061][   T28] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  119.292261][   T28] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  119.301381][   T28] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.310004][   T28] usb 3-1: Product: syz
[  119.316627][   T28] usb 3-1: Manufacturer: syz
[  119.321297][   T28] usb 3-1: SerialNumber: syz
[  119.352619][   T12] team0 (unregistering): Port device team_slave_1 removed
[  119.394803][ T5774] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.446137][   T12] team0 (unregistering): Port device team_slave_0 removed
[  119.524911][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.623588][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.748609][   T28] usb 3-1: 2:1 : format type 0 is detected, processed as PCM
[  120.082362][ T5776] Bluetooth: hci0: command tx timeout
[  120.166291][   T12] bond0 (unregistering): Released all slaves
[  120.285004][ T6282] team0: Port device team_slave_1 added
[  120.291204][ T6339] tipc: Started in network mode
[  120.297824][ T6339] tipc: Node identity 4, cluster identity 4711
[  120.304682][ T6339] tipc: Node number set to 4
[  120.325844][ T6354] netlink: 4 bytes leftover after parsing attributes in process `syz.3.127'.
[  120.556748][   T28] usb 3-1: failed to read current rate; disabling the check
[  120.594320][ T6282] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.601396][ T6282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.642032][ T6282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.656364][ T6282] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.674514][ T6282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.719443][ T6282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.943409][   T28] usb 3-1: USB disconnect, device number 3
[  121.021956][ T5787] udevd[5787]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  121.068854][ T6282] hsr_slave_0: entered promiscuous mode
[  121.151538][ T6282] hsr_slave_1: entered promiscuous mode
[  122.245058][ T5776] Bluetooth: hci0: command tx timeout
[  122.667088][ T6390] loop3: detected capacity change from 0 to 256
[  122.828773][ T6282] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  122.890747][ T6282] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  122.926998][ T6282] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  122.934705][   T27] audit: type=1800 audit(1771277153.668:5): pid=6390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.135" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=1048598 res=0 errno=0
[  122.989968][ T6282] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  123.265629][ T6282] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.320231][ T6282] 8021q: adding VLAN 0 to HW filter on device team0
[  123.354089][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.361399][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.418033][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.425323][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.964808][ T6422] loop2: detected capacity change from 0 to 1024
[  124.053519][ T6422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.226401][ T6282] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.311027][ T6430] bio_check_eod: 20 callbacks suppressed
[  124.311045][ T6430] syz.2.138: attempt to access beyond end of device
[  124.311045][ T6430] loop2: rw=2051, sector=232, nr_sectors = 794 limit=1024
[  124.332987][ T5776] Bluetooth: hci0: command tx timeout
[  124.578941][ T6439] fuse: Bad value for 'fd'
[  124.619809][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.091441][ T6282] veth0_vlan: entered promiscuous mode
[  125.160195][ T6282] veth1_vlan: entered promiscuous mode
[  125.289215][ T6282] veth0_macvtap: entered promiscuous mode
[  125.323831][ T6282] veth1_macvtap: entered promiscuous mode
[  125.388343][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.436646][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.462160][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.478885][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.493932][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.510670][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.535014][ T6282] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.552071][ T6459] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  125.571035][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.602998][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.619919][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.637271][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.649229][ T6282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.676571][ T6282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.710213][ T6282] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.738951][ T6282] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.766147][ T6282] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.776713][ T6282] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.794382][ T6282] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.951671][ T6470] loop3: detected capacity change from 0 to 128
[  126.010284][ T6470] EXT4-fs (loop3): Test dummy encryption mode enabled
[  126.025903][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.052351][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.081857][ T6470] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  126.104240][ T6470] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.127491][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.144768][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.492865][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.150'.
[  126.720157][ T6500] fuse: Bad value for 'fd'
[  126.757859][ T6470] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  126.912811][ T6506] fuse: Bad value for 'fd'
[  126.963450][ T6478] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  127.099998][ T6512] fuseblk: Bad value for 'fd'
[  127.107524][ T5774] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  127.832821][ T5831] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  128.033054][ T5831] usb 4-1: Using ep0 maxpacket: 16
[  128.040701][ T5831] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  128.061072][ T5831] usb 4-1: config 0 has no interfaces?
[  128.088449][ T5831] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  128.113462][ T5831] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.145503][ T5831] usb 4-1: config 0 descriptor??
[  128.408816][  T789] usb 4-1: USB disconnect, device number 3
[  128.414649][ T6543] fuse: Bad value for 'fd'
[  128.600087][ T6550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.163'.
[  130.207517][ T6586] fuse: Bad value for 'fd'
[  130.536222][ T6592] fuse: Bad value for 'fd'
[  131.187211][ T6600] fuse: Bad value for 'fd'
[  131.462426][   T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  131.658272][   T23] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  131.696564][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.721723][   T23] usb 3-1: Product: syz
[  131.736558][   T23] usb 3-1: Manufacturer: syz
[  131.741248][   T23] usb 3-1: SerialNumber: syz
[  132.102115][    C0] sched: RT throttling activated
[  132.172855][   T23] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  132.257205][   T23] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  133.313411][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  133.320491][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  133.365975][   T23] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -71
[  133.422419][   T23] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  133.463843][   T23] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  133.767584][ T6582] Set syz1 is full, maxelem 65536 reached
[  133.819800][   T23] lan78xx: probe of 3-1:1.0 failed with error -71
[  133.984660][   T23] usb 3-1: USB disconnect, device number 4
[  134.140734][ T6643] loop2: detected capacity change from 0 to 512
[  134.241690][ T6643] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.186: inode has both inline data and extents flags
[  134.312031][ T6643] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.186: couldn't read orphan inode 15 (err -117)
[  134.338846][ T6643] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.404686][ T6652] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  134.784272][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.233524][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'.
[  135.271166][ T6676] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  135.280737][ T6676] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  135.289644][ T6676] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  135.298463][ T6676] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  135.339648][ T6678] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  135.362278][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'.
[  136.316080][   T23] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  136.531125][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.557303][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.587013][   T23] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  136.612600][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.638298][   T23] usb 4-1: config 0 descriptor??
[  136.791590][ T6697] loop2: detected capacity change from 0 to 40427
[  136.836007][ T6697] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  136.845976][ T5831] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  136.873004][ T6697] F2FS-fs (loop2): Image doesn't support compression
[  136.879878][ T6697] F2FS-fs (loop2): Image doesn't support compression
[  136.897557][ T6697] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x4
[  136.930812][ T6697] F2FS-fs (loop2): invalid crc value
[  136.983904][ T6697] F2FS-fs (loop2): Found nat_bits in checkpoint
[  137.042363][ T5831] usb 6-1: Using ep0 maxpacket: 8
[  137.090307][ T5831] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  137.109749][ T5831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.135763][   T23] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  137.154943][ T5831] usb 6-1: Product: syz
[  137.159209][ T5831] usb 6-1: Manufacturer: syz
[  137.165388][ T5831] usb 6-1: SerialNumber: syz
[  137.176483][ T5831] usb 6-1: config 0 descriptor??
[  137.186662][   T23] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[  137.204948][ T6697] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  137.313491][   T23] cp2112 0003:10C4:EA90.0001: Part Number: 0x82 Device Version: 0xFE
[  137.464002][ T5831] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  137.591997][ T6733] overlayfs: failed to clone lowerpath
[  137.601196][ T5770] syz-executor: attempt to access beyond end of device
[  137.601196][ T5770] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  137.621544][ T6733] overlayfs: failed to clone lowerpath
[  137.630878][ T5770] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  138.098068][ T6699] cp2112 0003:10C4:EA90.0001: Error starting transaction: -38
[  138.713628][ T5831] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -32
[  138.751976][   T23] cp2112 0003:10C4:EA90.0001: error reading lock byte: -71
[  138.864612][ T5831] usb 6-1: USB disconnect, device number 2
[  139.856970][   T23] usb 4-1: USB disconnect, device number 4
[  140.349004][ T6769] loop5: detected capacity change from 0 to 8
[  140.491741][ T6769] SQUASHFS error: lzo decompression failed, data probably corrupt
[  140.491880][ T6769] SQUASHFS error: Failed to read block 0x0: -5
[  140.491983][ T6769] SQUASHFS error: Failed to read block 0xff: -5
[  140.513993][ T6769] SQUASHFS error: lzo decompression failed, data probably corrupt
[  140.552649][ T6769] SQUASHFS error: Failed to read block 0x0: -5
[  140.579502][   T27] audit: type=1800 audit(1771277171.298:6): pid=6769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.214" name="file2" dev="loop5" ino=3 res=0 errno=0
[  140.895974][ T6782] loop5: detected capacity change from 0 to 47
[  141.244175][ T6791] loop5: detected capacity change from 0 to 256
[  141.319495][ T6791] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  142.832035][ T6804] loop2: detected capacity change from 0 to 40427
[  142.867291][ T6804] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  142.901868][ T6804] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  142.961564][ T6804] F2FS-fs (loop2): invalid crc value
[  143.036262][ T6804] F2FS-fs (loop2): Found nat_bits in checkpoint
[  143.124184][ T6832] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  143.211474][ T6804] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  143.252202][ T6804] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  143.504480][   T27] audit: type=1804 audit(1771277174.238:7): pid=6804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.224" name="/newroot/61/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  144.862810][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  145.073617][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  145.092621][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.114699][    T9] usb 4-1: config 0 descriptor??
[  145.142943][    T9] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  145.195369][ T6885] loop5: detected capacity change from 0 to 4096
[  145.391669][ T6885] EXT4-fs (loop5): Test dummy encryption mode enabled
[  145.407931][ T6885] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.791909][ T6282] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.086521][ T6904] capability: warning: `syz.5.250' uses deprecated v2 capabilities in a way that may be insecure
[  146.136913][ T6903] loop2: detected capacity change from 0 to 4096
[  146.173815][ T6903] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  146.197170][    T9] gspca_stv06xx: HDCS-1000/1100 sensor detected
[  146.257377][ T6903] ntfs: volume version 3.1.
[  147.770231][    T9] STV06xx: probe of 4-1:0.0 failed with error -71
[  147.796923][    T9] usb 4-1: USB disconnect, device number 5
[  148.084693][ T6925] Illegal XDP return value 4292427776 on prog  (id 14) dev syz_tun, expect packet loss!
[  148.302359][   T23] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  148.507584][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  148.527433][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  148.541748][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  148.583255][   T23] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  148.599614][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.619502][   T23] usb 3-1: Product: syz
[  148.630777][   T23] usb 3-1: Manufacturer: syz
[  148.637416][   T23] usb 3-1: SerialNumber: syz
[  148.653702][   T23] usb 3-1: config 0 descriptor??
[  148.896056][   T23] adutux 3-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  149.162382][   T27] audit: type=1800 audit(1771277179.898:8): pid=6955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.261" name="file0" dev="fuse" ino=3 res=0 errno=0
[  149.967499][ T5831] usb 3-1: USB disconnect, device number 5
[  150.858561][ T6972] loop5: detected capacity change from 0 to 32768
[  151.028535][ T6972] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  151.166128][ T6972] XFS (loop5): Ending clean mount
[  151.449825][ T7019] loop2: detected capacity change from 0 to 7
[  151.478013][ T6375]  loop2:
[  151.481365][ T6375] loop2: partition table partially beyond EOD, truncated
[  151.524140][ T7019]  loop2:
[  151.545426][ T7019] loop2: partition table partially beyond EOD, truncated
[  151.838765][ T6282] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  152.068260][ T7041] loop2: detected capacity change from 0 to 512
[  152.109412][ T7041] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  152.170806][ T7041] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003]
[  152.199185][ T7041] System zones: 1-2, 4-12, 8-8
[  152.234704][ T7041] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.283: iget: bad i_size value: 38620345925642
[  152.275683][ T7041] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.283: couldn't read orphan inode 15 (err -117)
[  152.296875][ T7041] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.078753][ T1095] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:7: bg 0: block 5: invalid block bitmap
[  153.098783][ T1095] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  153.140160][ T1095] EXT4-fs (loop2): This should not happen!! Data will be lost
[  153.140160][ T1095] 
[  153.180483][ T1095] EXT4-fs (loop2): Total free blocks count 0
[  153.204272][ T1095] EXT4-fs (loop2): Free/Dirty block details
[  153.214770][ T1095] EXT4-fs (loop2): free_blocks=0
[  153.219940][ T1095] EXT4-fs (loop2): dirty_blocks=3084
[  153.230398][ T1095] EXT4-fs (loop2): Block reservation details
[  153.236657][ T1095] EXT4-fs (loop2): i_reserved_data_blocks=3084
[  153.329975][   T34] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1032 with error 28
[  154.872991][ T5760] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  155.082220][ T5760] usb 3-1: Using ep0 maxpacket: 8
[  155.100838][ T5760] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  155.123608][ T5760] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  155.144975][ T5760] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.174429][ T5760] usb 3-1: config 0 descriptor??
[  155.424173][ T5760] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  156.256513][ T5831] usb 3-1: USB disconnect, device number 6
[  156.414004][ T7156] overlayfs: failed to clone upperpath
[  156.768387][ T7171] loop3: detected capacity change from 0 to 2048
[  156.829075][ T7171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.965565][ T7171] EXT4-fs warning (device loop3): dx_probe:833: inode #2: comm syz.3.317: Unrecognised inode hash code 20
[  156.993714][ T7181] loop2: detected capacity change from 0 to 7
[  157.010481][ T7181] Dev loop2: unable to read RDB block 7
[  157.020727][ T6375] udevd[6375]: incorrect jbd checksum on /dev/loop3
[  157.030669][ T7181]  loop2: unable to read partition table
[  157.034685][ T7171] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.317: Corrupt directory, running e2fsck is recommended
[  157.049519][ T7181] loop2: partition table beyond EOD, truncated
[  157.049595][ T7181] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  157.121443][ T7171] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.317: Inode bitmap for bg 0 marked uninitialized
[  157.274073][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.407290][ T7191] loop3: detected capacity change from 0 to 512
[  157.430127][ T7191] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.469143][ T7191] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003]
[  157.481072][ T7191] System zones: 1-2, 4-12, 8-8
[  157.514566][ T7191] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.323: iget: bad i_size value: 38620345925642
[  157.546100][ T7191] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.323: couldn't read orphan inode 15 (err -117)
[  157.588432][ T7191] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.843811][ T7202] fuse: root generation should be zero
[  158.105191][ T7196] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  158.177253][ T1095] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1388 with error 28
[  158.207778][ T1095] EXT4-fs (loop3): This should not happen!! Data will be lost
[  158.207778][ T1095] 
[  158.237955][ T1095] EXT4-fs (loop3): Total free blocks count 0
[  158.254670][ T1095] EXT4-fs (loop3): Free/Dirty block details
[  158.260667][ T1095] EXT4-fs (loop3): free_blocks=0
[  158.273282][ T1095] EXT4-fs (loop3): dirty_blocks=1388
[  158.278665][ T1095] EXT4-fs (loop3): Block reservation details
[  158.289457][ T1095] EXT4-fs (loop3): i_reserved_data_blocks=1388
[  158.440649][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.265644][ T7245] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.276257][ T7245] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.245063][ T7283] overlayfs: failed to clone upperpath
[  160.363248][ T7285] binder: 7284:7285 ioctl c0306201 2000000003c0 returned -14
[  160.430787][ T7287] mmap: syz.0.346 (7287): VmData 50044928 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  160.550906][ T7245] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.660431][ T7245] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.416793][ T7245] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.425953][ T7245] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.437151][ T7245] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.448387][ T7245] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.714886][ T7245] syz.2.336 (7245) used greatest stack depth: 20040 bytes left
[  161.986236][ T7313] binder: 7312:7313 unknown command 0
[  162.003212][ T7313] binder: 7312:7313 ioctl c0306201 200000000080 returned -22
[  162.947246][ T7345] fuse: Bad value for 'fd'
[  164.885017][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.372'.
[  166.284442][ T7424] kvm: pic: single mode not supported
[  166.285006][ T7424] kvm: pic: non byte write
[  166.319946][ T7424] kvm: pic: single mode not supported
[  166.320191][ T7424] kvm: pic: single mode not supported
[  166.337741][ T7424] kvm: pic: non byte write
[  166.370449][ T7424] kvm: pic: non byte write
[  166.383282][ T7424] kvm: pic: non byte write
[  166.403973][ T7424] kvm: pic: level sensitive irq not supported
[  166.404285][ T7424] kvm: pic: non byte write
[  166.442719][ T7424] kvm: pic: single mode not supported
[  166.442918][ T7424] kvm: pic: non byte write
[  166.486272][ T7424] kvm: pic: non byte write
[  166.491133][ T7424] kvm: pic: non byte write
[  166.512477][ T7424] kvm: pic: single mode not supported
[  166.512573][ T7424] kvm: pic: non byte write
[  166.538897][ T7424] kvm: pic: single mode not supported
[  166.540304][ T7424] kvm: pic: non byte write
[  166.561620][ T7434] overlayfs: failed to clone upperpath
[  166.576856][ T7424] kvm: pic: level sensitive irq not supported
[  166.577647][ T7424] kvm: pic: level sensitive irq not supported
[  167.174913][ T7455] overlayfs: failed to clone upperpath
[  167.831761][ T7449] loop2: detected capacity change from 0 to 32768
[  168.146852][ T7449] JBD2: Ignoring recovery information on journal
[  168.307659][ T7449] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  168.383042][ T7490] VFS: Lookup of 'file0' in fuse fuse would have caused loop
[  169.157551][ T7449] syz.2.388 (7449) used greatest stack depth: 18352 bytes left
[  169.400125][ T5776] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  169.555846][ T5770] ocfs2: Unmounting device (7,2) on (node local)
[  170.124654][ T7526] netlink: 'syz.2.398': attribute type 10 has an invalid length.
[  170.154288][ T7526] netlink: 55 bytes leftover after parsing attributes in process `syz.2.398'.
[  170.842354][ T7552] fuse: Bad value for 'fd'
[  171.065045][ T7560] loop2: detected capacity change from 0 to 128
[  171.160483][ T7560] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.212666][ T7560] ext4 filesystem being mounted at /89/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  171.374216][ T7560] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  171.497736][ T7560] fscrypt: loop2: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  171.649240][ T5770] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  171.964837][ T7558] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.972849][ T7558] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.052214][ T7265] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  172.257297][ T7265] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.272926][ T7265] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  172.285658][ T7265] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.297902][ T7265] usb 3-1: config 0 descriptor??
[  172.313040][ T7265] pwc: Askey VC010 type 2 USB webcam detected.
[  172.583876][ T7558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.639964][ T7558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.719291][ T7265] pwc: recv_control_msg error -32 req 02 val 2b00
[  172.742222][ T7265] pwc: recv_control_msg error -32 req 02 val 2700
[  172.754558][ T7265] pwc: recv_control_msg error -32 req 02 val 2c00
[  172.771499][ T7265] pwc: recv_control_msg error -32 req 04 val 1000
[  172.778939][ T7265] pwc: recv_control_msg error -32 req 04 val 1300
[  172.789663][ T7265] pwc: recv_control_msg error -32 req 04 val 1400
[  172.798058][ T7265] pwc: recv_control_msg error -32 req 02 val 2000
[  173.008274][ T7265] pwc: recv_control_msg error -71 req 04 val 1500
[  173.025909][ T7265] pwc: recv_control_msg error -71 req 02 val 2500
[  173.052709][ T7265] pwc: recv_control_msg error -71 req 02 val 2400
[  173.069899][ T7265] pwc: recv_control_msg error -71 req 02 val 2600
[  173.080009][ T7265] pwc: recv_control_msg error -71 req 02 val 2900
[  173.099888][ T7265] pwc: recv_control_msg error -71 req 02 val 2800
[  173.118666][ T7265] pwc: recv_control_msg error -71 req 04 val 1100
[  173.137190][ T7265] pwc: recv_control_msg error -71 req 04 val 1200
[  173.163197][ T7265] pwc: Registered as video103.
[  173.188125][ T7265] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5
[  173.247620][ T7265] usb 3-1: USB disconnect, device number 7
[  173.370056][ T7558] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.386597][ T7558] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.396151][ T7558] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.405429][ T7558] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.977680][ T7617] overlayfs: upper fs does not support file handles, falling back to index=off.
[  174.300252][ T7632] fuse: Bad value for 'fd'
[  174.866040][ T7660] overlayfs: failed to clone upperpath
[  175.495981][ T7688] loop2: detected capacity change from 0 to 256
[  175.595663][ T7688] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  178.516687][ T7775] kvm: requested 128228 ns i8254 timer period limited to 200000 ns
[  178.557045][ T7775] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  178.585786][ T7775] kvm: requested 93866 ns i8254 timer period limited to 200000 ns
[  178.610873][ T7768] kvm: pic: non byte read
[  178.642391][ T7768] kvm: pic: non byte read
[  178.647138][ T7768] kvm: pic: non byte read
[  178.656662][ T7768] kvm: pic: non byte read
[  178.661436][ T7768] kvm: pic: non byte read
[  178.667318][ T7768] kvm: pic: non byte read
[  178.671732][ T7768] kvm: pic: non byte read
[  178.679859][ T7786] fuse: Bad value for 'fd'
[  178.683685][ T7768] kvm: pic: non byte read
[  178.688822][ T7768] kvm: pic: non byte read
[  178.700041][ T7768] kvm: pic: non byte read
[  180.422325][ T5831] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  180.616695][ T5831] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  180.628568][ T5831] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  180.639207][ T5831] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  180.648578][ T5831] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.677751][ T7813] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  180.691716][ T5831] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  180.940019][ T7262] usb 3-1: USB disconnect, device number 8
[  182.462753][ T7850] fuse: Bad value for 'fd'
[  182.489858][ T7850] overlayfs: failed to clone upperpath
[  182.640384][ T7861] binder: BINDER_SET_CONTEXT_MGR already set
[  182.672257][ T7861] binder: 7860:7861 ioctl 4018620d 200000000100 returned -16
[  182.712906][ T7861] binder: BINDER_SET_CONTEXT_MGR already set
[  182.735146][ T7861] binder: 7860:7861 ioctl 4018620d 200000004a80 returned -16
[  182.788624][ T7867] ieee802154 phy0 wpan0: encryption failed: -22
[  183.151015][ T7882] overlayfs: failed to clone upperpath
[  183.436134][ T7891] fuse: Bad value for 'fd'
[  183.633066][ T7897] loop2: detected capacity change from 0 to 128
[  183.660523][ T7897] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.710420][ T7897] ext4 filesystem being mounted at /106/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  183.796158][ T7897] EXT4-fs (loop2): shut down requested (2)
[  183.820182][ T7897] fscrypt (loop2, inode 12): Error -5 getting encryption context
[  183.953473][ T5770] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.079187][ T7906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.505'.
[  186.278715][   T27] audit: type=1326 audit(1771277217.018:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7885 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f379bf79 code=0x7fc00000
[  186.314051][ T7944] (null): rxe_set_mtu: Set mtu to 1024
[  186.666671][ T7951] overlayfs: failed to clone upperpath
[  186.717870][ T7944] infiniband syz1: set active
[  186.742418][ T7944] infiniband syz1: added syz_tun
[  186.963336][ T7944] RDS/IB: syz1: added
[  186.983989][ T7944] smc: adding ib device syz1 with port count 1
[  187.008481][ T7944] smc:    ib device syz1 port 1 has pnetid 
[  188.969608][ T8007] overlayfs: failed to clone upperpath
[  189.804196][ T8025] overlayfs: failed to clone upperpath
[  190.010673][ T8033] 9pnet_fd: Insufficient options for proto=fd
[  190.172477][ T7265] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  190.372424][ T7265] usb 6-1: Using ep0 maxpacket: 32
[  190.380101][ T7265] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  190.402621][ T7265] usb 6-1: config 0 has no interface number 0
[  190.408844][ T7265] usb 6-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[  190.432193][ T7265] usb 6-1: config 0 interface 1 has no altsetting 0
[  190.445082][ T7265] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  190.454498][ T7265] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.463440][ T7265] usb 6-1: Product: syz
[  190.467742][ T7265] usb 6-1: Manufacturer: syz
[  190.473281][ T7265] usb 6-1: SerialNumber: syz
[  190.481704][ T7265] usb 6-1: config 0 descriptor??
[  190.703739][ T7265] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  190.732700][ T7265] cx231xx 6-1:0.1: Failed to read PCB config
[  190.740406][ T7265] cx231xx: probe of 6-1:0.1 failed with error -71
[  190.766345][ T7265] usb 6-1: USB disconnect, device number 3
[  191.292262][ T7265] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  191.503028][ T7265] usb 6-1: Using ep0 maxpacket: 32
[  191.524127][ T7265] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  191.536116][ T7265] usb 6-1: config 0 has no interface number 0
[  191.545560][ T7265] usb 6-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[  191.562178][ T7265] usb 6-1: config 0 interface 1 has no altsetting 0
[  191.572539][ T7265] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  191.582321][ T7265] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.590377][ T7265] usb 6-1: Product: syz
[  191.595090][ T7265] usb 6-1: Manufacturer: syz
[  191.599747][ T7265] usb 6-1: SerialNumber: syz
[  191.612576][ T7265] usb 6-1: config 0 descriptor??
[  191.790193][ T8089] overlayfs: failed to clone upperpath
[  191.827713][ T7265] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  191.856967][ T7265] cx231xx 6-1:0.1: Identified as Conexant Hybrid TV - RDU253S (card=4)
[  192.002681][ T7265] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --110
[  192.169957][ T7265] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --32
[  192.261259][ T7265] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --71
[  192.284862][ T7265] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --71
[  192.298022][ T7265] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --71
[  192.307298][ T7265] cx231xx 6-1:0.1: Failed to set devmode to analog: error: -71
[  192.359960][ T7265] i2c i2c-2: Added multiplexed i2c bus 4
[  192.378559][ T7265] i2c i2c-2: Added multiplexed i2c bus 5
[  192.388881][ T7265] cx231xx 6-1:0.1: cx231xx_dev_init: Failed to set Power - errCode [-71]!
[  192.405026][ T7265] cx231xx 6-1:0.1: cx231xx_init_dev: cx231xx_i2c_register - errCode [-71]!
[  192.459613][ T7265] cx231xx: probe of 6-1:0.1 failed with error -71
[  192.486880][ T7265] usb 6-1: USB disconnect, device number 4
[  192.690118][ T8107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.574'.
[  192.813575][ T8107] infiniband syz1: set active
[  193.672912][ T8129] binder: BINDER_SET_CONTEXT_MGR already set
[  193.686330][ T8129] binder: 8128:8129 ioctl 4018620d 200000003280 returned -16
[  193.712864][ T8129] binder: BINDER_SET_CONTEXT_MGR already set
[  193.742277][ T8129] binder: 8128:8129 ioctl 4018620d 200000000040 returned -16
[  193.763247][ T8132] binder: 8128:8132 ioctl c0306201 2000000003c0 returned -14
[  194.222898][ T8138] binder: BINDER_SET_CONTEXT_MGR already set
[  194.242878][ T8138] binder: 8137:8138 ioctl 4018620d 2000000000c0 returned -16
[  194.265516][ T8138] binder: BINDER_SET_CONTEXT_MGR already set
[  194.272438][ T8138] binder: 8137:8138 ioctl 4018620d 200000000040 returned -16
[  194.719147][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  194.726072][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  195.441871][ T8170] loop5: detected capacity change from 0 to 256
[  195.498124][ T8170] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d)
[  195.740812][   T27] audit: type=1800 audit(1771277226.478:10): pid=8171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.595" name="file1" dev="loop5" ino=1048621 res=0 errno=0
[  196.119640][ T8182] loop5: detected capacity change from 0 to 256
[  196.252325][ T8186] netlink: 'syz.0.602': attribute type 4 has an invalid length.
[  196.335473][ T8188] overlayfs: failed to clone upperpath
[  196.378544][ T8189] netlink: 'syz.0.602': attribute type 4 has an invalid length.
[  197.786793][ T8226] overlayfs: failed to clone upperpath
[  198.293880][   T27] audit: type=1326 audit(1771277229.038:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8245 comm="syz.0.623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0f379bf79 code=0x0
[  198.725344][ T8249] infiniband syz1: set down
[  198.768094][ T8249] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.775768][ T8249] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.279746][ T8249] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.357221][ T8249] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.056531][ T8249] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.075324][ T8249] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.093711][ T8249] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.104407][ T8249] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.492277][ T3529] bond0: (slave bond_slave_0): interface is now down
[  200.503035][ T8252] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.522757][ T3529] bond0: (slave bond_slave_1): interface is now down
[  200.551914][ T3529] bond0: (slave bond_slave_0): link status definitely down, disabling slave
[  200.603609][ T3529] bond0: (slave bond_slave_1): link status definitely down, disabling slave
[  200.634333][ T3529] bond0: now running without any active interface!
[  204.253512][ T5780] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  204.275403][ T5780] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  204.286369][ T5780] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  204.316621][ T5780] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  204.324592][ T5780] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  204.332506][ T5780] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  204.859598][ T8389] syz_tun: entered allmulticast mode
[  204.936364][ T8386] syz_tun: left allmulticast mode
[  205.139471][ T8376] chnl_net:caif_netlink_parms(): no params data found
[  205.199148][ T7257] IPVS: starting estimator thread 0...
[  205.240395][ T8396] IPVS: lblcr: FWM 3 0x00000003 - no destination available
[  205.300230][ T8376] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.308629][ T8376] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.315513][ T8398] IPVS: using max 26 ests per chain, 62400 per kthread
[  205.323403][ T8376] bridge_slave_0: entered allmulticast mode
[  205.330921][ T8376] bridge_slave_0: entered promiscuous mode
[  205.343412][ T8376] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.350717][ T8376] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.358681][ T8376] bridge_slave_1: entered allmulticast mode
[  205.366593][ T8376] bridge_slave_1: entered promiscuous mode
[  205.407541][ T8376] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.425793][ T8376] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.520583][ T8402] (null): rxe_set_mtu: Set mtu to 1024
[  205.559679][ T8376] team0: Port device team_slave_0 added
[  205.574130][ T8402] rdma_rxe: rxe_newlink: failed to add syz_tun
[  205.601801][ T8376] team0: Port device team_slave_1 added
[  205.672283][ T8376] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.689779][ T8376] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.746419][ T8376] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.773844][ T8376] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.788506][ T8376] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.870761][ T8376] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.936637][ T8408] loop5: detected capacity change from 0 to 512
[  205.969952][ T8408] EXT4-fs: Ignoring removed nobh option
[  206.023153][ T8408] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  206.086811][ T8408] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  206.125777][ T8376] hsr_slave_0: entered promiscuous mode
[  206.149233][ T8408] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.673: Corrupt directory, running e2fsck is recommended
[  206.187976][ T8376] hsr_slave_1: entered promiscuous mode
[  206.213938][ T8408] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  206.252338][ T8376] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.259993][ T8376] Cannot create hsr debugfs directory
[  206.264326][ T8408] EXT4-fs error (device loop5): ext4_iget_extra_inode:4732: inode #15: comm syz.5.673: corrupted in-inode xattr: invalid ea_ino
[  206.330438][ T8408] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.673: couldn't read orphan inode 15 (err -117)
[  206.392638][ T5780] Bluetooth: hci4: command tx timeout
[  206.395187][ T8408] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.608699][ T8414] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  206.631041][ T8414] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  206.646838][ T8414] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.673: Corrupt directory, running e2fsck is recommended
[  207.253697][ T6282] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.704441][ T8376] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  207.835563][ T8376] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  207.900961][ T8376] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  207.938023][ T8376] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  208.262261][ T7257] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  208.357281][ T8376] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.416551][ T8376] 8021q: adding VLAN 0 to HW filter on device team0
[  208.456973][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.464272][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.472453][ T5780] Bluetooth: hci4: command tx timeout
[  208.503589][ T7257] usb 6-1: config 0 has no interfaces?
[  208.525339][ T7257] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  208.550897][ T7257] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.568175][ T7257] usb 6-1: Product: syz
[  208.572861][ T7257] usb 6-1: Manufacturer: syz
[  208.577516][ T7257] usb 6-1: SerialNumber: syz
[  208.586210][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.593447][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.617445][ T7257] usb 6-1: config 0 descriptor??
[  209.139545][ T8432] veth0_vlan: left promiscuous mode
[  209.158304][ T8432] veth0_vlan: entered promiscuous mode
[  209.425923][ T7257] usb 6-1: USB disconnect, device number 5
[  209.655156][ T8376] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.289926][ T8478] overlayfs: failed to clone upperpath
[  210.552523][ T5776] Bluetooth: hci4: command tx timeout
[  211.221296][ T8376] veth0_vlan: entered promiscuous mode
[  211.305513][ T8497] netlink: 12 bytes leftover after parsing attributes in process `syz.0.693'.
[  211.637796][ T8497] 8021q: adding VLAN 0 to HW filter on device bond1
[  211.746683][ T8498] macvlan2: entered promiscuous mode
[  211.834855][ T8498] team_slave_0: entered promiscuous mode
[  211.841220][ T8498] team_slave_1: entered promiscuous mode
[  211.924481][ T8498] team0: entered promiscuous mode
[  211.951216][ T8498] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  211.969100][ T8498] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  212.038333][ T8376] veth1_vlan: entered promiscuous mode
[  212.103339][ T8376] veth0_macvtap: entered promiscuous mode
[  212.135176][ T8376] veth1_macvtap: entered promiscuous mode
[  212.155212][ T5776] Bluetooth: hci2: command 0x0406 tx timeout
[  212.161326][ T5776] Bluetooth: hci3: command 0x0406 tx timeout
[  212.244735][ T8376] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.299804][ T8376] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.361276][ T8376] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.454482][ T8376] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.490165][ T8376] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.533970][ T8376] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.601511][ T8376] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.632324][ T5780] Bluetooth: hci4: command tx timeout
[  212.642754][ T8376] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.669742][ T8376] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.682298][ T8376] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.275611][  T141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.319391][  T141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.566191][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.610913][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.048541][ T8538] syz_tun: entered allmulticast mode
[  214.083072][ T8536] syz_tun: left allmulticast mode
[  215.284233][ T8565] overlayfs: failed to clone lowerpath
[  215.928480][ T8593] loop5: detected capacity change from 0 to 256
[  215.984484][ T8593] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3967cd3a, utbl_chksum : 0xe619d30d)
[  216.320450][   T27] audit: type=1804 audit(1771277247.058:12): pid=8603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.729" name="/newroot/104/bus/bus" dev="overlay" ino=628 res=1 errno=0
[  216.336562][ T8603] Invalid ELF header magic: != ELF
[  217.166643][ T8609] overlayfs: failed to clone upperpath
[  217.515305][ T8638] netlink: 4 bytes leftover after parsing attributes in process `syz.5.740'.
[  218.612611][ T8677] netlink: 12 bytes leftover after parsing attributes in process `syz.3.756'.
[  218.627508][ T8677] tipc: Started in network mode
[  218.633292][ T8677] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  218.642831][ T8677] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  220.101040][ T8720] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  221.278360][ T8752] binder: BINDER_SET_CONTEXT_MGR already set
[  221.290377][ T8752] binder: 8751:8752 ioctl 4018620d 2000000000c0 returned -16
[  221.307970][ T8752] binder: 8751:8752 unknown command 0
[  221.313689][ T8752] binder: 8751:8752 ioctl c0306201 200000000080 returned -22
[  221.333446][ T8752] binder: BINDER_SET_CONTEXT_MGR already set
[  221.339749][ T8752] binder: 8751:8752 ioctl 4018620d 200000000040 returned -16
[  221.643123][ T8764] netlink: 'syz.3.794': attribute type 10 has an invalid length.
[  221.660061][ T8764] 8021q: adding VLAN 0 to HW filter on device team0
[  221.670676][ T8764] bond0: (slave team0): Enslaving as an active interface with an up link
[  227.033484][ T8869] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.831'.
[  227.370883][ T8884] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  228.889450][ T8916] loop5: detected capacity change from 0 to 2048
[  228.936907][ T8916] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  229.956879][ T8928] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  231.620731][ T5778] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  231.632986][ T5778] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  231.642174][ T5778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  231.651043][ T5778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  231.659080][ T5778] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  231.666830][ T5778] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  231.971104][ T3529] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.157036][ T3529] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.300573][ T3529] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.430885][ T3529] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.037278][ T8945] chnl_net:caif_netlink_parms(): no params data found
[  233.620991][ T8945] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.633055][ T8945] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.661013][ T8945] bridge_slave_0: entered allmulticast mode
[  233.692466][ T8945] bridge_slave_0: entered promiscuous mode
[  233.713693][ T8945] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.720915][ T8945] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.746117][ T8945] bridge_slave_1: entered allmulticast mode
[  233.752809][ T5778] Bluetooth: hci1: command tx timeout
[  233.760194][ T8945] bridge_slave_1: entered promiscuous mode
[  234.066733][ T8945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.090359][ T8945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.419514][ T8945] team0: Port device team_slave_0 added
[  234.467916][ T8945] team0: Port device team_slave_1 added
[  234.760369][ T8945] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.785319][ T8945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.842111][ T8945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.938071][ T8945] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.952365][ T8945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.032942][ T8945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  235.452686][ T8945] hsr_slave_0: entered promiscuous mode
[  235.517990][ T8945] hsr_slave_1: entered promiscuous mode
[  235.533001][ T8945] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  235.550921][ T8945] Cannot create hsr debugfs directory
[  235.605175][ T3529] hsr_slave_0: left promiscuous mode
[  235.611194][ T3529] hsr_slave_1: left promiscuous mode
[  235.633217][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.640719][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.707836][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.742434][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.773094][ T3529] bridge_slave_1: left allmulticast mode
[  235.785513][ T3529] bridge_slave_1: left promiscuous mode
[  235.803530][ T3529] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.832246][ T5778] Bluetooth: hci1: command tx timeout
[  235.839419][ T3529] bridge_slave_0: left allmulticast mode
[  235.851900][ T3529] bridge_slave_0: left promiscuous mode
[  235.864555][ T3529] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.007575][ T3529] veth1_macvtap: left promiscuous mode
[  236.022478][ T3529] veth0_macvtap: left promiscuous mode
[  236.039567][ T3529] veth1_vlan: left promiscuous mode
[  236.062483][ T3529] veth0_vlan: left promiscuous mode
[  237.912237][ T5778] Bluetooth: hci1: command tx timeout
[  238.279501][ T3529] team0 (unregistering): Port device team_slave_1 removed
[  238.398677][ T3529] team0 (unregistering): Port device team_slave_0 removed
[  238.546723][ T3529] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  238.619867][ T3529] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.104898][ T3529] bond0 (unregistering): Released all slaves
[  239.998383][ T5778] Bluetooth: hci1: command tx timeout
[  240.206121][ T9079] netlink: 28 bytes leftover after parsing attributes in process `syz.5.889'.
[  240.227745][ T9079] netlink: 28 bytes leftover after parsing attributes in process `syz.5.889'.
[  240.272454][ T9079] bridge0: entered promiscuous mode
[  240.289411][ T9079] syz_tun: entered promiscuous mode
[  240.333768][ T9079] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  240.361934][ T9079] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[  240.601236][ T8945] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  240.616049][ T8945] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  240.673299][ T8945] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  240.685995][ T8945] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  240.875082][ T9102] syz_tun: entered allmulticast mode
[  241.040877][ T8945] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.120736][ T8945] 8021q: adding VLAN 0 to HW filter on device team0
[  241.185267][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.192527][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.220112][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.227417][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.114886][ T8945] 8021q: adding VLAN 0 to HW filter on device batadv0
[  242.524467][ T9143] netlink: 'syz.3.900': attribute type 4 has an invalid length.
[  242.870663][ T8945] veth0_vlan: entered promiscuous mode
[  242.879596][ T5778] Bluetooth: hci0: command 0x0406 tx timeout
[  242.917830][ T8945] veth1_vlan: entered promiscuous mode
[  243.056786][ T8945] veth0_macvtap: entered promiscuous mode
[  243.075611][ T8945] veth1_macvtap: entered promiscuous mode
[  243.120540][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.139804][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.161384][ T8945] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.213063][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.225262][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.240233][ T8945] batman_adv: batadv0: Interface activated: batadv_slave_1
[  243.275206][ T8945] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  243.290213][ T8945] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  243.300563][ T8945] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  243.318253][ T8945] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  243.634546][ T3507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.666196][ T3507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.784743][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.805896][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.832839][ T9201] md: could not open device unknown-block(0,0).
[  245.845389][ T9201] md: md_import_device returned -6
[  246.171878][ T9219] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0)
[  246.465429][ T9229] loop7: detected capacity change from 0 to 64
[  246.481150][ T9224] loop5: detected capacity change from 0 to 2048
[  246.610932][ T9224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.761986][ T9224] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  246.832712][ T9224] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  246.996049][ T9224] EXT4-fs (loop5): This should not happen!! Data will be lost
[  246.996049][ T9224] 
[  247.041375][ T9224] EXT4-fs (loop5): Total free blocks count 0
[  247.071264][ T9224] EXT4-fs (loop5): Free/Dirty block details
[  247.092800][ T9224] EXT4-fs (loop5): free_blocks=2415919504
[  247.098650][ T9224] EXT4-fs (loop5): dirty_blocks=16
[  247.117870][ T9224] EXT4-fs (loop5): Block reservation details
[  247.142206][ T9224] EXT4-fs (loop5): i_reserved_data_blocks=1
[  247.349193][   T11] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  247.616348][ T9253] overlayfs: statfs failed on './file0'
[  249.467797][ T9297] overlayfs: failed to clone upperpath
[  250.782703][ T7262] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  251.007388][ T7262] usb 8-1: Using ep0 maxpacket: 32
[  251.028784][ T7262] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  251.092189][ T7262] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  251.168062][ T7262] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  251.212280][ T7262] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.241965][ T7262] usb 8-1: config 0 descriptor??
[  251.267817][ T9327] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  251.312955][ T7262] hub 8-1:0.0: USB hub found
[  251.510700][ T7262] hub 8-1:0.0: 1 port detected
[  252.630862][ T7265] hub 8-1:0.0: hub_ext_port_status failed (err = -71)
[  252.630879][ T8264] usb 8-1: USB disconnect, device number 2
[  252.679886][ T7265] usb 8-1-port1: connect-debounce failed
[  253.842378][ T9380] warning: `syz.3.956' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  253.897903][ T9380] netlink: 'syz.3.956': attribute type 10 has an invalid length.
[  253.931996][ T9380] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  253.988573][ T9385] netlink: 24 bytes leftover after parsing attributes in process `syz.5.958'.
[  255.578682][ T9410] netlink: 16 bytes leftover after parsing attributes in process `syz.5.967'.
[  255.784253][ T9422] overlayfs: failed to clone upperpath
[  256.158284][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  256.165464][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  257.133688][ T5780] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  257.145438][ T5780] CPU: 0 PID: 5780 Comm: kworker/u5:4 Not tainted syzkaller #0
[  257.153061][ T5780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  257.163163][ T5780] Workqueue: hci2 hci_rx_work
[  257.167915][ T5780] Call Trace:
[  257.171227][ T5780]  <TASK>
[  257.174189][ T5780]  dump_stack_lvl+0x18c/0x250
[  257.178915][ T5780]  ? show_regs_print_info+0x20/0x20
[  257.184160][ T5780]  ? load_image+0x400/0x400
[  257.188715][ T5780]  sysfs_create_dir_ns+0x26e/0x2a0
[  257.193862][ T5780]  ? sysfs_warn_dup+0xa0/0xa0
[  257.198577][ T5780]  ? do_raw_spin_unlock+0x121/0x230
[  257.203837][ T5780]  kobject_add_internal+0x61c/0xcc0
[  257.209091][ T5780]  kobject_add+0x164/0x240
[  257.213564][ T5780]  ? __rwlock_init+0x150/0x150
[  257.218374][ T5780]  ? kobject_init+0x1e0/0x1e0
[  257.223086][ T5780]  ? _raw_spin_unlock+0x28/0x40
[  257.227972][ T5780]  ? get_device_parent+0x366/0x390
[  257.233159][ T5780]  device_add+0x408/0xc20
[  257.237540][ T5780]  hci_conn_add_sysfs+0xd5/0x1e0
[  257.242550][ T5780]  le_conn_complete_evt+0xf5d/0x1540
[  257.247882][ T5780]  ? hci_event_packet+0x4cb/0x1270
[  257.253051][ T5780]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  257.259433][ T5780]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  257.265110][ T5780]  ? skb_pull_data+0xfb/0x200
[  257.269826][ T5780]  hci_le_conn_complete_evt+0x187/0x440
[  257.275416][ T5780]  ? hci_remote_host_features_evt+0x150/0x150
[  257.281587][ T5780]  hci_event_packet+0x7ba/0x1270
[  257.286567][ T5780]  ? bis_list+0x290/0x290
[  257.290944][ T5780]  ? lockdep_hardirqs_on+0x98/0x150
[  257.296205][ T5780]  ? hci_send_to_monitor+0xd7/0x4f0
[  257.301469][ T5780]  hci_rx_work+0x43a/0xd60
[  257.305942][ T5780]  ? process_scheduled_works+0x96f/0x15d0
[  257.311703][ T5780]  process_scheduled_works+0xa5d/0x15d0
[  257.317313][ T5780]  ? assign_work+0x430/0x430
[  257.321948][ T5780]  ? assign_work+0x3d0/0x430
[  257.326585][ T5780]  worker_thread+0xa55/0xfc0
[  257.331259][ T5780]  kthread+0x2fa/0x390
[  257.335361][ T5780]  ? pr_cont_work+0x560/0x560
[  257.340080][ T5780]  ? kthread_blkcg+0xd0/0xd0
[  257.344736][ T5780]  ret_from_fork+0x48/0x80
[  257.349189][ T5780]  ? kthread_blkcg+0xd0/0xd0
[  257.353815][ T5780]  ret_from_fork_asm+0x11/0x20
[  257.358632][ T5780]  </TASK>
[  257.365726][ T5780] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  257.380089][ T5780] Bluetooth: hci2: failed to register connection device
[  257.580627][ T9469] tipc: Failed to remove unknown binding: 66,0,0/4:1642649412/1642649414
[  257.612214][ T9469] tipc: Failed to remove unknown binding: 66,0,0/4:1642649412/1642649413
[  257.642820][ T9469] tipc: Failed to remove unknown binding: 66,0,0/4:1642649412/1642649414
[  257.651988][ T9469] tipc: Failed to remove unknown binding: 66,0,0/4:1642649412/1642649413
[  258.045277][ T9453] loop7: detected capacity change from 0 to 32768
[  258.157764][ T9453] JBD2: Ignoring recovery information on journal
[  258.253544][   T27] audit: type=1800 audit(1771277288.998:13): pid=9467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.983" name="/" dev="fuse" ino=4 res=0 errno=0
[  258.446429][ T9453] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  258.762688][ T9453] loop7: detected capacity change from 32768 to 0
[  258.801168][    C0] I/O error, dev loop7, sector 32760 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  259.948851][ T8945] syz-executor: attempt to access beyond end of device
[  259.948851][ T8945] loop7: rw=0, sector=71, nr_sectors = 1 limit=0
[  259.983614][ T8945] (syz-executor,8945,1):ocfs2_assign_bh:2416 ERROR: status = -5
[  259.991981][ T8945] (syz-executor,8945,1):ocfs2_inode_lock_full_nested:2511 ERROR: status = -5
[  260.013656][ T8945] (syz-executor,8945,1):ocfs2_shutdown_local_alloc:411 ERROR: status = -5
[  260.043584][ T8945] syz-executor: attempt to access beyond end of device
[  260.043584][ T8945] loop7: rw=1, sector=17024, nr_sectors = 1 limit=0
[  260.058636][ T8945] buffer_io_error: 16 callbacks suppressed
[  260.058651][ T8945] Buffer I/O error on dev loop7, logical block 17024, lost sync page write
[  260.080217][ T8945] (syz-executor,8945,1):ocfs2_write_block:78 ERROR: status = -5
[  260.091969][ T8945] (syz-executor,8945,1):ocfs2_update_disk_slot:199 ERROR: status = -5
[  260.120363][ T8945] (syz-executor,8945,1):ocfs2_put_slot:517 ERROR: status = -5
[  260.138978][ T8945] syz-executor: attempt to access beyond end of device
[  260.138978][ T8945] loop7: rw=38913, sector=640, nr_sectors = 1 limit=0
[  260.159591][ T8945] Buffer I/O error on dev loop7, logical block 640, lost sync page write
[  260.162480][ T8263] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  260.177141][ T8945] JBD2: I/O error when updating journal superblock for loop7-75.
[  260.202018][ T8945] Aborting journal on device loop7-75.
[  260.210683][ T8945] syz-executor: attempt to access beyond end of device
[  260.210683][ T8945] loop7: rw=38913, sector=640, nr_sectors = 1 limit=0
[  260.232208][ T8945] Buffer I/O error on dev loop7, logical block 640, lost sync page write
[  260.240893][ T8945] JBD2: I/O error when updating journal superblock for loop7-75.
[  260.284040][ T8945] ocfs2: Unmounting device (7,7) on (node local)
[  260.372306][ T8263] usb 6-1: Using ep0 maxpacket: 16
[  260.380255][ T8263] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  260.394477][ T8263] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  260.403877][ T8263] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.414476][ T8263] usb 6-1: Product: syz
[  260.418733][ T8263] usb 6-1: Manufacturer: syz
[  260.438795][ T8263] usb 6-1: SerialNumber: syz
[  260.453207][ T8263] usb 6-1: config 0 descriptor??
[  260.469756][ T8263] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  260.479295][ T8263] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  260.983664][ T9518] syzkaller0: entered promiscuous mode
[  260.989440][ T9518] syzkaller0: entered allmulticast mode
[  261.104488][ T8263] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  261.546637][ T8263] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  261.568588][ T8263] em28xx 6-1:0.0: board has no eeprom
[  261.616756][ T9533] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1000'.
[  262.842685][ T5780] Bluetooth: hci1: command 0x0405 tx timeout
[  262.912271][ T9509] em28xx 6-1:0.0: reading from i2c device at 0xfffe failed (error=-5)
[  262.932151][ T8263] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  262.940058][ T8263] em28xx 6-1:0.0: dvb set to bulk mode.
[  262.997097][ T5831] em28xx 6-1:0.0: Binding DVB extension
[  263.101080][ T8263] usb 6-1: USB disconnect, device number 6
[  263.147146][ T8263] em28xx 6-1:0.0: Disconnecting em28xx
[  263.334364][ T5831] em28xx 6-1:0.0: Registering input extension
[  263.355951][ T8263] em28xx 6-1:0.0: Closing input extension
[  263.523338][ T8263] em28xx 6-1:0.0: Freeing device
[  263.932341][ T8263] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  264.145699][ T8263] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.189193][ T8263] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.260214][ T8263] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  264.349129][ T8263] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  264.394051][ T8263] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.451050][ T8263] usb 6-1: config 0 descriptor??
[  264.876033][ T8263] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  264.949690][ T8263] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  265.234182][ T8263] usb 6-1: USB disconnect, device number 7
[  266.186369][ T9595] nvme_fabrics: missing parameter 'transport=%s'
[  266.193764][ T9595] nvme_fabrics: missing parameter 'nqn=%s'
[  267.710059][ T9639] batman_adv: batadv0: Adding interface: dummy0
[  267.724238][ T9639] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.783004][ T9639] batman_adv: batadv0: Interface activated: dummy0
[  267.887189][ T9644] batadv0: mtu less than device minimum
[  267.911542][   T27] audit: type=1326 audit(1771277298.648:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.0.1022" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0f379bf79 code=0x0
[  267.951112][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.964568][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.977139][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.989775][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.002397][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.014971][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.027560][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.040219][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.052820][ T9644] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.816598][ T9666] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1026'.
[  269.004286][ T9666] bond2: entered promiscuous mode
[  269.009733][ T9666] 8021q: adding VLAN 0 to HW filter on device bond2
[  269.043553][ T9675] picdev_read: 503 callbacks suppressed
[  269.043573][ T9675] kvm: pic: non byte read
[  269.088425][ T9675] kvm: pic: non byte read
[  269.105336][ T9675] kvm: pic: non byte read
[  269.110066][ T9675] kvm: pic: non byte read
[  269.155047][ T9675] kvm: pic: level sensitive irq not supported
[  269.155102][ T9675] kvm: pic: non byte read
[  269.170363][ T9672] bridge1: entered promiscuous mode
[  269.180465][ T9675] kvm: pic: non byte read
[  269.189970][ T9672] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  269.201228][ T9675] kvm: pic: non byte read
[  269.206198][ T9675] kvm: pic: non byte read
[  269.216306][ T9675] kvm: pic: non byte read
[  269.224168][ T9675] kvm: pic: non byte read
[  269.229306][ T9675] kvm: pic: single mode not supported
[  269.229328][ T9675] kvm: pic: level sensitive irq not supported
[  269.235886][ T9675] kvm: pic: single mode not supported
[  269.242912][ T9675] kvm: pic: single mode not supported
[  269.255084][ T9675] kvm: pic: level sensitive irq not supported
[  269.261054][ T9675] kvm: pic: single mode not supported
[  269.268742][ T9675] kvm: pic: single mode not supported
[  269.275958][ T9675] kvm: pic: level sensitive irq not supported
[  269.295949][ T9675] kvm: pic: single mode not supported
[  269.302371][ T9675] kvm: pic: level sensitive irq not supported
[  269.326271][ T9675] kvm: pic: single mode not supported
[  269.333074][ T9675] kvm: pic: level sensitive irq not supported
[  269.342656][ T9675] kvm: pic: single mode not supported
[  269.349560][ T9675] kvm: pic: level sensitive irq not supported
[  269.393114][ T9675] kvm: pic: single mode not supported
[  269.399597][ T9675] kvm: pic: level sensitive irq not supported
[  269.423902][ T9675] kvm: pic: single mode not supported
[  269.431009][ T9675] kvm: pic: level sensitive irq not supported
[  270.118288][ T9708] tipc: Started in network mode
[  270.144857][ T9708] tipc: Node identity 4, cluster identity 4711
[  270.151669][ T9708] tipc: Node number set to 4
[  271.089482][ T5780] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1
[  271.098029][ T5780] Bluetooth: hci3: unexpected event for opcode 0x203e
[  271.997892][ T9762] loop5: detected capacity change from 0 to 256
[  272.237658][   T27] audit: type=1800 audit(1771277302.978:15): pid=9762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1050" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=1048637 res=0 errno=0
[  273.003073][ T9785] loop7: detected capacity change from 0 to 2
[  273.130471][ T9785] jffs2: Bad value for 'rp_size'
[  273.426074][ T9057] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  273.838007][ T9797] loop5: detected capacity change from 0 to 128
[  274.360334][ T9778] syz.5.1055: attempt to access beyond end of device
[  274.360334][ T9778] loop5: rw=2049, sector=138, nr_sectors = 16 limit=128
[  274.392940][ T9815] netlink: 'syz.7.1061': attribute type 1 has an invalid length.
[  274.593481][ T9815] bond1: entered promiscuous mode
[  274.622615][ T9815] 8021q: adding VLAN 0 to HW filter on device bond1
[  275.276677][ T1095] wlan1: Trigger new scan to find an IBSS to join
[  275.335532][ T9820] bond1: (slave bridge1): making interface the new active one
[  275.389994][ T9820] bridge1: entered promiscuous mode
[  275.423611][ T9820] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  275.481205][ T9821] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  275.495271][ T9821] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  275.783148][ T1095] kworker/u4:7: attempt to access beyond end of device
[  275.783148][ T1095] loop5: rw=1, sector=138, nr_sectors = 2 limit=128
[  276.069038][ T9841] syzkaller0: entered promiscuous mode
[  276.082142][ T9841] syzkaller0: entered allmulticast mode
[  277.102717][ T9860] syzkaller0: entered promiscuous mode
[  277.169584][ T9860] syzkaller0: entered allmulticast mode
[  278.353978][ T1110] wlan1: Trigger new scan to find an IBSS to join
[  278.901469][ T3507] hsr_slave_0: left promiscuous mode
[  278.932826][ T3507] hsr_slave_1: left promiscuous mode
[  279.103972][ T3507] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.194758][ T3507] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.311689][ T3507] bridge_slave_1: left allmulticast mode
[  280.344769][ T3507] bridge_slave_1: left promiscuous mode
[  280.350627][ T3507] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.451323][   T12] wlan1: Creating new IBSS network, BSSID b6:4c:c3:16:00:87
[  280.474180][ T3507] bridge_slave_0: left allmulticast mode
[  280.503423][ T3507] bridge_slave_0: left promiscuous mode
[  280.528412][ T3507] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.726732][ T3507] bond1 (unregistering): (slave veth3): Releasing active interface
[  281.358135][ T3507] bond1 (unregistering): Released all slaves
[  283.239499][ T3507] team0 (unregistering): Port device team_slave_1 removed
[  283.358214][ T3507] team0 (unregistering): Port device team_slave_0 removed
[  283.440017][ T9937] loop5: detected capacity change from 0 to 32768
[  283.492341][ T9937] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  283.548418][ T9937] XFS (loop5): Ending clean mount
[  283.564573][ T3507] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.613669][ T9937] XFS (loop5): Quotacheck needed: Please wait.
[  283.737095][ T9937] XFS (loop5): Quotacheck: Done.
[  283.763944][ T3507] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.597796][ T6282] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.830405][ T3507] bond0 (unregistering): Released all slaves
[  291.650274][ T5780] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  291.661176][ T5780] CPU: 0 PID: 5780 Comm: kworker/u5:4 Not tainted syzkaller #0
[  291.668757][ T5780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  291.678835][ T5780] Workqueue: hci2 hci_rx_work
[  291.683572][ T5780] Call Trace:
[  291.686864][ T5780]  <TASK>
[  291.689802][ T5780]  dump_stack_lvl+0x18c/0x250
[  291.694542][ T5780]  ? show_regs_print_info+0x20/0x20
[  291.699768][ T5780]  ? load_image+0x400/0x400
[  291.704311][ T5780]  sysfs_create_dir_ns+0x26e/0x2a0
[  291.709436][ T5780]  ? sysfs_warn_dup+0xa0/0xa0
[  291.714128][ T5780]  ? do_raw_spin_unlock+0x121/0x230
[  291.719351][ T5780]  kobject_add_internal+0x61c/0xcc0
[  291.724570][ T5780]  kobject_add+0x164/0x240
[  291.729019][ T5780]  ? __rwlock_init+0x150/0x150
[  291.733807][ T5780]  ? kobject_init+0x1e0/0x1e0
[  291.738501][ T5780]  ? _raw_spin_unlock+0x28/0x40
[  291.743390][ T5780]  ? get_device_parent+0x366/0x390
[  291.748521][ T5780]  device_add+0x408/0xc20
[  291.752874][ T5780]  hci_conn_add_sysfs+0xd5/0x1e0
[  291.757830][ T5780]  le_conn_complete_evt+0xf5d/0x1540
[  291.763134][ T5780]  ? hci_event_packet+0x4cb/0x1270
[  291.768272][ T5780]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  291.774543][ T5780]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  291.780205][ T5780]  ? skb_pull_data+0xfb/0x200
[  291.784913][ T5780]  hci_le_enh_conn_complete_evt+0x189/0x460
[  291.790853][ T5780]  ? hci_le_remote_conn_param_req_evt+0xd10/0xd10
[  291.797289][ T5780]  ? hci_remote_host_features_evt+0x150/0x150
[  291.803403][ T5780]  hci_event_packet+0x7ba/0x1270
[  291.808364][ T5780]  ? bis_list+0x290/0x290
[  291.812801][ T5780]  ? lockdep_hardirqs_on+0x98/0x150
[  291.818017][ T5780]  ? hci_send_to_monitor+0xd7/0x4f0
[  291.823242][ T5780]  hci_rx_work+0x43a/0xd60
[  291.827696][ T5780]  ? process_scheduled_works+0x96f/0x15d0
[  291.833446][ T5780]  process_scheduled_works+0xa5d/0x15d0
[  291.839050][ T5780]  ? assign_work+0x430/0x430
[  291.843670][ T5780]  ? assign_work+0x3d0/0x430
[  291.848290][ T5780]  worker_thread+0xa55/0xfc0
[  291.852925][ T5780]  kthread+0x2fa/0x390
[  291.857010][ T5780]  ? pr_cont_work+0x560/0x560
[  291.861708][ T5780]  ? kthread_blkcg+0xd0/0xd0
[  291.866319][ T5780]  ret_from_fork+0x48/0x80
[  291.870751][ T5780]  ? kthread_blkcg+0xd0/0xd0
[  291.875357][ T5780]  ret_from_fork_asm+0x11/0x20
[  291.880156][ T5780]  </TASK>
[  291.888077][ T5780] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  291.902522][ T5780] Bluetooth: hci2: failed to register connection device
[  292.243640][T10003] syz.7.1098: attempt to access beyond end of device
[  292.243640][T10003] nbd7: rw=0, sector=16, nr_sectors = 1 limit=0
[  292.257307][T10003] qnx6: unable to read the first superblock
[  292.265085][T10003] syz.7.1098: attempt to access beyond end of device
[  292.265085][T10003] nbd7: rw=0, sector=0, nr_sectors = 1 limit=0
[  292.277992][T10003] qnx6: unable to read the first superblock
[  292.284125][T10003] qnx6: unable to read the first superblock
[  295.210480][T10032] netlink: 'syz.5.1107': attribute type 1 has an invalid length.
[  296.484824][T10032] 8021q: adding VLAN 0 to HW filter on device bond1
[  296.708549][T10037] bond1: (slave gretap1): making interface the new active one
[  296.775252][T10037] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  297.327689][T10052] syzkaller0: entered promiscuous mode
[  297.352138][T10052] syzkaller0: entered allmulticast mode
[  297.521015][T10058] bridge_slave_0: left allmulticast mode
[  297.566786][T10058] bridge_slave_0: left promiscuous mode
[  297.582630][T10058] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.611401][T10058] bridge_slave_1: left allmulticast mode
[  297.630744][T10058] bridge_slave_1: left promiscuous mode
[  297.638168][T10058] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.674096][T10058] bond0: (slave bond_slave_0): Releasing backup interface
[  297.783616][T10058] bond0: (slave bond_slave_1): Releasing backup interface
[  297.876568][T10058] team_slave_0: left promiscuous mode
[  297.956175][T10058] team0: Port device team_slave_0 removed
[  297.991378][T10058] team_slave_1: left promiscuous mode
[  298.050472][T10058] team0: Port device team_slave_1 removed
[  298.094548][T10058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.124555][T10058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.294218][T10058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.338032][T10058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.065278][T10058] bond1: (slave macvlan2): Releasing backup interface
[  299.115562][T10058] team0: left promiscuous mode
[  299.165558][T10058] bond2: (slave bridge1): Releasing backup interface
[  299.199732][T10058] bridge1: left promiscuous mode
[  300.368246][T10096] loop7: detected capacity change from 0 to 512
[  300.383046][T10096] EXT4-fs: Ignoring removed nomblk_io_submit option
[  300.414305][T10096] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  300.428255][T10096] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  300.461362][T10096] EXT4-fs (loop7): 1 truncate cleaned up
[  300.469080][T10096] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.838647][ T5831] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  301.043457][ T5831] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.057999][ T5831] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.068415][ T5831] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  301.083235][ T5831] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  301.092748][ T5831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.104486][ T5831] usb 8-1: config 0 descriptor??
[  301.550264][ T5831] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  301.597804][ T5831] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  302.235944][ T5778] Bluetooth: hci1: unexpected event for opcode 0x2011
[  302.487785][ T5831] usb 8-1: USB disconnect, device number 3
[  303.115400][ T8945] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.609094][T10110] netlink: 'syz.3.1122': attribute type 10 has an invalid length.
[  303.687230][T10115] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1121'.
[  304.457856][ T7262] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  304.513547][ T7262] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  304.772268][   T28] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  305.834476][   T28] usb 6-1: config 0 has no interfaces?
[  305.853135][   T28] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  305.876145][   T28] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  305.897639][T10133] netlink: 'syz.3.1127': attribute type 1 has an invalid length.
[  305.902210][   T28] usb 6-1: SerialNumber: syz
[  305.954566][T10133] bond1: entered promiscuous mode
[  305.960015][T10133] 8021q: adding VLAN 0 to HW filter on device bond1
[  305.974375][   T28] usb 6-1: config 0 descriptor??
[  306.095729][T10138] bond1: (slave bridge1): making interface the new active one
[  306.103720][T10138] bridge1: entered promiscuous mode
[  306.110207][T10138] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  306.280481][   T28] usb 6-1: USB disconnect, device number 8
[  306.334999][T10133] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  306.382494][T10133] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  306.466737][T10151] syzkaller0: entered promiscuous mode
[  306.480090][T10151] syzkaller0: entered allmulticast mode
[  306.499245][T10151] tipc: Started in network mode
[  306.512466][T10151] tipc: Node identity 9225ae482c18, cluster identity 4711
[  306.532970][T10151] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  306.551935][T10150] tipc: Resetting bearer <eth:syzkaller0>
[  306.674374][T10150] tipc: Disabling bearer <eth:syzkaller0>
[  307.188009][T10160] xt_CT: You must specify a L4 protocol and not use inversions on it
[  309.332168][T10179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1139'.
[  313.902364][  T156] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  315.827874][T10288] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  315.861019][T10288] VFS: Can't find a romfs filesystem on dev nullb0.
[  315.861019][T10288] 
[  318.014821][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  318.024956][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  320.032315][ T7262] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  320.339194][ T7262] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  320.502921][ T7262] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  320.540506][T10342] binder_alloc: 10340: pid 10340 spamming oneway? 2 buffers allocated for a total size of 5120
[  320.688880][ T7262] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  320.798707][T10342] binder_alloc: 10340: pid 10340 spamming oneway? 3 buffers allocated for a total size of 5128
[  320.842181][ T7262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.883530][ T7262] usb 6-1: Product: syz
[  320.887788][ T7262] usb 6-1: Manufacturer: syz
[  320.930834][ T7262] usb 6-1: SerialNumber: syz
[  320.984501][ T7262] cdc_mbim 6-1:1.0: skipping garbage
[  320.989921][ T7262] usb 6-1: selecting invalid altsetting 1
[  321.111058][T10350] x_tables: ip_tables: icmp match: only valid for protocol 1
[  322.008527][ T7262] cdc_mbim 6-1:1.0: failed GET_NTB_PARAMETERS
[  322.062589][ T7262] cdc_mbim 6-1:1.0: bind() failure
[  322.443466][T10328] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  322.479534][T10328] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.442678][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1194'.
[  324.535161][ T8262] usb 6-1: USB disconnect, device number 9
[  333.713177][T10547] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.131171][T10547] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.600480][T10547] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.770802][T10572] loop5: detected capacity change from 0 to 512
[  334.853918][T10572] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  334.910035][T10572] UDF-fs: Scanning with blocksize 512 failed
[  334.937185][T10572] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  334.982656][T10572] UDF-fs: Scanning with blocksize 1024 failed
[  335.046203][T10572] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[  335.083142][T10572] UDF-fs: Scanning with blocksize 2048 failed
[  335.134027][T10572] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  335.138391][T10547] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.200659][T10572] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  335.215340][T10577] netlink: 'syz.0.1231': attribute type 11 has an invalid length.
[  335.521889][T10547] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  335.594921][T10547] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  335.880838][T10547] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  335.992885][T10547] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.406328][T10595] loop7: detected capacity change from 0 to 1024
[  336.470738][T10595] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  338.338967][T10595] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.015887][T10595] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4047: comm syz.7.1234: Allocating blocks 497-513 which overlap fs metadata
[  339.324368][T10595] EXT4-fs (loop7): pa ffff8880772699f8: logic 256, phys. 385, len 8
[  339.333575][T10595] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1
[  342.409868][T10682] debugfs: Directory 'netdev:nicvf0' with parent 'phy5' already present!
[  344.481443][ T8945] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.676776][   T34] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  348.767512][T10770] 9pnet: p9_errstr2errno: server reported unknown error �@0xffffffffffffffff
[  348.907753][T10769] loop5: detected capacity change from 0 to 4096
[  350.137034][   T27] audit: type=1800 audit(2000000001.060:16): pid=10784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1269" name="file1" dev="loop5" ino=33 res=0 errno=0
[  350.584413][T10786] netlink: 'syz.3.1273': attribute type 1 has an invalid length.
[  351.410445][T10789] syzkaller0: entered promiscuous mode
[  351.416095][T10789] syzkaller0: entered allmulticast mode
[  351.967780][   T27] audit: type=1326 audit(2000000002.920:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.003208][   T27] audit: type=1326 audit(2000000002.950:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.032865][   T27] audit: type=1326 audit(2000000002.950:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.087384][   T27] audit: type=1326 audit(2000000002.950:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.150905][   T27] audit: type=1326 audit(2000000002.950:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.209027][   T27] audit: type=1326 audit(2000000002.960:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.268466][   T27] audit: type=1326 audit(2000000002.960:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f412d95c84e code=0x7ffc0000
[  352.326933][T10806] netlink: 'syz.5.1278': attribute type 3 has an invalid length.
[  352.355568][   T27] audit: type=1326 audit(2000000002.960:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  352.379526][T10806] netlink: 'syz.5.1278': attribute type 3 has an invalid length.
[  352.441489][   T27] audit: type=1326 audit(2000000002.960:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10801 comm="syz.7.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  356.571109][T10848] loop5: detected capacity change from 0 to 256
[  356.617004][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  356.617024][   T27] audit: type=1326 audit(2000000007.570:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  356.677737][T10848] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xecc0b056, utbl_chksum : 0xe619d30d)
[  356.729549][   T27] audit: type=1326 audit(2000000007.570:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  356.802209][   T27] audit: type=1326 audit(2000000007.580:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  356.894566][   T27] audit: type=1326 audit(2000000007.580:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  356.992119][   T27] audit: type=1326 audit(2000000007.600:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  357.087733][   T27] audit: type=1326 audit(2000000007.600:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  357.212090][   T27] audit: type=1326 audit(2000000007.600:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  357.312929][   T27] audit: type=1326 audit(2000000007.600:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  357.411688][   T27] audit: type=1326 audit(2000000007.600:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  357.511432][   T27] audit: type=1326 audit(2000000007.600:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  360.266334][T10913] netlink: 'syz.7.1300': attribute type 25 has an invalid length.
[  360.290016][T10913] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1300'.
[  360.525333][T10913] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1300'.
[  360.562317][T10913] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1300'.
[  360.616110][T10913] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.793755][T10920] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1304'.
[  366.152174][ T5778] Bluetooth: hci0: command 0x0406 tx timeout
[  368.813064][T11006] ptrace attach of "./syz-executor exec"[11008] was attempted by "./syz-executor exec"[11006]
[  371.344755][T11035] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1339'.
[  371.356310][T11035] net_ratelimit: 10 callbacks suppressed
[  371.356348][T11035] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  374.397173][T11055] overlayfs: failed to clone upperpath
[  374.486301][T11061] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1348'.
[  374.916101][   T27] kauditd_printk_skb: 6 callbacks suppressed
[  374.916119][   T27] audit: type=1326 audit(2000000025.870:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.002671][   T27] audit: type=1326 audit(2000000025.870:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.033382][   T27] audit: type=1326 audit(2000000025.900:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.057475][   T27] audit: type=1326 audit(2000000025.900:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.081296][   T27] audit: type=1326 audit(2000000025.900:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.134925][   T27] audit: type=1326 audit(2000000025.900:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff7fdd5c84e code=0x7ffc0000
[  375.187762][   T27] audit: type=1326 audit(2000000025.900:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff7fdd5c84e code=0x7ffc0000
[  375.240208][   T27] audit: type=1326 audit(2000000025.900:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.264692][   T27] audit: type=1326 audit(2000000025.900:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  375.289226][   T27] audit: type=1326 audit(2000000025.910:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  379.045280][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  379.051854][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  379.685128][  T141] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  384.193309][T11167] netlink: 228 bytes leftover after parsing attributes in process `syz.7.1381'.
[  385.855539][T11174] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  385.898409][ T7265] wlan1: authenticate with 08:02:11:00:00:00
[  385.929993][ T7265] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  386.021659][T11173] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  386.065883][   T34] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  386.192936][ T1095] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  386.325479][ T1095] wlan1: authentication with 08:02:11:00:00:00 timed out
[  388.440960][T11199] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1390'.
[  391.656435][T11222] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  391.885126][T11225] overlayfs: failed to clone upperpath
[  395.599597][   T27] kauditd_printk_skb: 17 callbacks suppressed
[  395.599616][   T27] audit: type=1326 audit(2000000046.550:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  395.701458][   T27] audit: type=1326 audit(2000000046.550:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  395.782083][   T27] audit: type=1326 audit(2000000046.610:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  395.865602][   T27] audit: type=1326 audit(2000000046.610:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  395.956950][   T27] audit: type=1326 audit(2000000046.610:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  395.999829][T11262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1409'.
[  396.046915][   T27] audit: type=1326 audit(2000000046.610:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  396.131874][   T27] audit: type=1326 audit(2000000046.610:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  396.190455][   T27] audit: type=1326 audit(2000000046.610:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  396.260396][   T27] audit: type=1326 audit(2000000046.610:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  396.338289][   T27] audit: type=1326 audit(2000000046.610:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11257 comm="syz.5.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc293f9bf79 code=0x7ffc0000
[  396.483282][T11262] bond0: (slave bond_slave_0): Releasing backup interface
[  398.303052][T11280] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  398.329934][T11280] CIFS mount error: No usable UNC path provided in device string!
[  398.329934][T11280] 
[  398.341299][T11280] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  401.732603][ T5780] Bluetooth: hci1: command 0x0405 tx timeout
[  403.276239][T11322] fuse: Bad value for 'fd'
[  403.484548][T11326] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1415'.
[  406.344161][T11347] netlink: 'syz.7.1432': attribute type 10 has an invalid length.
[  406.540238][T11347] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  409.297413][T11384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  409.340609][T11384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.424029][T11384] ipvlan2: entered allmulticast mode
[  409.429394][T11384] dummy0: entered allmulticast mode
[  411.121868][T11384] xt_recent: Unsupported userspace flags (000000b1)
[  411.236035][T11410] netlink: 856 bytes leftover after parsing attributes in process `syz.3.1448'.
[  411.674172][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  413.099788][T11424] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  414.612416][T11435] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1457'.
[  414.756390][T11435] vlan0: entered allmulticast mode
[  414.761787][T11435] bridge0: entered allmulticast mode
[  414.768453][T11435] bridge2: port 1(vlan0) entered blocking state
[  414.781189][T11435] bridge2: port 1(vlan0) entered disabled state
[  414.797659][T11435] vlan0: entered promiscuous mode
[  431.902659][T11524] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  432.749942][T11545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1482'.
[  435.741337][T11583] batman_adv: batadv0: Removing interface: batadv_slave_0
[  440.512734][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  440.522359][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  446.082913][ T1110] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  446.997268][T11687] can: request_module (can-proto-0) failed.
[  451.724818][T11711] mmap: syz.5.1530 (11711) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  455.319038][T11737] xt_CONNSECMARK: invalid mode: 0
[  455.351827][T11736] overlayfs: failed to clone upperpath
[  455.530149][ T5778] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  462.749827][T11809] netlink: 'syz.0.1550': attribute type 1 has an invalid length.
[  462.789360][T11809] netlink: 'syz.0.1550': attribute type 1 has an invalid length.
[  473.062653][   T27] audit: type=1326 audit(2000000124.010:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11895 comm="syz.3.1576" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x0
[  475.961248][   T27] audit: type=1326 audit(2000000126.910:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.032158][   T27] audit: type=1326 audit(2000000126.910:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.093395][   T27] audit: type=1326 audit(2000000126.910:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.172081][   T27] audit: type=1326 audit(2000000126.940:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.252040][   T27] audit: type=1326 audit(2000000126.940:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.330893][   T27] audit: type=1326 audit(2000000126.940:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.422055][   T27] audit: type=1326 audit(2000000126.940:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.502133][   T27] audit: type=1326 audit(2000000126.940:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  476.747143][   T27] audit: type=1326 audit(2000000126.960:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11912 comm="syz.7.1581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f412d99bf79 code=0x7ffc0000
[  477.595199][   T34] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  481.729851][T11943] xt_CT: No such helper "pptp"
[  486.956072][T11982] fuse: Bad value for 'fd'
[  489.109842][T11993] netlink: 'syz.3.1600': attribute type 10 has an invalid length.
[  492.139520][T12017] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1605'.
[  498.137049][   T27] kauditd_printk_skb: 104 callbacks suppressed
[  498.137061][   T27] audit: type=1326 audit(2000000149.090:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.238417][   T27] audit: type=1326 audit(2000000149.130:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.309381][   T27] audit: type=1326 audit(2000000149.130:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.382868][   T27] audit: type=1326 audit(2000000149.130:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.449316][   T27] audit: type=1326 audit(2000000149.130:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.565159][   T27] audit: type=1326 audit(2000000149.130:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.664786][   T27] audit: type=1326 audit(2000000149.130:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.727489][   T27] audit: type=1326 audit(2000000149.130:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.792655][   T27] audit: type=1326 audit(2000000149.130:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  498.860842][   T27] audit: type=1326 audit(2000000149.130:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  502.034067][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  502.040475][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  511.612220][ T1110] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  525.443579][T12256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1671'.
[  531.507510][T12338] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1689'.
[  539.282551][   T27] kauditd_printk_skb: 136 callbacks suppressed
[  539.282570][   T27] audit: type=1326 audit(2000000189.310:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  539.457213][   T27] audit: type=1326 audit(2000000189.310:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  539.708351][   T27] audit: type=1326 audit(2000000189.310:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  540.493138][   T27] audit: type=1326 audit(2000000189.310:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  540.612146][   T27] audit: type=1326 audit(2000000189.310:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  540.762068][   T27] audit: type=1326 audit(2000000189.310:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  540.872041][   T27] audit: type=1326 audit(2000000189.310:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  540.986183][   T27] audit: type=1326 audit(2000000189.310:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  541.096200][   T27] audit: type=1326 audit(2000000189.310:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  541.240400][   T27] audit: type=1326 audit(2000000189.310:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12403 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff7fdd9bf79 code=0x7ffc0000
[  543.513068][   T59] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  555.373288][T12502] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1728'.
[  555.382768][T12502] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1728'.
[  557.103182][T12518] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  563.359183][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  563.365848][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  563.526393][T12543] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  577.266455][T12648] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  577.479682][ T3507] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  584.311211][T12682] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  586.393240][T12696] xt_TCPMSS: Only works on TCP SYN packets
[  587.769695][T12701] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  590.744561][T12720] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  602.526181][T12818] capability: warning: `syz.5.1807' uses 32-bit capabilities (legacy support in use)
[  605.952545][T12843] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  606.038707][T12850] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1803'.
[  611.044426][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'.
[  611.058302][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'.
[  611.069404][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'.
[  611.081238][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'.
[  611.091466][T12893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'.
[  612.149497][T12901] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1826'.
[  612.175894][T12901] vlan0: entered promiscuous mode
[  612.181012][T12901] bond0: entered promiscuous mode
[  614.585651][ T3529] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  616.211832][T12928] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  624.798444][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  624.804977][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  628.612814][   T12] ------------[ cut here ]------------
[  628.618963][   T12] WARNING: CPU: 1 PID: 12 at io_uring/io_uring.c:3214 io_ring_exit_work+0x3a7/0x820
[  628.628961][   T12] Modules linked in:
[  628.633877][   T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0
[  628.641316][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  628.652485][   T12] Workqueue: iou_exit io_ring_exit_work
[  628.658097][   T12] RIP: 0010:io_ring_exit_work+0x3a7/0x820
[  628.664228][   T12] Code: 78 23 e8 3c 39 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 23 39 0b f7 e9 b9 fd ff ff e8 19 39 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00
[  628.683999][   T12] RSP: 0018:ffffc90000117a40 EFLAGS: 00010293
[  628.690118][   T12] RAX: ffffffff8a7bda87 RBX: ffff8880411ca000 RCX: ffff88801a27da00
[  628.699042][   T12] RDX: 0000000000000000 RSI: ffffffffffffffd2 RDI: 0000000000000000
[  628.707711][   T12] RBP: ffffc90000117bb0 R08: ffffc900001179c7 R09: 1ffff92000022f38
[  628.716364][   T12] R10: dffffc0000000000 R11: fffff52000022f39 R12: dffffc0000000000
[  628.724974][   T12] R13: ffff8880411ca288 R14: 0000000100007f4f R15: 0000000100007f7d
[  628.733603][   T12] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  628.743454][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  628.750095][   T12] CR2: 00007f26307171c1 CR3: 000000007575a000 CR4: 00000000003506e0
[  628.758729][   T12] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  628.767385][   T12] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  628.776060][   T12] Call Trace:
[  628.779393][   T12]  <TASK>
[  628.782980][   T12]  ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0
[  628.788851][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  628.794878][   T12]  ? process_scheduled_works+0x96f/0x15d0
[  628.800658][   T12]  ? process_scheduled_works+0x96f/0x15d0
[  628.806989][   T12]  process_scheduled_works+0xa5d/0x15d0
[  628.813192][   T12]  ? assign_work+0x430/0x430
[  628.817842][   T12]  ? assign_work+0x3d0/0x430
[  628.823077][   T12]  worker_thread+0xa55/0xfc0
[  628.827755][   T12]  kthread+0x2fa/0x390
[  628.831862][   T12]  ? pr_cont_work+0x560/0x560
[  628.837199][   T12]  ? kthread_blkcg+0xd0/0xd0
[  628.841835][   T12]  ret_from_fork+0x48/0x80
[  628.846923][   T12]  ? kthread_blkcg+0xd0/0xd0
[  628.851565][   T12]  ret_from_fork_asm+0x11/0x20
[  628.856992][   T12]  </TASK>
[  628.860053][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  628.867387][   T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0
[  628.874797][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  628.884894][   T12] Workqueue: iou_exit io_ring_exit_work
[  628.890490][   T12] Call Trace:
[  628.893800][   T12]  <TASK>
[  628.896761][   T12]  dump_stack_lvl+0x18c/0x250
[  628.901485][   T12]  ? show_regs_print_info+0x20/0x20
[  628.906740][   T12]  ? load_image+0x400/0x400
[  628.911294][   T12]  panic+0x2dc/0x730
[  628.915230][   T12]  ? bpf_jit_dump+0xd0/0xd0
[  628.919795][   T12]  ? ret_from_fork_asm+0x11/0x20
[  628.924794][   T12]  __warn+0x2e0/0x470
[  628.928827][   T12]  ? io_ring_exit_work+0x3a7/0x820
[  628.933987][   T12]  ? io_ring_exit_work+0x3a7/0x820
[  628.939145][   T12]  report_bug+0x2be/0x4f0
[  628.943532][   T12]  ? io_ring_exit_work+0x3a7/0x820
[  628.948705][   T12]  ? io_ring_exit_work+0x3a7/0x820
[  628.953860][   T12]  ? io_ring_exit_work+0x3a9/0x820
[  628.959024][   T12]  handle_bug+0xcf/0x120
[  628.963324][   T12]  exc_invalid_op+0x1a/0x50
[  628.967876][   T12]  asm_exc_invalid_op+0x1a/0x20
[  628.972774][   T12] RIP: 0010:io_ring_exit_work+0x3a7/0x820
[  628.978554][   T12] Code: 78 23 e8 3c 39 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 23 39 0b f7 e9 b9 fd ff ff e8 19 39 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00
[  628.998208][   T12] RSP: 0018:ffffc90000117a40 EFLAGS: 00010293
[  629.004326][   T12] RAX: ffffffff8a7bda87 RBX: ffff8880411ca000 RCX: ffff88801a27da00
[  629.012342][   T12] RDX: 0000000000000000 RSI: ffffffffffffffd2 RDI: 0000000000000000
[  629.020360][   T12] RBP: ffffc90000117bb0 R08: ffffc900001179c7 R09: 1ffff92000022f38
[  629.028367][   T12] R10: dffffc0000000000 R11: fffff52000022f39 R12: dffffc0000000000
[  629.036384][   T12] R13: ffff8880411ca288 R14: 0000000100007f4f R15: 0000000100007f7d
[  629.044406][   T12]  ? io_ring_exit_work+0x3a7/0x820
[  629.049587][   T12]  ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0
[  629.055463][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  629.060706][   T12]  ? process_scheduled_works+0x96f/0x15d0
[  629.066479][   T12]  ? process_scheduled_works+0x96f/0x15d0
[  629.072258][   T12]  process_scheduled_works+0xa5d/0x15d0
[  629.077878][   T12]  ? assign_work+0x430/0x430
[  629.082528][   T12]  ? assign_work+0x3d0/0x430
[  629.087214][   T12]  worker_thread+0xa55/0xfc0
[  629.091880][   T12]  kthread+0x2fa/0x390
[  629.096018][   T12]  ? pr_cont_work+0x560/0x560
[  629.100762][   T12]  ? kthread_blkcg+0xd0/0xd0
[  629.105427][   T12]  ret_from_fork+0x48/0x80
[  629.109884][   T12]  ? kthread_blkcg+0xd0/0xd0
[  629.114542][   T12]  ret_from_fork_asm+0x11/0x20
[  629.119368][   T12]  </TASK>
[  629.123005][   T12] Kernel Offset: disabled
[  629.127440][   T12] Rebooting in 86400 seconds..