last executing test programs:

2m46.813393995s ago: executing program 1 (id=793):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x4)

2m45.457551556s ago: executing program 1 (id=795):
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_le_read_num_supported_adv_sets={{0xa}, {0x2, 0x7}}}}, 0x8)

2m45.354988518s ago: executing program 1 (id=797):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000007a40)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000c40)="58c45a76df28ddb6d371211cbdf10db4fd041761a0f08a4a151aa93862601d5edd6b45d819e8ef77a772c1418dee92480d42d116a7ffab21c87584b71bedbf4f152f72a1880ec3f6a6b9f48090611cc3afe4ebb87480c078889722ec446c63f462bfc070dad6226581e788b329a4584a48c4fd60fd06fe064e7d29c0b1e2e8838fe66b33e2d762f1878c60b4096a3251a4f8a3993e6ca4b62fe5b034cc619fb18bb16d86557de4048c5f51dfc18eba0cf5e9077fdaef0ee139a0954543f8b95672d2dbfa00ea9ec01877c9e292d890f51256c3c38848b7c55419207016bd95483761902ab652562375e0634bf3026a95ddb91753047d5d8261c5414a936fe0583aaa2e11568d42b9bccdf4a943e1860d09e68ea32f9d6ea9d651064f0882ad45e2e2f66c1729138a3a401767f70c12cd736d6ec48efebac6f9c3e08bf6d0a2e6a878b6ad65fabb5b57c3c93b3ad1b80846e07afc9929a7f5d604214a1e4020c9f747dc159f29c5796599ee1e71e79314070ae63295ada84278dda34aac447a2a505ba7d997ccc480cf4c372eb96b13cb2eae509bc34fd380b91cd55828f62c05112a3466a766d17c1faabbcc99b56d64492a28dd5bacb1c07b3aaf11af056deeeeeb36476cfffd694f663cd02ace8a644f915b7a7d9ba1393dc28603735467d3a16de2a42102d9c7d853ace516c15348330b0dafc27a8e433a64b7da9dddf89b40247281d8f486e9406630542e4ce10abebac54d474f6bdb5fd6709c12c37a6055e440425d6157f7217677729688b2a1722dee23e50ab36ea3749c4e3b21060aba449f8226fd66408e848f8ee5e5562a7b4513eb14c993d6321033bc80ddff11cca1575a2577df7a66f721df3b2cf41ecd0fa97d052a74db940fd1507e8e4671804de2ff1a852450b4391f30393f8c886d22724ed843ee8df55303521c78ba29fba150d8a986457a39ad9c65ba44badbe9fde2a8e767df5a1341970039fda9d0230a9b02b37e1233a803eed9b6084fb5b3ec4c344d6a054be67826edb31252194abac43d51e08c29c69e768f6ea5a60bcb44072110c6b908ad88887947b673dffaa091632ca67e1aa28c44796858eaee8447a34c71e6d6bf89d5ac744de8a254dc99b4c637e610845329b90275a2b98db718a8c98b1527ab1042e68e302cd1e9020257a4753c2d284e07bf8f51a5b7e3c3d298a4008380c705d0cf22fec63d90d4aa576979578250a427b9769d06eb09f75b4586f89420b6cc6c472a61e872d700c37bc0a719b5af1bab76c95d905cb9dfee1270fed54b1e1395c51601dc25340023d0d749949e4650be8e3e24d4800109759de902517c1b7f5bf7bba6da0db223c61281d2ade145f3026008e7cd11b1da0a3c30b05cc08a104b4e9a1d3133a0115ac5e40112ead4981ea7e059c6de81c89b56888c256146469bf79f869babb73600aaae88e242d9b36955222fb41abd09227eec10de67fa55529df37fd646d8d9bb8f0f4b6e4f2525c6a6d642d74cf1e537143261d9204e47d92d2c57dd765afb99bdc9cb64dcffffbd27fd50847404f50fb1191e037f688d06e15d6d4940f70735537099866dc02e3625fe6edfd0fc4a9af79fb9e533e22614c3cb39186740ed379da3e84f8b412c44dfddb2138ae404eee761cb5a875823b7fab2eb639b16fd7e70386e6515daa2a323abfb5806a17a140fe5a1dd6ad056837b0e1b23e54da360d0c361e1cbe212a03a33e89bf8dbc1cc4418ac46887555c552de972e3f92ffbd0a57b6d5ac74c42f7b87daaab9a0c283a99e27ef9fe0279c71c35913efd9221874000ed29f9af3e301b1e3407695b418a89216673d551a4b6a8f1fd9843ec7a425316a22110ffe432b54fcce8cfac426efdd7a51ba369e4cb459e995f197acaa756512ee03e6edbd699bd2fde8419e02bace8f856c8a8887376eb3c4636fa58673dec09d1e22f4d1804ab55737c53faa82c4576f45f795dbaa72e61134ad96ff602f85ca69860bdf17386ef2a51e59950029b810fa9c8313d20f0983fd8ce75c925d9df982d660e2474c57a2465ee9952270bcee2d1baa71c5217239e8da4bd17e893c242d0ff710fa1815072ddda8e8e7c8578197984f59ca9c1b5b72f99f3d8deb3161f5a321cc8eb06ff3e71e80112e082d01f3c00a8a467c6300dfbac4935bf232c535f09fb5da9598da15f94fc00276518aed1ef6eb9ea78cf1f29a5bc7997b3ff7ad30587b54525c318a5e4804d5d58e2bac225a4cde48852f6f9d548a0bf0ef65255254452c0d20c816b9330232028b73344982e45def367db51e4149b143b1d15e20f3dda96623cd816c92237383bd2797737492c4ff20fc301180cebace33a6946bbe3cb1ed4a330219e5aa31c209a518b060390c6f15e54da0b8165fcc8d950ffa5aab1023937e87f29c9975b1611c610fdd413fb596989a4e943c06bbf629ae5b51d06f3401433633754370386e6f065424bbdc34317d471a14468ccf17e3c2c4dc2e377db0a53f77e8869e5945b9ba195b1b7e7a130a0ae49cf14a9c6e42db96632d3542d46aa159cfd478fccf9d968c741ac4f6b97d27b8591f8363581d6d00bf301e874285cdb467a0df46c2c76c02f5ab59eb809bc38a1b535c8baa3aa07052d5d4b8f33ecf3221fd2833df8f454ceec509852110a238d2a80341d52b0e282c84964130ad126a37eadbc7abee27796b5e6dc83fa70c4911b755dda5ce3695b7a0e6c1ceadf6f4386fab351feddd33b772959b823bcaafc35b1044b00d8c056ecad5de6dfe27eba373e5ee52fa1f9881921ac4e7f6ee2d790f78364f7f3f56e15d8cf50dcd5dd9f817015d2b3c214437fb42564535f0cd33d573f602d8f612343cf44b27d79ba0b0156f44df128046d8ae3e4100ae3227d47be43b52c88f1afba267d51c5a68f47abf61068a9b5e8608294fa87bbd44ed2b4d5db421fdac8e9c6e33dafde65bcfa141e7dae4f0b5bd5a8acd3ae2b57f6cf1f48b10a7b86b8ece845bc9df67b9449b495c898d9efbaafa985238b8d2f994c57cf05bf9157fe502c95ba25f3609f1f8d51f54cbc24a0513cb2b233223486e31d1661bbf581f7ff4bfb0c9faca06554de78de30951f091e295e96cf03d4b4b7f445f9b9a443f3179e480b66398f5fdb2f55e9bb8e5560feacbb90c5b221d693555b697bfb01b13762bf93d9168638051ec92355de6f3b4e9a65cadf13ddfdda8b3e53403bfa8df80e9e98d89474fd67764977d9c1b89574b40ab0930747854b70fe2fdd9ef0cdbf1e9d2d1c088a0cec0492d4558b4d86d5c3b58fd6db6a8fd30807a583039f6af56785d51ebb2f1b9319c86cb242751d14a79a3645745006f152d10ffbea7b591ec91077de0222d67f38f4ed0ca62d1c7a94cff6fd4ea4c5635e5e6cacc68345ed830da27a25a2bc8683d79c0f98fa2f3ffc7c0142086ef63107b38777139c2093631536ea9ffd7af0e101728e32c5b152a4eab3065bd5422a8aa73381ea9c24367b74edcabc06f6c49a8773f2ae0912ef78369a1c605d0c7a5b53633c6c70d8393810ceab96e8c5453111d6185e7298671e3f338e49eb27538a6ca3803947cab54d0672b5ae732184d53e80522e1f35f5216846bc853f6133188a9488a2820f821201f180857601bc79dfe34f7f9878d6d0cadb9c8aeb51ade39807cc5970bb9cae83165cbcb90a11432dda595517e2eaa99cea287dc7f248fa49288a41b39860d3ec4ca3bf3e6b1858572f0113eee8e402ad3082b124901e2d7cba1995a7dcd6a11221bc93ddec61597ec71652aef3d8728d856e5e7485716c5f29abda61e3f6232a1befa7b5690a4f8561d6827f61c93036c3524286cc9a49921bfe04eba2a9a86188a971f01f06c043300d71953bddbbaef07aea45435e939037055aac594f85225c9d8d0f7c99cc50a02f510cc204fbfa53f0d01dcbe26ba2cdcbaa5661e4622adee03eaf3005cc68ad38af4265f413d3c5768a533b15cacef834a62126c43d2cce804be51a9099024612de1370bc3da2c7b3b26c096717d34bde5120dfdb866493f222c2f0606706ede63b94cf45f279622a3aba93854f967e1653d31ff17942657ead6b2f68927222ea32d7285c6b848f53eb3479ec168824ce01d19e07712fc9490cce10a4b0f1c245571c7d909c20f90d2713a0f468ff01cab5cd945b5e579c308d6a179f39c9117c20f7768b80597f904fbeb6cbeb5f714c51eb8e3ae9b814c5852905f59f26aeb21b115647699f5ec75e37537d652cfff690b782cedb5e29261da6dbc7262fafd00f79dc55bb9674550c7340845d53d7c3cb81a0252a22e4e3fe4b1eacf3de20f0815ba916cf15212ab580d9baacffea87c4c378d168f19e718d8127c59d4eb1a64db900aefad7493eed586f75e40c3ea293a64cb8dd0c5e6e9c87b14a78edebaa50e997fe1ac9f2dddd4a168add0a97273df64a0c4c652f00ad5c4f68c3dff8ac2599d83159bffefabe1e9e47f326fac57c42593a5e5d1504c9fcf0e3bbf9c7a4568ab86ec25ccc54346e6bf43cb8ce2bb602a91c23a28db5b62134e422435856d298a84df8387009f87fb301e85253532fc9584a67dcfd2eceaad70f130a60953b3acf90e82a3ad5fa1547236249303469e7f7f7599b5be2953aa8acec2c3342958480054c60cc779aa31848265fdb8a31e36fff8fd7762c1a657d8009cf3a5a333d5ae06bfd85277abad5584f1fcc35ec33f5517847cea32ad4879a0ddd0d5c2d00a13470597c88c6c0dfbb65d4441c42a70895d15764c64e59e22bc6842b9fbf55bb38a3210d2e8c586a1ced46a985f0c2ddfa18e9aa318d0d5fe2e37a33367993fa5de011ebb963e8721a27bc049ecd5c5e156e28404adfc8af275a3949d8d8fd0e96ed2600c770d35408c707d818d536664ed3565eef1724dec30b2a9ef9b08558ab9585dcb87049a6748a9059bc39f29a11805da71d7527e845840b3c863a5815c3dee720e8634886ed8747c86266c94240b0a16347941ac9f825348e9740d788842852987306363f11abede6e91039dfee5cd8a149e1b232420137cbfc71a87ef058ff67b5eac13158ef8b1b9c45c168449870b30a5070b0648eedd1e747427b6ee0c70f1cea7e41fcc6fdc39e13afcf7c92998f9a3f929805eb05a443862efcc42c55bc71398ede4f8f9e47f7215f8ae56b88150b799b056deb1e473ae1a9d9ad0f3a146fb256c7fce2ce020809f265535f8e83694a9bae0f58e9524257de0b58fcb7672d933f4e832388ebdd8f25a5dba33b84ad4f222ddce6b2a229026d247118d6342c393dafbbdda241dcfffa819510c4968a04bfa26a44733c8f460233f3d18f58652c037fdb7c7ed0b8c883827420e3fbead5543c32e75eec2eed2f3804ad8cf597b6001f06b0e35044a9f9f3bc36a6085ea43b2a5154f434c981b877d816cce299b994c41a94649afbb5d9f2d6cd462e3660b1d05463401046c71552406ed346bd2f97a412bdbf223bdf4f49c50a3cb9a457831b3e18fa406912a3b51bed5f111a3d47dabe55c68fd636f62e8c9ba271c6d6b70ee80ec9f88b247c3ff6d2e0af8fb65ee3447db744336ee70b51e4cddd3f4449f0c5c9e02a2f08ab26e5bcdc074a3a2a5703d3acf5a4f95063dca0617da577856b15175f289b334a6e490cb06a00f5b93f0b239048a2ebd0573d5ac307b1399910933600d8cb60ea5861a6fc8dfa6286c9da26591209db9427921c11ca383dcb3aca14c657b9a5d72a7f9a31ab6cce396cf34abf77b155436e1b5afc6c1ccc84d32a315fed00c9f2a58942035", 0xffb}, {&(0x7f00000003c0)="07ebc1bda082", 0x6}], 0x2, 0x0, 0x0, 0x80}], 0x1, 0x4004041)
recvmmsg(r1, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002000)=""/4097, 0x1001}], 0x1}, 0x3}], 0x1, 0x10100, 0x0)

2m44.109863548s ago: executing program 1 (id=802):
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x800000, &(0x7f0000001dc0)=ANY=[], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
utimes(0x0, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc01, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
mount(&(0x7f0000000180)=@md0, &(0x7f00000000c0)='./file0/file0/file0\x00', &(0x7f00000001c0)='efivarfs\x00', 0x88000, &(0x7f0000000240)='\x00')
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

2m43.30158633s ago: executing program 1 (id=807):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@alu={0x7, 0x1, 0xc, 0x3, 0x7}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m42.021329152s ago: executing program 1 (id=811):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x11, &(0x7f0000000040)=0x2, 0x4)

2m41.734968556s ago: executing program 32 (id=811):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x11, &(0x7f0000000040)=0x2, 0x4)

2m38.674021345s ago: executing program 2 (id=823):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x54, 0x1, 0x1, {0x0, 0x1}, {0x60, 0x2}, @period={0x59, 0x0, 0x8, 0x2, 0x448, {0x2, 0x8, 0x679c, 0x401}, 0x0, 0x0}})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TCSETSF(r2, 0x5404, &(0x7f00000005c0)={0x28000, 0xc2cf, 0xb, 0x4, 0x9, "00e4fdab7900f5fb00"})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

2m38.440116069s ago: executing program 2 (id=825):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

2m38.213388993s ago: executing program 2 (id=826):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x1, 0xc8, 0x0, 0x9}}}}, 0x9)

2m38.031634125s ago: executing program 2 (id=828):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2m37.974886226s ago: executing program 2 (id=829):
unshare(0x2000400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = inotify_init1(0x0)
read(r1, 0x0, 0x2000)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
shmctl$IPC_RMID(0x0, 0x0)
unshare(0x46000200)

2m37.323070037s ago: executing program 2 (id=835):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040010)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x40902, 0x100)
sendfile(r0, r0, 0x0, 0x800000009)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x4)

2m36.999286122s ago: executing program 33 (id=835):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040010)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x40902, 0x100)
sendfile(r0, r0, 0x0, 0x800000009)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x4)

1m8.061613088s ago: executing program 0 (id=1329):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x800)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
rt_tgsigqueueinfo(0x0, 0x0, 0x34, &(0x7f00000002c0)={0x3a, 0x0, 0xa})
ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000b40)=ANY=[@ANYBLOB="94000000", @ANYRES16=r5, @ANYBLOB="010800000000010000000b00000008000300", @ANYRES32=r7, @ANYBLOB="30005080110001004abee339084eeef16f162471f400000005000200000000000800030005ac0f000500090001"], 0x94}}, 0x0)

1m5.787873045s ago: executing program 0 (id=1335):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000480)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x6, 0x3a, ')', 0x3a, 'syz0', 0x3a, './file2', 0x3a, [0x50, 0x50, 0x46, 0x46]}, 0x30)

1m5.247046694s ago: executing program 0 (id=1337):
mknod$loop(0x0, 0x6000, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = dup2(r0, r0)
ioctl$BLKTRACESTOP(r1, 0x1275, 0x200000000000000)

1m5.153334785s ago: executing program 0 (id=1341):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000b, 0x13, r0, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x200000b, 0x11, r0, 0x75f2e000)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{}, {0xffffffff}]})

1m4.993417737s ago: executing program 0 (id=1345):
syz_emit_ethernet(0x4e, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b81923", 0x18, 0x0, 0x0, @local, @private1, {[@dstopts={0x0, 0x2, '\x00', [@generic={0x31}, @padn={0x1, 0x2, [0x0, 0x0]}, @calipso={0x7, 0x8, {0x1, 0x0, 0x2, 0x4}}]}]}}}}}, 0x0)

1m4.938093129s ago: executing program 0 (id=1346):
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x2200410, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
close(r1)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

49.88237372s ago: executing program 34 (id=1346):
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x2200410, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
close(r1)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2.237127135s ago: executing program 6 (id=2081):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, 0x0, 0x0)
socket(0x40000000015, 0x805, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$packet(0x11, 0xa, 0x300)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7bfd777b1c012b3a6ca2f68f080c26a04883ad5c0900", "584cbf2649a50f2dbc437ad3c045942824251d7d17b5191584cdd4fbe40a27424d00", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f3bcb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)

2.085084667s ago: executing program 3 (id=2085):
syz_emit_ethernet(0x4e, &(0x7f0000000200)=ANY=[@ANYRES64=0x0], 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
unshare(0x2a020480)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r4, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

2.084907287s ago: executing program 6 (id=2086):
r0 = epoll_create(0xfff)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f00000001c0)={'wg1\x00', {0x2, 0x4e20, @multicast1}})
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x14})

1.90005685s ago: executing program 3 (id=2087):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000500)={r1, &(0x7f0000000400), &(0x7f0000000440)=""/180}, 0x20)

1.854114781s ago: executing program 6 (id=2088):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000140)={'mangle\x00', 0x2, [{}, {}]}, 0x48)

1.785031522s ago: executing program 3 (id=2089):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r2, 0x0, 0x44845)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
write$tun(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000806000003"], 0xfce)

1.697562223s ago: executing program 6 (id=2090):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x7f}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8d}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x40420d0)

1.513011756s ago: executing program 3 (id=2091):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002900), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000032c0)={0x0, 0x0, &(0x7f0000003280)={&(0x7f0000003200)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x88c0}, 0x40c4)

1.201586571s ago: executing program 7 (id=2092):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1b, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x17}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.084580633s ago: executing program 7 (id=2093):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x24060400)
bpf$MAP_GET_NEXT_KEY(0x3, 0x0, 0x0)

920.995826ms ago: executing program 7 (id=2096):
socket$unix(0x1, 0x1, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet(0x2, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300))
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r3], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)
mmap(&(0x7f00005fe000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0xffffc000)
mmap(&(0x7f0000867000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

787.188758ms ago: executing program 6 (id=2098):
r0 = epoll_create(0xfff)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f00000001c0)={'wg1\x00', {0x2, 0x4e20, @multicast1}})
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x14})

764.171948ms ago: executing program 4 (id=2100):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0xbc, 0x0, 0xb, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_COMPAT_NAME={0xa6, 0x1, '\x01\x92hx\xa6b\xa6\xc8\x92\xea\xc2\xba\xd2]l\x9fuD\x93F\x15\xe8DHT\xb9\x80\t,\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00;\x9c\xc3%6+\xa9\xbc\x85 kPC\x12\x93\x8c\xd8\xafJ *\xbeW\x8b\x06\xea\xa9\x127U\x83\\\xb2D\"\xc3t{\xa1}Uey\x11If\xd4Az\xa8\xb7\xad\xeby;\x9c\"\x9e(=\x8e\xc8u\xb7x\xc6\xf1\xfe1\xc7\xcd\x82.\xa2\xc3\x88\x83\xb1\x80\xb2\x93\x1a\x1d\xb6O\x1d\xdd\x91\x029b\v&\xebK\xccC\x90\x15\xd3\xff\xf7\xf4\x88,\x00\x00\x00\x00\x00'}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010)

723.477729ms ago: executing program 3 (id=2101):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x240480d4}, 0x40000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

665.548ms ago: executing program 7 (id=2102):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=@migrate={0xa8, 0x21, 0x1, 0x0, 0x4, {{@in6=@private1, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@mcast2, @in=@private=0xa010100, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@rand_addr=0x6, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0xa8}}, 0x0)

636.02461ms ago: executing program 6 (id=2103):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003500)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x34000041)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b80)={0x80, r2, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x6c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x68, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, 'ecb(camellia)\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, 'ecb(camellia)\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'skcipher\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

635.802341ms ago: executing program 4 (id=2104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1b, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x17}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

623.68363ms ago: executing program 3 (id=2105):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@data_err_abort}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x478, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tppHk4c8OcjbTuzu87M17Njz87YDqBjDaX/JBH7I+LXiOiPiGL9CUO1/24uzZf+WpovJVGpvPZnkj4sbizNl7I/Ud1S+2o7KpUsv6dBuYtvRkyUy1OXs/zo3MV3RmevXH1q+uLE+anzU5fGz5w5eeJoz+nxUy2JM43rxuD7M0cOv/jGtZdLZ6+99ePXaX33Z8fzOFppqPbsNvRoqwtrswMr0kmxjRVhQw5k/b272v/7oyv6lo/1xwsftbVywLaqVCqVRu/PmYUK8B+WRLtrALRH/kaf3v/m2w4NPXaFP56t3QClcd/MttqRYhSyc7rr7m9bqTcizi78/UW6xTbNQwAArPRtOv55stH4rxD3rDjvf9kaysGI+H9EHIqIuyJiICLujqiee29E3LfB8utXSG4f/xSubyqwdUrHf89ka1urx3/56C8OdmW5A9X4u5Nz0+Wp49lzMhzde9L82KqHrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx+4c/xpasM5U+TLisVr7L0Rd/Lmk6frk2NOnx0+N9kZ56vhoflXc7qefF19tVv6W4m+BtP33Nrz+a/Gn94hJb8TslasXquu1sxsvY/G3j0tJk2MDm7z+e5LXq+mebN97E3Nzl8ciepKX0mzfqv3jtx6b5/Pz0/iHjzXu/4dqt2fVZ+L+iEgv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7py95aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref1bbwW38twBAADAv0Wh+hn4pDCynC4URkZqn+EfiL2F8szs3BPnZt69NFn7rPzB6C7kM139K+ZDx7K54Tw/Xpc/kc0bf97VV82PlGbKk+0OHjrcvib9P/V7V7trB2w739eCzqX/Q+fS/6Fz6f/QufR/6FA9jXd/sNP1ANpi4+//vdtSD2DnGf9D59L/oXPp/9CRmn43vrClr/xvMZH/KsyOl15sW8h3TvTtjmrkiSjsimq0LvHKJ7WLbrfUJ08U1/1jFptM7Gl4qJ2vSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK3zTwAAAP//xozjJA==")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_mreq(r4, 0x29, 0x50, 0x0, &(0x7f0000000180))

577.495931ms ago: executing program 5 (id=2106):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r1, 0x5, 0x6, 0x800000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0xc9}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40810}, 0x40040c2)

577.107991ms ago: executing program 7 (id=2107):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000003ec0)=0x13c9, 0x4)
sendmsg$inet(r0, &(0x7f0000005e00)={&(0x7f0000005b80)={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f0000005cc0)=[{&(0x7f0000005bc0)="2a3224d4bcc7", 0x6}], 0x1}, 0x4000000)

549.990691ms ago: executing program 4 (id=2108):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x25, 0x102, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000000280))

469.994183ms ago: executing program 5 (id=2109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

425.354594ms ago: executing program 7 (id=2110):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xff}, 0x1c)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={r3, 0x7}, 0x8)

415.278764ms ago: executing program 4 (id=2111):
syz_emit_ethernet(0x4e, &(0x7f0000000200)=ANY=[@ANYRES64=0x0], 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r7}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

317.086945ms ago: executing program 4 (id=2112):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x5452, 0x0)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xffffffc1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22052, r0, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x300000f, 0x22051, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

173.424907ms ago: executing program 5 (id=2113):
r0 = epoll_create(0xfff)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f00000001c0)={'wg1\x00', {0x2, 0x4e20, @multicast1}})
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x14})

152.036438ms ago: executing program 5 (id=2114):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000000)={0xa, 0x4e20, 0x80004, @dev={0xfe, 0x80, '\x00', 0x2a}}, 0x1c, 0x0}, 0x20044891)

92.743119ms ago: executing program 5 (id=2115):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newtfilter={0x484, 0x28, 0xd27, 0x1004001, 0x0, {0x0, 0x0, 0x0, r3, {0x9, 0x9}, {0x0, 0x9}, {0xd, 0xe}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x454, 0x2, [@TCA_CGROUP_EMATCHES={0x14, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x0, 0x9, 0x5}}}]}]}, @TCA_CGROUP_ACT={0x34, 0x1, [@m_skbedit={0x30, 0x11, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_CGROUP_POLICE={0x408, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8000, 0xa1a, 0x2, 0x8001, 0xfffff800, 0xffffffff, 0x6, 0x7, 0x4861, 0x831, 0x9, 0x3, 0x6, 0x6, 0x4, 0x8, 0xf, 0x8, 0x4, 0x2, 0x9, 0x0, 0x0, 0x3, 0x2, 0x7, 0x5, 0x7, 0x3ff, 0xe65d, 0x6, 0x1000, 0x401, 0x5, 0x6, 0x6, 0x9, 0x0, 0x7fff, 0x2b, 0x1, 0x7, 0x2, 0x7, 0x1, 0x7, 0x8, 0x80000001, 0x5, 0x5f2cc059, 0x9, 0x6dff, 0x7, 0x7, 0x3ff, 0x4a65, 0x40, 0xfffffffc, 0x5, 0x9469, 0x4, 0x1, 0x0, 0x68c, 0x3, 0x1ae7, 0xe48, 0x2, 0x2, 0x4, 0xfffffffc, 0x7, 0xf5, 0x98d, 0xffff, 0xc0, 0x1, 0x2, 0x8, 0x1, 0xb9c, 0x9, 0x7fffffff, 0x5dc4, 0x2, 0x100000, 0x68e, 0xc, 0x0, 0x994f, 0x4, 0x0, 0xfff, 0x8c8, 0x401, 0x3, 0x1, 0x2, 0x7, 0x80000001, 0x0, 0x9, 0x7f, 0x6, 0xeb6a, 0x7fff, 0x2, 0x976, 0x3, 0x7f, 0x9, 0x65d, 0x7, 0x5, 0x7, 0xc, 0xfa, 0x0, 0x1, 0x7, 0x3, 0x2, 0x0, 0xf, 0xe, 0xfffffff9, 0x0, 0x400, 0xf5, 0xa, 0xfffffffe, 0xfffffffb, 0xd, 0x9, 0xff, 0x3, 0x5dce04bf, 0x9, 0x4, 0x5, 0xd, 0x8, 0x7, 0xfffffff8, 0x0, 0x2, 0x10, 0x0, 0x1, 0x28, 0x3, 0x80000000, 0x4784, 0x7, 0x7, 0x4, 0x5, 0x6, 0x7, 0x9, 0x1714, 0x5, 0x4, 0x7, 0x1, 0xffffffff, 0xeaec4000, 0x7cf, 0x5, 0x100, 0x7, 0x0, 0x1, 0x0, 0xaec, 0x3596, 0xfffff511, 0xffffffff, 0x0, 0x3, 0x1, 0x1, 0x7, 0xb3, 0x80000001, 0x0, 0x5, 0x7, 0x6, 0x6, 0x2871, 0x0, 0x80000000, 0x8001, 0x5, 0x4, 0x2, 0x6, 0x8, 0x0, 0x3, 0x1, 0x981, 0xfff, 0xc, 0x4, 0x401, 0x4, 0x8, 0xbb1, 0x1, 0x0, 0xc, 0x40, 0x80000000, 0x6, 0xbe, 0x0, 0x9, 0x10000, 0x6, 0x33, 0x4, 0x400, 0x5c, 0x2, 0x1ff, 0x533, 0x2, 0x3, 0x5, 0x100, 0x7, 0x0, 0x3, 0xfffffffb, 0x6, 0x6, 0x2, 0x2, 0x1, 0x6, 0x416, 0xfc, 0x10001, 0x0, 0x80000000, 0x6, 0x9, 0xffffffc7, 0x9, 0x9816, 0x1, 0x4, 0x101, 0x6]}]}]}}]}, 0x484}, 0x1, 0x0, 0x0, 0x810}, 0x48c0)

1.457771ms ago: executing program 5 (id=2116):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac13000100000000000000000000000000000000000000000a0042"], 0xb8}}, 0x0)

0s ago: executing program 4 (id=2117):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x40, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @assoc_resp={{{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x4}, @broadcast, @device_a, @initial, {0x5, 0xff}}, 0x2021, 0x5c, @default, @void, @void}}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

kernel console output (not intermixed with test programs):

id=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.627" name="bus" dev="loop4" ino=18 res=0 errno=0
[  281.670407][   T23] wacom 0003:056A:0065.0008: unknown main item tag 0x0
[  281.682854][ T6666] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  281.706685][   T23] wacom 0003:056A:0065.0008: unknown main item tag 0x0
[  281.713616][   T23] wacom 0003:056A:0065.0008: unknown main item tag 0x0
[  281.744314][ T6666] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  281.762649][ T6666] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.627: Failed to acquire dquot type 0
[  281.797574][ T6679] loop1: detected capacity change from 0 to 512
[  281.808812][   T23] wacom 0003:056A:0065.0008: unknown main item tag 0x0
[  281.827258][   T23] wacom 0003:056A:0065.0008: Unknown device_type for 'HID 056a:0065'. Assuming pen.
[  281.864851][   T23] wacom 0003:056A:0065.0008: hidraw0: USB HID v0.82 Device [HID 056a:0065] on usb-dummy_hcd.3-1/input0
[  281.908499][ T6679] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  281.919554][ T6686] loop3: detected capacity change from 0 to 256
[  281.932750][   T23] input: Wacom Bamboo Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0065.0008/input/input19
[  281.983227][ T6679] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  282.031505][ T6679] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  282.103502][   T23] usb 4-1: USB disconnect, device number 15
[  282.357630][ T6698] loop3: detected capacity change from 0 to 256
[  282.454783][ T6698] exfat: Deprecated parameter 'utf8'
[  282.560148][   T26] audit: type=1326 audit(1745210430.102:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.4.638" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effd24ee169 code=0x0
[  282.606197][ T6698] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d)
[  282.664796][ T6706] loop1: detected capacity change from 0 to 1024
[  282.853538][ T3085] hfsplus: b-tree write err: -5, ino 4
[  282.980378][ T6710] loop1: detected capacity change from 0 to 256
[  283.051264][ T6712] loop2: detected capacity change from 0 to 1024
[  283.322353][ T6710] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  283.569674][ T6710] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  283.884255][ T6710] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  283.967353][ T6718] loop3: detected capacity change from 0 to 512
[  283.996997][   T26] audit: type=1326 audit(1745210431.542:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5fe78169 code=0x7ffc0000
[  284.172741][ T6718] EXT4-fs (loop3): 1 orphan inode deleted
[  284.178623][ T6718] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  284.189733][ T6718] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.239162][   T26] audit: type=1326 audit(1745210431.682:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5fe78169 code=0x7ffc0000
[  284.995623][ T6734] loop0: detected capacity change from 0 to 256
[  285.045427][ T6738] loop2: detected capacity change from 0 to 512
[  285.094227][ T6737] loop4: detected capacity change from 0 to 1024
[  285.117927][ T6734] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  285.138843][ T6738] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  285.205224][ T6738] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  285.285133][ T6738] System zones: 1-12
[  285.370273][  T154] hfsplus: b-tree write err: -5, ino 4
[  285.383338][ T6738] EXT4-fs (loop2): 1 truncate cleaned up
[  285.413639][ T6738] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[  285.574908][ T6738] fscrypt (loop2, inode 18): Unsupported encryption modes (contents 0, filenames 0)
[  285.599547][ T6752] loop0: detected capacity change from 0 to 1024
[  285.623039][ T6754] loop1: detected capacity change from 0 to 1764
[  285.671349][  T759] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  285.774614][ T5392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.783458][ T5392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.960218][ T6766] loop2: detected capacity change from 0 to 256
[  287.040669][ T6766] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  287.113995][ T6766] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  287.172394][ T6766] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  288.352104][ T6778] loop1: detected capacity change from 0 to 1024
[  288.382553][ T6783] loop2: detected capacity change from 0 to 2048
[  288.397959][ T6785] loop0: detected capacity change from 0 to 1024
[  288.500036][ T6783] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  288.694628][  T144] hfsplus: b-tree write err: -5, ino 4
[  289.259198][ T4795] Bluetooth: hci2: command 0x0409 tx timeout
[  289.398069][   T23] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  289.403313][ T6796] loop4: detected capacity change from 0 to 1024
[  289.511531][  T759] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  289.598735][  T759] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.623858][  T759] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.653772][   T23] usb 4-1: Using ep0 maxpacket: 32
[  289.718656][ T6808] loop0: detected capacity change from 0 to 256
[  289.798513][ T6808] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  289.809806][   T23] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.814168][ T6808] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  289.821232][   T23] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.839954][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  289.840568][ T6808] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  289.847101][   T23] usb 4-1: New USB device found, idVendor=056a, idProduct=030e, bcdDevice= 0.00
[  289.868439][ T5699] usb 2-1: new low-speed USB device number 20 using dummy_hcd
[  289.876094][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.889974][   T23] usb 4-1: config 0 descriptor??
[  290.126285][ T6816] loop0: detected capacity change from 0 to 256
[  290.367763][   T23] wacom 0003:056A:030E.0009: Unknown device_type for 'HID 056a:030e'. Assuming pen.
[  290.394887][   T23] wacom 0003:056A:030E.0009: hidraw0: USB HID v0.07 Device [HID 056a:030e] on usb-dummy_hcd.3-1/input0
[  290.413387][   T23] input: Wacom Intuos S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:030E.0009/input/input23
[  290.431687][ T5699] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  290.485930][ T5699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  290.619401][ T5699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  290.701866][ T5699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  290.762400][ T5699] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  290.809899][ T5699] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  290.820208][ T5699] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.031891][ T5699] usb 2-1: config 0 descriptor??
[  291.056505][ T6803] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  291.145964][ T6830] netlink: 64 bytes leftover after parsing attributes in process `syz.0.683'.
[  291.928927][ T5699] usb 2-1: USB disconnect, device number 20
[  292.003295][ T5709] usb 4-1: USB disconnect, device number 16
[  292.170514][ T6833] loop3: detected capacity change from 0 to 1024
[  293.053874][   T26] audit: type=1800 audit(1745210440.572:98): pid=6840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.684" name="file1" dev="loop3" ino=20 res=0 errno=0
[  293.823053][ T6844] loop2: detected capacity change from 0 to 1024
[  293.918308][ T4324] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  293.948777][ T6848] loop3: detected capacity change from 0 to 256
[  294.048538][ T6848] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  294.084342][ T4324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.124631][ T6848] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  294.127028][ T4324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.188423][ T6848] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  294.249313][ T6852] loop1: detected capacity change from 0 to 1024
[  294.463224][ T6852] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  294.606559][ T6860] loop3: detected capacity change from 0 to 512
[  294.671793][ T6863] loop2: detected capacity change from 0 to 1024
[  294.718671][ T6860] EXT4-fs (loop3): Unrecognized mount option "seclabel" or missing value
[  294.906393][ T6869] loop0: detected capacity change from 0 to 1024
[  294.911278][ T6867] loop4: detected capacity change from 0 to 2048
[  295.012586][ T6867]  loop4: p1 < > p3
[  295.019774][ T6867] loop4: p3 size 134217728 extends beyond EOD, truncated
[  295.277094][ T3547]  loop4: p1 < > p3
[  295.283341][ T3547] loop4: p3 size 134217728 extends beyond EOD, truncated
[  295.425498][ T6881] loop3: detected capacity change from 0 to 1024
[  295.479597][ T4890] usb 3-1: new low-speed USB device number 26 using dummy_hcd
[  296.214493][ T4890] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  296.233113][ T6881] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,data_err=ignore,,errors=continue. Quota mode: writeback.
[  296.383877][ T4890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  296.423975][ T4890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  296.460632][ T4890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  296.489800][ T4890] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  296.510843][ T4890] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  296.538351][ T4890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.601374][ T4890] usb 3-1: config 0 descriptor??
[  296.634149][ T6877] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  296.645562][ T4583] udevd[4583]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  296.648914][ T4296] udevd[4296]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  296.782074][ T4161] udevd[4161]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  296.787788][ T4296] udevd[4296]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  296.897524][ T4890] usb 3-1: USB disconnect, device number 26
[  296.993360][ T6896] loop0: detected capacity change from 0 to 1024
[  297.023497][ T6897] loop3: detected capacity change from 0 to 1024
[  297.047731][ T6899] loop4: detected capacity change from 0 to 256
[  297.143893][    T9] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  297.160787][ T6899] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  297.180414][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.191639][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.203855][ T6899] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  297.284589][ T6897] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  297.522517][ T6899] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  297.971005][ T6914] loop2: detected capacity change from 0 to 736
[  298.176034][ T6919] loop1: detected capacity change from 0 to 256
[  298.198136][ T6914] isofs: Unable to find the ".." directory for NFS.
[  298.223582][ T6921] loop3: detected capacity change from 0 to 1024
[  298.254024][ T4890] usb 1-1: new low-speed USB device number 17 using dummy_hcd
[  298.324685][   T26] audit: type=1800 audit(1745210445.872:99): pid=6921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.715" name="file1" dev="loop3" ino=20 res=0 errno=0
[  298.339280][ T6919] 9pnet: p9_errstr2errno: server reported unknown error tmÿ
[  298.352108][ T6921] attempt to access beyond end of device
[  298.352108][ T6921] loop3: rw=16812033, want=2106, limit=1024
[  298.368118][ T6921] attempt to access beyond end of device
[  298.368118][ T6921] loop3: rw=16812033, want=2560, limit=1024
[  298.407498][ T6923] loop2: detected capacity change from 0 to 1024
[  298.624082][ T4890] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.667715][ T4890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  298.748181][ T4890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  298.772500][ T4890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  298.808831][ T6934] loop3: detected capacity change from 0 to 1024
[  298.815915][ T4890] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  299.088860][ T4890] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  299.297356][ T4680] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  299.309253][ T4890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.349634][ T4890] usb 1-1: config 0 descriptor??
[  299.384308][ T6911] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  299.460564][ T6937] loop1: detected capacity change from 0 to 1024
[  299.467508][ T4552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.497689][ T6937] EXT4-fs (loop1): Ignoring removed nobh option
[  299.507982][ T4552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.549324][ T6937] EXT4-fs (loop1): Ignoring removed bh option
[  299.579582][ T6937] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  299.589692][ T6941] loop4: detected capacity change from 0 to 1024
[  299.637929][ T4889] usb 1-1: USB disconnect, device number 17
[  299.784519][ T6937] EXT4-fs error (device loop1): ext4_orphan_get:1427: comm syz.1.734: bad orphan inode 32767
[  299.817579][ T6937] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  299.818152][ T6941] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  300.144459][   T26] audit: type=1800 audit(1745210447.692:100): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.734" name="file1" dev="loop1" ino=15 res=0 errno=0
[  300.268876][   T26] audit: type=1800 audit(1745210447.712:101): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.734" name="file1" dev="loop1" ino=15 res=0 errno=0
[  300.596528][ T6958] loop0: detected capacity change from 0 to 128
[  300.712220][ T6958] attempt to access beyond end of device
[  300.712220][ T6958] loop0: rw=2051, want=129, limit=128
[  300.833793][ T4889] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  300.851851][ T6963] loop1: detected capacity change from 0 to 512
[  300.881819][ T6961] loop4: detected capacity change from 0 to 2048
[  300.920313][ T6967] loop0: detected capacity change from 0 to 512
[  300.969580][ T6963] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002]
[  301.000389][ T6963] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.731: inode #1: comm syz.1.731: iget: illegal inode #
[  301.020120][ T6963] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.731: error while reading EA inode 1 err=-117
[  301.028113][ T6967] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,max_dir_size_kb=0x0000000000000002,. Quota mode: writeback.
[  301.048905][ T6967] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.069967][ T6963] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.731: inode #1: comm syz.1.731: iget: illegal inode #
[  301.071691][ T6975] loop3: detected capacity change from 0 to 1024
[  301.085101][ T6967] EXT4-fs error (device loop0): ext4_get_first_dir_block:3605: inode #12: block 32: comm syz.0.733: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  301.116883][ T6967] EXT4-fs (loop0): Remounting filesystem read-only
[  301.126669][ T6967] EXT4-fs error (device loop0): ext4_get_first_dir_block:3608: inode #12: comm syz.0.733: directory missing '.'
[  301.126917][ T6963] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.731: error while reading EA inode 1 err=-117
[  301.148712][ T6961] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  301.165831][ T6975] EXT4-fs (loop3): Ignoring removed bh option
[  301.174007][ T6963] EXT4-fs (loop1): 1 orphan inode deleted
[  301.177606][ T6967] EXT4-fs (loop0): Remounting filesystem read-only
[  301.192236][ T6963] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,resgid=0x0000000000000000,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,debug,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none.
[  301.204067][ T4889] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.231070][ T4889] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.241190][ T4889] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  301.255252][ T4889] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  301.264434][ T4889] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.274467][ T4889] usb 3-1: config 0 descriptor??
[  301.288128][ T6975] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=ignore,data_err=abort,barrier=0x0000000000000002,noauto_da_alloc,data_err=ignore,max_dir_size_kb=0x00000000004007b1,noblock_validity,acl,max_batch_time=0x0000000000000007,user_xattr,bh,noinit_itable,,errors=continue. Quota mode: none.
[  301.322171][   T26] audit: type=1800 audit(1745210448.862:102): pid=6975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.736" name="file1" dev="loop3" ino=15 res=0 errno=0
[  301.331547][ T6961] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  301.388886][ T6961] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  301.401241][ T6975] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3876: comm syz.3.736: Allocating blocks 497-513 which overlap fs metadata
[  301.438904][ T6975] EXT4-fs (loop3): pa ffff888060738a80: logic 256, phys. 385, len 8
[  301.447130][ T6975] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  301.530254][ T6961] EXT4-fs (loop4): This should not happen!! Data will be lost
[  301.530254][ T6961] 
[  301.549605][ T6961] EXT4-fs (loop4): Total free blocks count 0
[  301.625395][ T6961] EXT4-fs (loop4): Free/Dirty block details
[  301.644664][ T6961] EXT4-fs (loop4): free_blocks=2415919104
[  301.650522][ T6961] EXT4-fs (loop4): dirty_blocks=16
[  301.663751][ T6961] EXT4-fs (loop4): Block reservation details
[  301.664705][ T6988] loop1: detected capacity change from 0 to 1024
[  301.669779][ T6961] EXT4-fs (loop4): i_reserved_data_blocks=1
[  301.812260][ T4221] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  301.826295][ T4889] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  301.882571][ T4889] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  302.373571][ T1334] usb 3-1: USB disconnect, device number 27
[  302.443769][ T5709] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  302.558742][ T4221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.574439][ T4221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.640187][ T7000] loop0: detected capacity change from 0 to 512
[  302.716637][ T7000] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  302.766383][ T7000] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  302.783919][ T7000] System zones: 1-12
[  302.821333][ T7000] EXT4-fs (loop0): 1 truncate cleaned up
[  302.844242][ T7000] EXT4-fs (loop0): mounted filesystem without journal. Opts: nolazytime,init_itable=0x000000007fffffff,debug,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[  302.864046][ T5709] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  302.898661][ T7000] EXT4-fs warning (device loop0): verify_group_input:165: Last group not full
[  302.909042][ T7011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.744'.
[  302.928637][ T5709] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  302.971704][ T5709] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  303.160846][ T5709] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  303.171574][ T5709] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  303.189594][ T5709] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  303.201137][ T5709] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.261432][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.746'.
[  304.065442][ T5709] usb 5-1: config 0 descriptor??
[  304.084311][ T6996] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  305.673845][ T4889] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  305.717738][   T23] usb 5-1: USB disconnect, device number 13
[  305.934211][ T7030] loop3: detected capacity change from 0 to 1024
[  306.114200][ T4889] usb 3-1: unable to get BOS descriptor or descriptor too short
[  306.164047][ T4889] usb 3-1: not running at top speed; connect to a high speed hub
[  306.243983][ T4889] usb 3-1: config 14 has an invalid interface number: 18 but max is 0
[  306.260137][ T4889] usb 3-1: config 14 has an invalid descriptor of length 0, skipping remainder of the config
[  306.310281][ T4889] usb 3-1: config 14 has no interface number 0
[  306.333567][ T4889] usb 3-1: config 14 interface 18 altsetting 180 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  306.375837][ T4889] usb 3-1: config 14 interface 18 has no altsetting 0
[  306.499050][ T7034] loop4: detected capacity change from 0 to 8
[  306.574022][ T4889] usb 3-1: New USB device found, idVendor=3980, idProduct=0003, bcdDevice=de.62
[  306.581846][ T7034] SQUASHFS error: lzo decompression failed, data probably corrupt
[  306.595827][ T7034] SQUASHFS error: Failed to read block 0x91: -5
[  306.602364][ T7034] SQUASHFS error: Unable to read metadata cache entry [8f]
[  306.608675][ T4889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.623439][ T7034] SQUASHFS error: Unable to read inode 0x11f
[  306.630029][ T4889] usb 3-1: Product: syz
[  306.636240][ T4889] usb 3-1: Manufacturer: syz
[  306.650155][ T4889] usb 3-1: SerialNumber: syz
[  306.827266][ T7036] loop3: detected capacity change from 0 to 1024
[  306.933113][ T7036] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  306.964669][ T4889] rtl8150 3-1:14.18: couldn't find required endpoints
[  306.971562][ T4889] rtl8150: probe of 3-1:14.18 failed with error -5
[  306.986591][ T7036] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.987519][ T4889] usb 3-1: USB disconnect, device number 28
[  307.138364][ T7036] EXT4-fs error (device loop3): ext4_map_blocks:738: inode #15: block 3: comm syz.3.758: lblock 3 mapped to illegal pblock 3 (length 13)
[  307.219752][ T7036] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  307.433290][ T7036] EXT4-fs (loop3): This should not happen!! Data will be lost
[  307.433290][ T7036] 
[  307.940459][ T7051] loop2: detected capacity change from 0 to 128
[  308.893235][ T7051] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  308.910572][ T7051] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  309.008269][ T7059] loop3: detected capacity change from 0 to 512
[  309.163615][ T7059] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  309.282081][ T7059] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  309.346897][ T7076] loop0: detected capacity change from 0 to 1024
[  309.347253][ T7070] loop1: detected capacity change from 0 to 1024
[  309.380495][ T7059] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  309.446077][ T7080] loop4: detected capacity change from 0 to 16
[  309.478750][ T7076] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  309.514031][ T7080] erofs: (device loop4): mounted with root inode @ nid 36.
[  309.522798][ T7076] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.686255][ T7076] EXT4-fs error (device loop0): ext4_map_blocks:738: inode #15: block 3: comm syz.0.770: lblock 3 mapped to illegal pblock 3 (length 13)
[  309.730595][ T7087] loop3: detected capacity change from 0 to 1024
[  309.739451][ T7076] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  309.769828][ T7076] EXT4-fs (loop0): This should not happen!! Data will be lost
[  309.769828][ T7076] 
[  309.847556][ T7087] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  309.858529][ T7087] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.901573][ T7087] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  309.921648][ T7087] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 65 with error 28
[  309.934116][ T7087] EXT4-fs (loop3): This should not happen!! Data will be lost
[  309.934116][ T7087] 
[  309.944659][ T7087] EXT4-fs (loop3): Total free blocks count 0
[  309.952297][ T7087] EXT4-fs (loop3): Free/Dirty block details
[  309.958509][ T7087] EXT4-fs (loop3): free_blocks=4293918720
[  309.964421][ T7087] EXT4-fs (loop3): dirty_blocks=80
[  309.969617][ T7087] EXT4-fs (loop3): Block reservation details
[  309.983763][ T7087] EXT4-fs (loop3): i_reserved_data_blocks=5
[  309.983959][ T4889] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  310.374331][ T4889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  310.385487][ T4889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.395336][ T4889] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  310.408314][ T4889] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  310.417439][ T4889] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.430472][ T4889] usb 5-1: config 0 descriptor??
[  310.915445][ T4889] plantronics 0003:047F:FFFF.000B: unbalanced collection at end of report description
[  310.925531][ T4889] plantronics 0003:047F:FFFF.000B: parse failed
[  310.931787][ T4889] plantronics: probe of 0003:047F:FFFF.000B failed with error -22
[  311.117384][ T4889] usb 5-1: USB disconnect, device number 14
[  311.661623][   T26] audit: type=1326 audit(1745210459.202:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7095 comm="syz.2.777" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a5fe78169 code=0x0
[  311.702762][ T7100] loop0: detected capacity change from 0 to 1024
[  312.949950][ T7124] loop4: detected capacity change from 0 to 1024
[  313.145804][ T7129] loop1: detected capacity change from 0 to 1024
[  313.147773][ T7124] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  313.462096][ T7124] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.900676][ T7124] EXT4-fs error (device loop4): ext4_map_blocks:738: inode #15: block 3: comm syz.4.786: lblock 3 mapped to illegal pblock 3 (length 13)
[  313.938714][ T7124] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  313.952309][ T7124] EXT4-fs (loop4): This should not happen!! Data will be lost
[  313.952309][ T7124] 
[  313.970768][ T7137] loop3: detected capacity change from 0 to 256
[  314.052664][ T7139] loop2: detected capacity change from 0 to 1024
[  314.134511][ T7139] EXT4-fs (loop2): Test dummy encryption mode enabled
[  314.153986][ T7139] EXT4-fs (loop2): Ignoring removed orlov option
[  314.389311][ T7139] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000002007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,mb_optimize_scan=0x0000000000000001,quota,,errors=continue. Quota mode: writeback.
[  315.604397][ T7139] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  315.930056][ T7174] loop3: detected capacity change from 0 to 1024
[  316.792335][ T7174] hfsplus: request for non-existent node 134217728 in B*Tree
[  316.830793][ T7174] hfsplus: request for non-existent node 134217728 in B*Tree
[  317.096453][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  317.102844][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  317.320832][ T7186] loop1: detected capacity change from 0 to 256
[  317.343586][ T7189] loop2: detected capacity change from 0 to 1024
[  317.398245][ T7186] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  318.288147][ T4795] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  318.553871][ T4795] usb 4-1: Using ep0 maxpacket: 8
[  318.673948][ T4795] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  318.712713][ T4795] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  318.723837][ T4795] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  318.739084][ T4795] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  318.787741][   T23] usb 3-1: new low-speed USB device number 29 using dummy_hcd
[  318.798822][ T4795] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  318.810601][ T4795] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  318.821291][ T4795] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.842833][ T4795] usb 4-1: config 0 descriptor??
[  318.874293][ T7198] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  319.167322][ T4174] Bluetooth: hci0: Received unexpected HCI Event 00000000
[  319.168365][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  319.175495][ T4174] Bluetooth: hci0: Received unexpected HCI Event 00000000
[  319.194435][ T4174] Bluetooth: hci0: Received unexpected HCI Event 00000000
[  319.259522][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.279575][   T23] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  319.289869][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.350113][   T23] usb 3-1: config 0 descriptor??
[  319.358915][ T4795] usb 4-1: USB disconnect, device number 17
[  319.969869][   T23] steelseries_srws1 0003:1038:1410.000C: unbalanced delimiter at end of report description
[  321.318415][   T23] steelseries_srws1 0003:1038:1410.000C: parse failed
[  321.362308][   T23] steelseries_srws1: probe of 0003:1038:1410.000C failed with error -22
[  321.433452][   T23] usb 3-1: USB disconnect, device number 29
[  321.451587][ T7210] chnl_net:caif_netlink_parms(): no params data found
[  321.653835][ T4889] Bluetooth: hci5: command 0x0409 tx timeout
[  321.925144][ T7210] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.935582][ T7210] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.957261][ T7210] device bridge_slave_0 entered promiscuous mode
[  322.050750][ T7210] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.162161][ T7210] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.201444][ T7234] loop0: detected capacity change from 0 to 1024
[  322.209154][ T7210] device bridge_slave_1 entered promiscuous mode
[  322.326853][ T7210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.401173][ T7210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.498142][ T7210] team0: Port device team_slave_0 added
[  322.566882][ T7210] team0: Port device team_slave_1 added
[  322.642989][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.673782][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.733800][ T7210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.790921][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.806008][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.873958][ T7210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.999765][ T7210] device hsr_slave_0 entered promiscuous mode
[  323.059102][ T7210] device hsr_slave_1 entered promiscuous mode
[  323.069990][ T7210] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  323.111281][ T7210] Cannot create hsr debugfs directory
[  323.313871][ T4889] usb 1-1: new low-speed USB device number 18 using dummy_hcd
[  323.350933][ T7256] netlink: 'syz.4.831': attribute type 25 has an invalid length.
[  323.373809][ T7256] netlink: 'syz.4.831': attribute type 7 has an invalid length.
[  323.674038][ T4889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  323.703742][ T4889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.733839][ T4889] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  323.763463][ T4889] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.782999][ T7275] loop4: detected capacity change from 0 to 1024
[  323.791019][ T4212] Bluetooth: hci5: command 0x041b tx timeout
[  323.799073][ T4889] usb 1-1: config 0 descriptor??
[  324.020259][ T7210] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  324.081774][ T7210] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  324.113960][ T7210] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  324.147851][ T7210] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  324.296011][ T4889] steelseries_srws1 0003:1038:1410.000D: unbalanced delimiter at end of report description
[  324.330544][ T4889] steelseries_srws1 0003:1038:1410.000D: parse failed
[  324.360178][ T4889] steelseries_srws1: probe of 0003:1038:1410.000D failed with error -22
[  324.907449][ T4889] usb 1-1: USB disconnect, device number 18
[  325.109478][ T7301] loop4: detected capacity change from 0 to 256
[  325.260756][ T7301] loop4: detected capacity change from 0 to 256
[  325.300235][ T7301] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  325.355142][ T7210] 8021q: adding VLAN 0 to HW filter on device bond0
[  325.363899][ T7301] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  325.364936][ T7306] loop3: detected capacity change from 0 to 128
[  325.441584][ T7301] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  325.460427][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  325.484612][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  325.523711][ T7210] 8021q: adding VLAN 0 to HW filter on device team0
[  325.530872][ T7306] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  325.597045][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  325.607775][ T7306] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  325.634560][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  325.655034][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.662179][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  325.717812][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  325.824018][ T4889] Bluetooth: hci5: command 0x040f tx timeout
[  325.846728][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  325.877717][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  325.934978][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.942078][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.984153][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  327.492537][   T13] Bluetooth: hci4: command 0x0409 tx timeout
[  327.549780][ T7333] loop3: detected capacity change from 0 to 256
[  327.625659][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  327.665225][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  327.694007][ T7333] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  327.697169][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  327.767221][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  327.814924][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  327.832034][ T7210] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  327.883964][ T7333] loop_set_status: loop3 () has still dirty pages (nrpages=2)
[  327.893848][ T5699] Bluetooth: hci5: command 0x0419 tx timeout
[  327.914527][ T7210] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  327.974260][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  327.984533][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  328.056411][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  328.108016][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  328.157904][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  328.217701][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  328.247255][ T7295] chnl_net:caif_netlink_parms(): no params data found
[  328.337416][ T7347] loop3: detected capacity change from 0 to 1024
[  328.624243][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  328.631789][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  328.678701][ T7210] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.774229][ T7295] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.785035][ T7295] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.837719][ T7295] device bridge_slave_0 entered promiscuous mode
[  329.034358][ T4552] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.082155][ T7295] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.104264][ T7295] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.112513][ T7295] device bridge_slave_1 entered promiscuous mode
[  329.132331][ T7378] loop3: detected capacity change from 0 to 256
[  329.197350][ T7295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.229350][ T7295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.284002][   T13] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[  329.322526][ T7378] loop3: detected capacity change from 0 to 256
[  329.444902][ T7378] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  329.447617][ T4552] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.491582][ T7378] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  329.537385][ T7295] team0: Port device team_slave_0 added
[  329.562620][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  329.573931][ T5709] Bluetooth: hci4: command 0x041b tx timeout
[  329.581828][ T7378] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  329.597145][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  329.628219][ T7295] team0: Port device team_slave_1 added
[  329.657809][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  329.679019][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.680025][ T7210] device veth0_vlan entered promiscuous mode
[  329.714185][   T13] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  329.728694][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  329.736284][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.745114][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  329.764493][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  329.787311][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  329.788552][   T13] usb 5-1: config 0 descriptor??
[  329.831046][ T4552] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.938284][ T4552] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.944194][ T5709] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  329.976997][ T7210] device veth1_vlan entered promiscuous mode
[  329.996549][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.007214][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.044679][ T7295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.068197][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.075409][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.101881][ T7295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.220768][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  330.234780][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  330.253918][ T5709] usb 1-1: Using ep0 maxpacket: 32
[  330.261674][ T7210] device veth0_macvtap entered promiscuous mode
[  330.289096][ T7295] device hsr_slave_0 entered promiscuous mode
[  330.301243][ T7295] device hsr_slave_1 entered promiscuous mode
[  330.306336][   T13] steelseries_srws1 0003:1038:1410.000E: unbalanced delimiter at end of report description
[  330.317553][ T7295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.327058][   T13] steelseries_srws1 0003:1038:1410.000E: parse failed
[  330.337750][ T7295] Cannot create hsr debugfs directory
[  330.370773][ T7409] loop3: detected capacity change from 0 to 4096
[  330.377535][   T13] steelseries_srws1: probe of 0003:1038:1410.000E failed with error -22
[  330.394198][ T5709] usb 1-1: config 0 has an invalid interface number: 49 but max is 0
[  330.412708][ T5709] usb 1-1: config 0 has no interface number 0
[  330.473273][ T7210] device veth1_macvtap entered promiscuous mode
[  330.564212][ T7409] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  330.582089][   T23] usb 5-1: USB disconnect, device number 15
[  330.624217][ T5709] usb 1-1: New USB device found, idVendor=e8ca, idProduct=159c, bcdDevice=a3.ab
[  330.659280][ T5709] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.688184][ T5709] usb 1-1: Product: syz
[  330.692399][ T5709] usb 1-1: Manufacturer: syz
[  330.709182][ T5709] usb 1-1: SerialNumber: syz
[  330.723387][ T5709] usb 1-1: config 0 descriptor??
[  330.747485][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.767484][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.779362][ T5709] usb-storage 1-1:0.49: USB Mass Storage device detected
[  330.786973][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.804930][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.815219][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.826358][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.839443][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.850364][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.861463][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.872294][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.883617][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.897208][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  330.974815][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  330.990325][ T4795] usb 1-1: USB disconnect, device number 19
[  331.018873][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  331.035388][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  331.063040][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.091703][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.115576][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.127531][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.140576][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.155268][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.167916][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.179314][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.189731][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.200625][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.360343][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_1
[  331.381110][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  331.654619][ T2285] Bluetooth: hci4: command 0x040f tx timeout
[  331.669534][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  332.293956][ T7434] loop0: detected capacity change from 0 to 1024
[  332.347183][ T7210] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.381415][ T7210] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.422458][ T7210] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.474428][ T7210] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.550659][ T7447] loop4: detected capacity change from 0 to 512
[  332.600839][ T7447] EXT4-fs (loop4): old and new quota format mixing
[  332.725774][ T7295] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  332.763241][ T4221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.772240][ T4221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.785265][ T7295] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  332.810367][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  332.845185][ T7295] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  332.887018][ T7295] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  332.937529][ T4739] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.014378][ T4739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.039469][ T7458] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  333.134844][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  333.315406][ T7473] loop0: detected capacity change from 0 to 256
[  333.350529][ T7470] loop5: detected capacity change from 0 to 2048
[  333.419964][ T7295] 8021q: adding VLAN 0 to HW filter on device bond0
[  333.439685][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  333.456306][ T7470] EXT4-fs (loop5): #clusters per group too big: 16384
[  333.473622][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  333.525695][ T7295] 8021q: adding VLAN 0 to HW filter on device team0
[  333.584827][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  333.588300][ T7473] loop0: detected capacity change from 0 to 256
[  333.613837][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  333.653002][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.660389][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  333.699891][ T7473] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  333.723399][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  333.734196][ T2285] Bluetooth: hci4: command 0x0419 tx timeout
[  333.744322][ T7473] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  333.767990][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  333.788096][ T7488] loop5: detected capacity change from 0 to 1024
[  333.795236][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.802365][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.813431][ T7473] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  333.870222][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  333.902046][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  333.942894][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  334.107712][ T7498] loop4: detected capacity change from 0 to 256
[  334.142342][ T7498] FAT-fs (loop4): Unrecognized mount option "iochrset=macromanian" or missing value
[  334.186913][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  334.240757][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  334.290182][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  334.315335][ T7505] loop3: detected capacity change from 0 to 256
[  334.331501][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  334.359778][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  334.373583][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  334.398564][ T7295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  334.424465][ T7505] exfat: Deprecated parameter 'utf8'
[  334.444436][ T7505] exfat: Deprecated parameter 'namecase'
[  334.450154][ T7505] exfat: Deprecated parameter 'utf8'
[  334.455179][ T7295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  334.485871][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  334.536759][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  334.563161][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  334.598406][ T7505] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  334.755626][ T7518] loop4: detected capacity change from 0 to 512
[  334.975671][ T4552] device hsr_slave_0 left promiscuous mode
[  334.991445][ T4552] device hsr_slave_1 left promiscuous mode
[  335.051100][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.060455][ T7533] usb usb1: usbfs: process 7533 (syz.3.888) did not claim interface 0 before use
[  335.154493][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.182164][ T7518] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.884: casefold flag without casefold feature
[  335.182969][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.304746][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.413103][ T7518] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.884: couldn't read orphan inode 15 (err -117)
[  335.439302][ T7518] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  335.440030][ T4552] device bridge_slave_1 left promiscuous mode
[  335.538409][ T4552] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.423360][ T7555] loop3: detected capacity change from 0 to 1024
[  337.556442][ T4552] device bridge_slave_0 left promiscuous mode
[  337.593514][ T4552] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.604678][ T7562] loop0: detected capacity change from 0 to 1024
[  337.680940][ T4552] device veth1_macvtap left promiscuous mode
[  337.691955][ T7562] hfsplus: request for non-existent node 33554434 in B*Tree
[  337.697084][ T4552] device veth0_macvtap left promiscuous mode
[  337.715029][ T4552] device veth1_vlan left promiscuous mode
[  337.728294][ T4552] device veth0_vlan left promiscuous mode
[  337.738967][ T7562] hfsplus: request for non-existent node 33554434 in B*Tree
[  337.768508][ T7564] loop4: detected capacity change from 0 to 1024
[  337.907655][ T7564] hfsplus: small file entry
[  338.553257][ T4552] team0 (unregistering): Port device team_slave_1 removed
[  338.587662][ T4552] team0 (unregistering): Port device team_slave_0 removed
[  338.624898][ T4552] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.672290][ T7579] netlink: 'syz.3.900': attribute type 3 has an invalid length.
[  338.693425][ T4552] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.976838][ T4552] bond0 (unregistering): Released all slaves
[  339.109602][ T4739] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  339.134778][ T4739] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  339.207566][ T7295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.257502][ T7581] loop5: detected capacity change from 0 to 512
[  339.336779][ T7581] EXT4-fs (loop5): Test dummy encryption mode enabled
[  339.537214][ T7581] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.901: invalid indirect mapped block 4294967295 (level 1)
[  339.571563][ T7592] loop0: detected capacity change from 0 to 128
[  339.594301][ T7581] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.901: invalid indirect mapped block 4294967295 (level 1)
[  339.646811][ T7581] EXT4-fs (loop5): 2 truncates cleaned up
[  339.652696][ T7581] EXT4-fs (loop5): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000004004,test_dummy_encryption=v1,,errors=continue. Quota mode: writeback.
[  339.990423][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  340.010790][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  340.381815][ T7295] device veth0_vlan entered promiscuous mode
[  340.423928][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  340.466196][ T7593] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  340.489511][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  340.581712][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  340.642944][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  340.796957][ T7295] device veth1_vlan entered promiscuous mode
[  341.082925][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  341.095972][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  341.116643][ T7295] device veth0_macvtap entered promiscuous mode
[  341.125926][ T7623] loop0: detected capacity change from 0 to 1024
[  341.154310][ T7295] device veth1_macvtap entered promiscuous mode
[  341.213610][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.283706][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.333154][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.380854][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.396685][ T7628] loop3: detected capacity change from 0 to 1024
[  341.415544][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.450763][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.471173][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.510916][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.541461][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.572535][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.605383][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.636323][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  341.650550][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  341.687839][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  341.718707][ T7628] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  341.730512][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  341.804453][ T7628] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.826658][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.873855][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.941373][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.982603][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.030399][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.062758][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.093236][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.133012][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.153856][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.173716][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.212450][  T144] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:1: bg 0: block 393: padding at end of block bitmap is not set
[  342.235890][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  342.249824][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  342.286104][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  342.295545][  T144] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  342.365961][ T7295] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  342.403914][  T144] EXT4-fs (loop3): This should not happen!! Data will be lost
[  342.403914][  T144] 
[  342.409002][ T7295] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  342.470355][ T7295] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  342.505011][ T7295] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.511237][   T26] audit: type=1326 audit(1745210490.051:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.911" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdfbce4f169 code=0x0
[  342.803020][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.832054][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.915293][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  342.931621][ T5392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.968019][ T5392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.049436][ T3085] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  343.164330][ T7665] sch_tbf: burst 3 is lower than device lo mtu (65550) !
[  343.314023][ T7670] Invalid ELF header type: 0 != 1
[  344.508311][ T7683] loop5: detected capacity change from 0 to 1024
[  344.746722][ T7689] loop6: detected capacity change from 0 to 2048
[  346.543014][ T7689] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  346.972594][ T7706] loop5: detected capacity change from 0 to 1024
[  347.383049][ T7706] hfsplus: request for non-existent node 33554434 in B*Tree
[  347.401126][ T7717] loop3: detected capacity change from 0 to 256
[  347.458074][ T7706] hfsplus: request for non-existent node 33554434 in B*Tree
[  349.238471][ T7726] loop5: detected capacity change from 0 to 164
[  349.298489][ T7726] Unable to read rock-ridge attributes
[  349.678671][ T7737] loop6: detected capacity change from 0 to 1024
[  353.098348][ T7775] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  353.431306][    C1] Unknown status report in ack skb
[  353.923330][ T7794] loop0: detected capacity change from 0 to 512
[  354.063616][ T7794] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  354.258329][ T7794] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000007fff,jqfmt=vfsold,noquota,journal_ioprio=0x0000000000000000,barrier=0x0000000000000003,,errors=continue. Quota mode: writeback.
[  354.313972][ T7794] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.415511][ T7809] loop4: detected capacity change from 0 to 1024
[  354.477562][ T7794] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2932: inode #15: comm syz.0.949: corrupted xattr block 32
[  354.553862][ T7794] EXT4-fs warning (device loop0): ext4_evict_inode:302: xattr delete (err -117)
[  354.691068][ T7821] loop6: detected capacity change from 0 to 1024
[  354.832270][    C1] Unknown status report in ack skb
[  354.906405][ T7821] EXT4-fs (loop6): Mount option "nouser_xattr" will be removed by 3.5
[  354.906405][ T7821] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  354.906405][ T7821] 
[  355.493868][ T4212] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  356.067101][ T4212] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  356.520690][ T4212] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.557697][ T4212] usb 4-1: config 0 descriptor??
[  356.605844][ T4212] cp210x 4-1:0.0: cp210x converter detected
[  356.800325][ T7860] loop6: detected capacity change from 0 to 1024
[  356.868265][ T7865] loop0: detected capacity change from 0 to 256
[  356.997579][ T7865] loop0: detected capacity change from 0 to 256
[  357.026896][ T7860] hfsplus: keylen 65060 too large
[  357.032364][ T7860] hfsplus: xattr searching failed
[  357.033267][ T7869] loop5: detected capacity change from 0 to 256
[  357.055386][ T4212] usb 4-1: cp210x converter now attached to ttyUSB0
[  357.065399][ T7865] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  357.085404][ T4212] usb 4-1: USB disconnect, device number 18
[  357.113951][ T7865] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  357.115267][ T4212] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  357.148258][ T4212] cp210x 4-1:0.0: device disconnected
[  357.193546][ T7865] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  357.879532][ T7877] loop6: detected capacity change from 0 to 512
[  357.932658][    C0] Unknown status report in ack skb
[  357.954678][ T7877] EXT4-fs (loop6): Ignoring removed nobh option
[  358.019258][ T7882] loop4: detected capacity change from 0 to 1024
[  358.056135][ T7877] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  358.143863][ T7877] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  358.168675][ T7877] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.970: Corrupt directory, running e2fsck is recommended
[  358.217147][ T7877] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  358.269156][ T7877] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.970: corrupted in-inode xattr
[  358.299743][ T7887] loop3: detected capacity change from 0 to 2048
[  358.340525][ T7877] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.970: couldn't read orphan inode 15 (err -117)
[  358.360469][ T7877] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,auto_da_alloc=0x0000000000000004,jqfmt=vfsold,auto_da_alloc,grpjquota=.journal_checksum,barrier=0x0000000000000007,nobh,grpid,,,errors=continue. Quota mode: writeback.
[  358.378911][ T7894] loop0: detected capacity change from 0 to 1024
[  358.399925][ T7887]  loop3: p1 < > p3
[  358.422430][ T7887] loop3: p3 size 134217728 extends beyond EOD, truncated
[  358.825303][ T7877] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  358.921105][ T4296] udevd[4296]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  358.930770][ T5314] udevd[5314]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  358.992780][ T7877] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  359.043928][ T7877] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.970: Corrupt directory, running e2fsck is recommended
[  359.126373][ T7909] loop4: detected capacity change from 0 to 16
[  359.158471][ T7909] erofs: (device loop4): mounted with root inode @ nid 36.
[  360.060364][ T7922] 9pnet: Insufficient options for proto=fd
[  360.811169][ T7935] loop3: detected capacity change from 0 to 256
[  360.991203][ T7941] loop4: detected capacity change from 0 to 1024
[  361.940198][ T7935] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  361.976929][ T7935] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  362.019503][ T7935] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  362.057945][ T7955] loop6: detected capacity change from 0 to 256
[  362.086339][ T7935] exFAT-fs (loop3): hint_cluster is invalid (17)
[  362.297066][ T5709] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  362.583883][ T5709] usb 6-1: Using ep0 maxpacket: 32
[  362.714505][ T5709] usb 6-1: config 0 has an invalid interface number: 221 but max is 0
[  362.734551][ T5709] usb 6-1: config 0 has no interface number 0
[  362.741441][ T5709] usb 6-1: config 0 interface 221 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  363.910808][ T5709] usb 6-1: config 0 interface 221 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  363.997860][ T5709] usb 6-1: config 0 interface 221 has no altsetting 0
[  364.214068][ T5709] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=34.88
[  364.224600][ T5709] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.256718][ T5709] usb 6-1: Product: syz
[  364.260963][ T5709] usb 6-1: Manufacturer: syz
[  364.291525][ T5709] usb 6-1: SerialNumber: syz
[  364.333518][ T5709] usb 6-1: config 0 descriptor??
[  364.364185][ T7953] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  364.393889][ T2285] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  364.507929][ T7992] loop4: detected capacity change from 0 to 512
[  364.595670][ T7992] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  364.613972][ T7992] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.619559][ T5709] usb 6-1: USB disconnect, device number 2
[  364.768781][ T2285] usb 1-1: config 0 has an invalid interface number: 95 but max is 0
[  365.608332][ T2285] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.639176][ T2285] usb 1-1: config 0 has no interface number 0
[  365.654204][ T2285] usb 1-1: config 0 interface 95 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  365.732649][ T2285] usb 1-1: config 0 interface 95 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  365.762936][ T8006] loop3: detected capacity change from 0 to 1024
[  365.797232][ T8008] loop5: detected capacity change from 0 to 1764
[  365.934055][ T2285] usb 1-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46
[  365.969249][ T2285] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.000612][ T2285] usb 1-1: Product: syz
[  366.024216][ T2285] usb 1-1: Manufacturer: syz
[  366.042045][ T8013] loop4: detected capacity change from 0 to 256
[  366.047122][ T2285] usb 1-1: SerialNumber: syz
[  366.052956][ T8015] loop5: detected capacity change from 0 to 256
[  366.077336][ T8015] FAT-fs (loop5): Unrecognized mount option "iochrset=macromanian" or missing value
[  366.085139][ T2285] usb 1-1: config 0 descriptor??
[  366.109283][ T8013] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  366.126296][ T8013] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  366.423995][ T2285] usb 1-1: MIDIStreaming interface descriptor not found
[  366.438805][ T8019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1010'.
[  366.547076][ T2285] usb 1-1: USB disconnect, device number 20
[  366.766404][ T8026] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  366.925065][ T4300] udevd[4300]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.95/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  367.014048][   T13] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  367.230677][ T8043] loop5: detected capacity change from 0 to 256
[  367.253957][   T13] usb 5-1: Using ep0 maxpacket: 16
[  367.315469][ T8043] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  367.361545][ T8051] loop3: detected capacity change from 0 to 128
[  367.364420][ T8043] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  367.379332][ T8049] loop6: detected capacity change from 0 to 1024
[  367.386208][   T13] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  367.400703][   T13] usb 5-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  367.430798][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.473813][   T26] audit: type=1800 audit(1745210515.011:105): pid=8051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1023" name="file0" dev="loop3" ino=1048716 res=0 errno=0
[  367.518937][ T5392] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  367.528104][   T13] usb 5-1: config 0 descriptor??
[  367.577552][ T5392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.627500][ T5392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.394076][ T2285] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  368.424747][ T8067] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  369.475897][   T13] logitech 0003:046D:C626.000F: unbalanced delimiter at end of report description
[  370.662957][   T26] audit: type=1326 audit(1745210518.201:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbce4f169 code=0x7ffc0000
[  370.685905][ T2285] usb 4-1: Using ep0 maxpacket: 32
[  370.744214][   T13] logitech 0003:046D:C626.000F: parse failed
[  370.750293][   T13] logitech: probe of 0003:046D:C626.000F failed with error -22
[  370.813837][ T2285] usb 4-1: device descriptor read/all, error -71
[  370.908498][   T13] usb 5-1: USB disconnect, device number 16
[  371.052513][ T8094] loop0: detected capacity change from 0 to 256
[  371.084165][ T8085] loop4: detected capacity change from 0 to 256
[  371.120574][ T8094] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  371.148483][ T8094] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  371.472125][ T8106] loop0: detected capacity change from 0 to 1024
[  371.545357][ T8106] hfsplus: unable to parse mount options
[  371.558996][ T8108] device batadv_slave_1 entered promiscuous mode
[  371.584912][ T8107] device batadv_slave_1 left promiscuous mode
[  371.842153][ T8115] device wireguard0 entered promiscuous mode
[  372.090522][ T8119] loop0: detected capacity change from 0 to 128
[  372.161922][ T8119] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  372.422867][ T8125] loop3: detected capacity change from 0 to 128
[  372.625500][ T8125] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  372.721221][ T8125] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  372.757845][ T8124] loop6: detected capacity change from 0 to 8192
[  374.057256][ T8155] loop3: detected capacity change from 0 to 256
[  374.185887][ T8155] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  374.248971][ T8155] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  374.298920][ T8165] loop6: detected capacity change from 0 to 1024
[  374.376729][ T8165] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  374.412226][ T8165] EXT4-fs (loop6): Ignoring removed orlov option
[  374.439469][ T8165] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  374.573075][ T8165] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,usrquota,sysvgroups,norecovery,nomblk_io_submit,orlov,errors=remount-ro,i_version,nomblk_io_submit,. Quota mode: writeback.
[  374.595941][ T8175] binder: BINDER_SET_CONTEXT_MGR already set
[  374.596838][ T8182] binder: BINDER_SET_CONTEXT_MGR already set
[  374.601955][ T8175] binder: 8173:8175 ioctl 4018620d 200000000040 returned -16
[  374.615560][ T8182] binder: 8181:8182 ioctl 4018620d 2000000001c0 returned -16
[  374.617751][ T8179] loop3: detected capacity change from 0 to 128
[  374.704760][ T8165] EXT4-fs error (device loop6): ext4_xattr_set_entry:1615: inode #13: comm syz.6.1057: corrupted xattr entries
[  374.779563][ T8179] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  374.782831][ T8165] EXT4-fs (loop6): Remounting filesystem read-only
[  375.572695][ T8196] loop5: detected capacity change from 0 to 1024
[  375.609062][ T8196] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  375.626976][ T8196] EXT4-fs (loop5): Ignoring removed orlov option
[  375.633374][ T8196] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  375.771073][ T8199] loop6: detected capacity change from 0 to 2048
[  375.830787][ T8196] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,usrquota,sysvgroups,norecovery,nomblk_io_submit,orlov,errors=remount-ro,i_version,nomblk_io_submit,. Quota mode: writeback.
[  375.878773][ T8199] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  376.344759][   T26] audit: type=1326 audit(1745210523.881:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.526342][ T8209] loop4: detected capacity change from 0 to 256
[  376.563526][ T8196] EXT4-fs error (device loop5): ext4_xattr_set_entry:1615: inode #13: comm syz.5.1074: corrupted xattr entries
[  376.598486][ T8211] fuse: Bad value for 'fd'
[  376.624020][   T26] audit: type=1326 audit(1745210523.911:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.648758][ T8196] EXT4-fs (loop5): Remounting filesystem read-only
[  376.650624][   T26] audit: type=1326 audit(1745210523.951:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.682878][ T8209] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  376.773750][   T26] audit: type=1326 audit(1745210524.061:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.933622][   T26] audit: type=1326 audit(1745210524.061:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.956995][   T26] audit: type=1326 audit(1745210524.061:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  376.979757][   T26] audit: type=1326 audit(1745210524.061:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  377.002574][   T26] audit: type=1326 audit(1745210524.061:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88962a3169 code=0x7ffc0000
[  377.105986][ T8225] loop4: detected capacity change from 0 to 2048
[  377.119234][   T26] audit: type=1326 audit(1745210524.061:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f88962a1ad0 code=0x7ffc0000
[  377.181424][ T8225] EXT4-fs (loop4): Ignoring removed bh option
[  377.214220][ T2285] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  377.320989][ T8225] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  377.398200][   T26] audit: type=1326 audit(1745210524.061:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.6.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f88962a4997 code=0x7ffc0000
[  377.473911][ T2285] usb 7-1: Using ep0 maxpacket: 16
[  377.555562][ T8238] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  377.593996][ T2285] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  377.623481][ T2285] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  377.653903][ T2285] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  377.684211][ T8238] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 166 with error 28
[  377.749454][ T8238] EXT4-fs (loop4): This should not happen!! Data will be lost
[  377.749454][ T8238] 
[  377.759232][ T8238] EXT4-fs (loop4): Total free blocks count 0
[  377.766047][ T8238] EXT4-fs (loop4): Free/Dirty block details
[  377.771983][ T8238] EXT4-fs (loop4): free_blocks=2415919104
[  377.778271][ T8238] EXT4-fs (loop4): dirty_blocks=176
[  377.783497][ T8238] EXT4-fs (loop4): Block reservation details
[  377.790009][ T8238] EXT4-fs (loop4): i_reserved_data_blocks=11
[  378.298528][ T2285] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  378.569635][  T154] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 54 with error 28
[  378.666756][ T8250] loop5: detected capacity change from 0 to 128
[  378.861454][  T154] EXT4-fs (loop4): This should not happen!! Data will be lost
[  378.861454][  T154] 
[  379.619102][ T2285] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.627241][ T2285] usb 7-1: Product: syz
[  379.631428][ T2285] usb 7-1: Manufacturer: syz
[  379.636525][ T2285] usb 7-1: SerialNumber: syz
[  379.737308][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  379.743799][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  379.983988][ T2285] usb 7-1: 0:2 : does not exist
[  380.344346][ T2285] usb 7-1: 1:0: cannot get min/max values for control 4 (id 1)
[  380.639782][ T8250] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  381.008213][ T2285] usb 7-1: USB disconnect, device number 2
[  381.068856][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  381.091839][ T8272] fuse: Bad value for 'fd'
[  381.209710][ T8275] loop4: detected capacity change from 0 to 1024
[  381.347974][ T4324] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  381.398502][ T4324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.419113][ T4324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.441471][ T8286] loop6: detected capacity change from 0 to 1024
[  381.912221][ T8318] loop6: detected capacity change from 0 to 128
[  381.993057][ T8318] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  382.008286][ T8323] fuse: Bad value for 'fd'
[  382.057420][ T8325] loop4: detected capacity change from 0 to 1024
[  382.111092][ T8325] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  382.140117][ T8325] EXT4-fs (loop4): Ignoring removed orlov option
[  382.156525][ T8325] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  382.199115][ T8325] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,usrquota,sysvgroups,norecovery,nomblk_io_submit,orlov,errors=remount-ro,i_version,nomblk_io_submit,. Quota mode: writeback.
[  382.235898][ T8325] EXT4-fs error (device loop4): ext4_xattr_set_entry:1615: inode #13: comm syz.4.1098: corrupted xattr entries
[  382.261627][ T8325] EXT4-fs (loop4): Remounting filesystem read-only
[  383.222850][  T154] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  383.412551][  T154] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  385.327118][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  385.327135][   T26] audit: type=1326 audit(1745210532.871:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbce4f169 code=0x7ffc0000
[  385.387069][   T26] audit: type=1326 audit(1745210532.901:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  385.529107][   T26] audit: type=1326 audit(1745210532.901:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  385.664945][   T26] audit: type=1326 audit(1745210532.901:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  385.768720][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1137'.
[  385.843256][   T26] audit: type=1326 audit(1745210532.901:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  385.877065][   T26] audit: type=1326 audit(1745210532.901:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  385.911167][   T26] audit: type=1326 audit(1745210532.901:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  386.026126][   T26] audit: type=1326 audit(1745210532.901:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  386.113723][   T26] audit: type=1326 audit(1745210532.901:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  387.118020][   T26] audit: type=1326 audit(1745210532.901:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8435 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdfbcdeb359 code=0x7ffc0000
[  388.309653][  T154] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  388.415080][ T4680] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.443897][ T4680] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.549267][ T8495] loop4: detected capacity change from 0 to 8
[  389.644460][ T8495] SQUASHFS error: Unable to read inode 0xa7
[  390.195475][ T8515] loop4: detected capacity change from 0 to 1024
[  390.368272][   T26] kauditd_printk_skb: 217 callbacks suppressed
[  390.368288][   T26] audit: type=1326 audit(1745210537.911:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7effd24ee1f7 code=0x7ffc0000
[  390.485934][   T26] audit: type=1326 audit(1745210537.941:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7effd24ecad0 code=0x7ffc0000
[  390.561759][   T26] audit: type=1326 audit(1745210537.941:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7effd24edd6b code=0x7ffc0000
[  390.619781][   T26] audit: type=1326 audit(1745210537.951:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7effd24edd6b code=0x7ffc0000
[  390.683145][   T26] audit: type=1326 audit(1745210537.951:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7effd2520a25 code=0x7ffc0000
[  390.771029][   T26] audit: type=1326 audit(1745210537.951:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7effd24edd6b code=0x7ffc0000
[  390.851321][   T26] audit: type=1326 audit(1745210537.951:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7effd24ecdca code=0x7ffc0000
[  391.856099][   T26] audit: type=1326 audit(1745210537.951:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7effd24ecdca code=0x7ffc0000
[  391.933871][   T26] audit: type=1326 audit(1745210537.971:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd24ee169 code=0x7ffc0000
[  391.986132][   T26] audit: type=1326 audit(1745210537.971:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd24ee169 code=0x7ffc0000
[  392.196253][ T8545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1173'.
[  392.428047][ T8554] loop4: detected capacity change from 0 to 256
[  393.545195][ T8559] blktrace: Concurrent blktraces are not allowed on loop0
[  394.285158][ T8554] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  394.349329][ T8554] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  394.699664][ T8569] loop4: detected capacity change from 0 to 1024
[  395.163240][ T8569] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  395.209160][ T8569] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  395.318270][ T4554] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  395.511056][ T4554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.533963][ T4554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.764073][ T8611] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  396.803341][ T4186] Bluetooth: hci4: link tx timeout
[  396.809184][ T4186] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  397.625602][ T8628] blktrace: Concurrent blktraces are not allowed on loop12
[  397.836526][ T8639] xt_CT: You must specify a L4 protocol and not use inversions on it
[  398.853881][ T4216] Bluetooth: hci4: command 0x0406 tx timeout
[  401.830263][ T8678] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1226'.
[  402.600351][ T8704] loop4: detected capacity change from 0 to 512
[  402.698083][ T8704] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1238: Invalid inode bitmap blk 4 in block_group 0
[  402.731237][ T8704] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  404.328255][ T8728] loop4: detected capacity change from 0 to 256
[  404.408701][ T8728] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  404.614948][ T8741] loop4: detected capacity change from 0 to 8
[  404.677984][ T8741] squashfs image failed sanity check
[  404.977758][ T4552] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  405.019867][ T4552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.052192][ T4552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.234000][ T4175] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  405.584084][ T4175] usb 5-1: Using ep0 maxpacket: 32
[  406.023852][ T4175] usb 5-1: unable to get BOS descriptor or descriptor too short
[  406.055719][ T8766] fuse: Bad value for 'fd'
[  406.141531][ T4175] usb 5-1: config 128 has an invalid interface number: 127 but max is 3
[  406.155123][ T8771] device batadv_slave_1 entered promiscuous mode
[  406.168430][ T4175] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  406.193900][ T4175] usb 5-1: config 128 has 1 interface, different from the descriptor's value: 4
[  406.203328][ T8770] device batadv_slave_1 left promiscuous mode
[  406.213211][ T4175] usb 5-1: config 128 has no interface number 0
[  406.239765][ T4175] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 169, changing to 11
[  406.272019][ T4175] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid maxpacket 26196, setting to 1024
[  406.315811][ T4175] usb 5-1: config 128 interface 127 has no altsetting 0
[  406.524058][ T4175] usb 5-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  406.539265][ T4175] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.558136][ T4175] usb 5-1: Product: syz
[  406.583942][ T4175] usb 5-1: Manufacturer: syz
[  406.610694][ T4175] usb 5-1: SerialNumber: syz
[  406.674321][ T8741] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  407.257043][ T4742] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  407.467671][ T4742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.489173][ T4742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.644228][ T4175] usb 5-1: USB disconnect, device number 17
[  407.826763][ T8821] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1288'.
[  407.935111][ T8696] udevd[8696]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  409.251635][ T8857] loop4: detected capacity change from 0 to 512
[  409.312172][ T4742] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  409.325004][ T8857] EXT4-fs (loop4): Ignoring removed bh option
[  409.331450][ T8857] EXT4-fs (loop4): Ignoring removed orlov option
[  409.339345][ T8857] EXT4-fs (loop4): Test dummy encryption mode enabled
[  409.351211][ T8857] EXT4-fs (loop4): Ignoring removed bh option
[  409.389408][ T4742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  409.410999][ T4742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  409.430339][ T8857] EXT4-fs (loop4): 1 truncate cleaned up
[  409.436503][ T8857] EXT4-fs (loop4): mounted filesystem without journal. Opts: bh,norecovery,orlov,test_dummy_encryption,bh,lazytime,,errors=continue. Quota mode: none.
[  409.779656][ T8871] xt_CT: You must specify a L4 protocol and not use inversions on it
[  410.681582][ T8884] 9pnet: Insufficient options for proto=fd
[  412.429353][ T8899] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1318'.
[  412.483885][ T8899] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1318'.
[  412.560857][ T4680] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  412.592657][ T4680] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.620570][ T4680] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  412.779981][ T8908] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1325'.
[  415.916937][ T8956] loop4: detected capacity change from 0 to 1024
[  416.144028][ T4742] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  417.392519][ T4742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.561898][ T4742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.911733][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  417.929642][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  417.952379][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  417.962530][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  417.979469][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  417.991646][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  418.001612][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  418.011681][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  418.022777][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  418.032560][ T8989] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1349'.
[  418.044094][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  418.053394][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  418.061468][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  418.433592][ T8996] loop4: detected capacity change from 0 to 512
[  418.660029][ T8996] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1360: Invalid inode bitmap blk 4 in block_group 0
[  418.683418][ T8996] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  420.781342][ T9006] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  421.928384][ T9032] loop4: detected capacity change from 0 to 1024
[  422.331975][ T9036] loop4: detected capacity change from 0 to 128
[  424.211133][ T9074] 9pnet: Insufficient options for proto=fd
[  426.829977][ T9092] loop4: detected capacity change from 0 to 512
[  427.491772][ T9092] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1392: Invalid inode bitmap blk 4 in block_group 0
[  427.548928][ T9092] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  427.838719][ T9113] 9pnet: Insufficient options for proto=fd
[  428.729993][ T9133] loop4: detected capacity change from 0 to 1024
[  429.055156][ T9145] Illegal XDP return value 3819782847, expect packet loss!
[  429.101157][ T9147] 9pnet: Insufficient options for proto=fd
[  430.869024][ T9154] __nla_validate_parse: 62 callbacks suppressed
[  430.869107][ T9154] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1415'.
[  431.093900][ T9154] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1415'.
[  431.170430][ T9154] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1415'.
[  432.573555][ T9186] loop4: detected capacity change from 0 to 1024
[  433.041785][ T9180] chnl_net:caif_netlink_parms(): no params data found
[  433.125299][ T9180] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.132545][ T9180] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.142185][ T9180] device bridge_slave_0 entered promiscuous mode
[  433.152491][ T9180] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.160128][ T9180] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.169179][ T9180] device bridge_slave_1 entered promiscuous mode
[  433.212085][ T9180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  433.224614][ T9180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  433.269402][ T9180] team0: Port device team_slave_0 added
[  433.277974][ T9180] team0: Port device team_slave_1 added
[  433.305487][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_0
[  433.312462][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.339398][ T9180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.365845][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.372821][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.407700][ T9180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  433.457394][ T9180] device hsr_slave_0 entered promiscuous mode
[  433.465112][ T9180] device hsr_slave_1 entered promiscuous mode
[  433.471826][ T9180] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  433.488552][ T9180] Cannot create hsr debugfs directory
[  433.715287][ T9180] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  433.734804][ T9180] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  433.745989][ T9180] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  433.756916][ T9180] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  433.793563][ T9180] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.800720][ T9180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.808309][ T9180] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.815414][ T9180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.919828][ T9180] 8021q: adding VLAN 0 to HW filter on device bond0
[  433.952223][  T759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  433.969282][  T759] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.977498][  T759] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.986600][  T759] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  434.004991][ T9180] 8021q: adding VLAN 0 to HW filter on device team0
[  434.018564][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  434.027986][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  434.036817][ T4552] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.044725][ T4552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.056352][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  434.067047][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  434.076006][ T4742] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.083074][ T4742] bridge0: port 2(bridge_slave_1) entered forwarding state
[  434.097161][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  434.110089][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  434.126218][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  434.136149][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  434.148370][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  434.157091][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  434.167246][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  434.181098][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  434.190273][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  434.202227][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  434.211472][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  434.222746][ T9180] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  434.325469][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  434.332983][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  434.351915][ T9180] 8021q: adding VLAN 0 to HW filter on device batadv0
[  434.478098][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  434.487395][ T4552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  434.509846][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  434.518691][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  434.530515][ T9180] device veth0_vlan entered promiscuous mode
[  434.534275][ T1334] Bluetooth: hci0: command 0x0409 tx timeout
[  434.540761][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  434.552025][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  434.565641][ T9180] device veth1_vlan entered promiscuous mode
[  434.590267][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  434.598942][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  434.607844][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  434.617845][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  434.629355][ T9180] device veth0_macvtap entered promiscuous mode
[  434.641920][ T9180] device veth1_macvtap entered promiscuous mode
[  434.658771][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.670085][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.681071][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.691637][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.701689][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.712475][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.722703][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.733327][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.743365][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.754165][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.764456][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.776670][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.788214][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_0
[  434.798195][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  434.807097][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  434.815531][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  434.824578][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  434.835275][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.847269][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.858875][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.869475][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.879780][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.890593][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.900474][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.911054][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.921001][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.931467][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.941633][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  434.952421][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.964329][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_1
[  434.972717][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  434.983372][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  434.999011][ T9180] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  435.009901][ T9180] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  435.019082][ T9180] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  435.028194][ T9180] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  435.106532][ T4742] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.119167][ T4742] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  435.135122][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  435.159419][ T4742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.167970][ T4742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  435.181005][ T5392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  435.604098][ T4795] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  435.964009][ T4795] usb 8-1: unable to get BOS descriptor or descriptor too short
[  436.023977][ T4795] usb 8-1: unable to read config index 0 descriptor/start: -71
[  436.031620][ T4795] usb 8-1: can't read configurations, error -71
[  436.476976][ T9225] loop4: detected capacity change from 0 to 512
[  436.518392][ T9227] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1434'.
[  436.773872][   T23] Bluetooth: hci0: command 0x041b tx timeout
[  436.816772][ T9225] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1437: Invalid inode bitmap blk 4 in block_group 0
[  436.838573][ T9225] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  438.853989][ T9236] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  438.879353][ T1334] Bluetooth: hci0: command 0x040f tx timeout
[  438.918657][ T9243] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  439.307299][ T9257] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1450'.
[  439.976736][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  439.985534][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  440.050401][ T9295] loop4: detected capacity change from 0 to 1024
[  440.492471][ T9307] device gtp0 entered promiscuous mode
[  440.935076][   T23] Bluetooth: hci0: command 0x0419 tx timeout
[  440.962567][ T9338] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1480'.
[  440.983214][ T9338] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1480'.
[  441.156600][ T9342] loop7: detected capacity change from 0 to 512
[  441.186051][ T9344] syz.6.1483[9344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  441.186172][ T9344] syz.6.1483[9344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  441.352694][ T9342] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1481: Invalid inode bitmap blk 4 in block_group 0
[  441.385623][ T9342] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  441.998833][ T9378] syz.3.1498 sent an empty control message without MSG_MORE.
[  442.071596][ T4175] Bluetooth: hci5: command 0x0406 tx timeout
[  442.293403][ T9396] loop4: detected capacity change from 0 to 1024
[  442.776098][ T9411] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1509'.
[  443.013778][ T4175] Bluetooth: hci0: command 0x0406 tx timeout
[  444.314495][ T9454] loop7: detected capacity change from 0 to 1024
[  444.357415][ T9458] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1533'.
[  444.373227][ T9458] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1533'.
[  444.432766][ T9461] netlink: 'syz.6.1533': attribute type 29 has an invalid length.
[  444.488120][ T9461] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1533'.
[  445.731686][ T9527] loop4: detected capacity change from 0 to 1024
[  446.285741][ T9544] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1569'.
[  446.726700][ T9566] loop7: detected capacity change from 0 to 512
[  446.887003][ T9566] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1576: Invalid inode bitmap blk 4 in block_group 0
[  446.901225][ T9566] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  448.085574][ T9641] loop4: detected capacity change from 0 to 512
[  448.229056][ T9641] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1607: Invalid inode bitmap blk 4 in block_group 0
[  448.267867][ T9641] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  449.194851][ T9689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1622'.
[  449.276080][ T9695] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1630'.
[  449.393423][ T9695] sctp: [Deprecated]: syz.5.1630 (pid 9695) Use of struct sctp_assoc_value in delayed_ack socket option.
[  449.393423][ T9695] Use struct sctp_sack_info instead
[  449.403107][ T9704] loop4: detected capacity change from 0 to 512
[  449.470582][ T9700] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1630'.
[  449.559524][ T9704] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1633: Invalid inode bitmap blk 4 in block_group 0
[  449.575444][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1630'.
[  449.630128][ T9704] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  449.655753][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1630'.
[  449.772122][ T9718] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  450.964309][ T9772] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1654'.
[  451.089520][ T9778] loop7: detected capacity change from 0 to 512
[  451.155552][ T9766] sctp: [Deprecated]: syz.5.1654 (pid 9766) Use of struct sctp_assoc_value in delayed_ack socket option.
[  451.155552][ T9766] Use struct sctp_sack_info instead
[  451.276289][ T9778] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1659: Invalid inode bitmap blk 4 in block_group 0
[  451.295379][ T9778] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  451.972314][ T9812] device syzkaller0 entered promiscuous mode
[  452.363733][ T4212] Bluetooth: hci4: command 0x0406 tx timeout
[  453.675011][ T9883] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1702'.
[  454.044396][ T9894] netlink: 88 bytes leftover after parsing attributes in process `syz.6.1707'.
[  454.138923][ T9894] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1707'.
[  454.224924][ T9900] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1707'.
[  454.641806][ T9924] loop7: detected capacity change from 0 to 512
[  454.830041][ T9924] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1719: Invalid inode bitmap blk 4 in block_group 0
[  454.881973][ T9924] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  455.592949][ T9944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  455.778239][ T9954] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1731'.
[  456.072989][ T9972] device syzkaller1 entered promiscuous mode
[  456.165124][ T9977] netlink: 432 bytes leftover after parsing attributes in process `syz.7.1742'.
[  456.286663][ T9977] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1742'.
[  456.489807][ T9988] loop4: detected capacity change from 0 to 512
[  456.816889][ T9988] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1748: Invalid inode bitmap blk 4 in block_group 0
[  456.882202][ T9988] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  458.250411][T10094] loop4: detected capacity change from 0 to 512
[  458.414476][T10094] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1782: Invalid inode bitmap blk 4 in block_group 0
[  458.439826][T10094] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  458.611243][T10115] Cannot find add_set index 0 as target
[  458.860653][T10125] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  458.915035][T10125] netlink: 'syz.5.1793': attribute type 7 has an invalid length.
[  459.740673][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1802'.
[  459.831715][T10150] xt_connbytes: Forcing CT accounting to be enabled
[  459.842561][T10150] xt_bpf: check failed: parse error
[  461.673508][T10221] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1836'.
[  462.136418][T10234] netlink: 'syz.6.1841': attribute type 29 has an invalid length.
[  462.154072][T10234] netlink: 'syz.6.1841': attribute type 29 has an invalid length.
[  462.690646][T10260] loop7: detected capacity change from 0 to 512
[  462.814775][T10260] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1852: Invalid inode bitmap blk 4 in block_group 0
[  462.897341][T10260] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  463.541742][T10284] xt_CT: No such helper "snmp"
[  463.630535][T10294] netlink: 'syz.3.1866': attribute type 39 has an invalid length.
[  464.493858][T10328] xt_CT: No such helper "snmp"
[  464.576307][T10336] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  464.633951][T10338] netlink: 'syz.5.1882': attribute type 39 has an invalid length.
[  464.933896][T10264] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  465.298725][T10367] xt_CT: No such helper "snmp"
[  465.587766][T10388] netlink: 'syz.7.1904': attribute type 39 has an invalid length.
[  465.693546][T10391] netlink: 'syz.6.1906': attribute type 3 has an invalid length.
[  465.826258][T10399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1910'.
[  465.873275][    C1] vcan0: j1939_session_tx_dat: 0xffff888062c71800: queue data error: -100
[  465.920083][T10402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1910'.
[  466.938871][T10413] xt_CT: No such helper "snmp"
[  467.554409][T10437] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1926'.
[  468.707519][T10492] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1950'.
[  468.920782][T10498] netlink: set zone limit has 8 unknown bytes
[  470.492722][T10564] sctp: [Deprecated]: syz.5.1981 (pid 10564) Use of struct sctp_assoc_value in delayed_ack socket option.
[  470.492722][T10564] Use struct sctp_sack_info instead
[  471.982152][T10612] loop7: detected capacity change from 0 to 512
[  472.112634][T10619] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2001'.
[  472.135224][T10612] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.1999: Invalid inode bitmap blk 4 in block_group 0
[  472.175099][T10612] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  473.534579][T10634] rdma_op ffff888067a7d1f0 conn xmit_rdma 0000000000000000
[  474.526050][T10676] loop4: detected capacity change from 0 to 512
[  474.652432][T10676] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.2024: Invalid inode bitmap blk 4 in block_group 0
[  474.736617][T10676] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  476.987651][T10757] loop7: detected capacity change from 0 to 512
[  477.160811][T10757] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.2050: Invalid inode bitmap blk 4 in block_group 0
[  477.204145][T10757] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  478.053865][T10768] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  478.366318][T10816] Cannot find set identified by id 1 to match
[  478.852962][T10844] loop4: detected capacity change from 0 to 512
[  478.959534][T10844] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.2082: Invalid inode bitmap blk 4 in block_group 0
[  478.989697][T10844] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  478.994666][T10843] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.179871][T10843] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.320787][T10843] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.534120][T10843] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.942466][T10843] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  480.078797][T10843] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  480.117063][T10843] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  480.133528][T10843] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  480.962337][T10933] ==================================================================
[  480.971348][T10933] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  480.980605][T10933] Read of size 1 at addr ffff88807881a600 by task syz.5.2116/10933
[  480.988524][T10933] 
[  480.990868][T10933] CPU: 1 PID: 10933 Comm: syz.5.2116 Not tainted 5.15.180-syzkaller #0
[  480.999133][T10933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  481.009214][T10933] Call Trace:
[  481.012524][T10933]  <TASK>
[  481.015474][T10933]  dump_stack_lvl+0x1e3/0x2d0
[  481.020184][T10933]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  481.025844][T10933]  ? _printk+0xd1/0x120
[  481.030295][T10933]  ? __wake_up_klogd+0xcc/0x100
[  481.035185][T10933]  ? panic+0x860/0x860
[  481.039281][T10933]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  481.044770][T10933]  print_address_description+0x63/0x3b0
[  481.050349][T10933]  ? xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  481.056875][T10933]  kasan_report+0x16b/0x1c0
[  481.061430][T10933]  ? xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  481.067969][T10933]  xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  481.074331][T10933]  ? __lock_acquire+0x1ff0/0x1ff0
[  481.079396][T10933]  xfrm_policy_inexact_insert_node+0x8e7/0xb00
[  481.085596][T10933]  xfrm_policy_inexact_alloc_chain+0x604/0xe20
[  481.091784][T10933]  ? xfrm_policy_inexact_insert+0xea/0x13c0
[  481.097720][T10933]  xfrm_policy_inexact_insert+0xea/0x13c0
[  481.103474][T10933]  ? do_raw_spin_lock+0x14a/0x370
[  481.108530][T10933]  ? __bpf_trace_softirq+0x10/0x10
[  481.113673][T10933]  ? __rwlock_init+0x140/0x140
[  481.118463][T10933]  ? init_timer_key+0x17c/0x2d0
[  481.123352][T10933]  ? policy_hash_bysel+0x12c/0x7c0
[  481.128505][T10933]  xfrm_policy_insert+0xe6/0x930
[  481.133492][T10933]  xfrm_add_policy+0x4f7/0x9b0
[  481.138292][T10933]  ? xfrm_dump_sa_done+0xd0/0xd0
[  481.143259][T10933]  ? apparmor_capable+0x12e/0x190
[  481.148328][T10933]  ? __nla_parse+0x3c/0x50
[  481.152821][T10933]  xfrm_user_rcv_msg+0x632/0x960
[  481.157806][T10933]  ? xfrm_netlink_rcv+0x90/0x90
[  481.162724][T10933]  ? __mutex_lock_common+0x444/0x25a0
[  481.168135][T10933]  netlink_rcv_skb+0x1cf/0x410
[  481.172934][T10933]  ? xfrm_netlink_rcv+0x90/0x90
[  481.177814][T10933]  ? netlink_ack+0xb10/0xb10
[  481.182451][T10933]  xfrm_netlink_rcv+0x75/0x90
[  481.187153][T10933]  netlink_unicast+0x7c0/0x990
[  481.191952][T10933]  ? netlink_detachskb+0x90/0x90
[  481.196914][T10933]  ? __virt_addr_valid+0x3bb/0x460
[  481.202056][T10933]  ? 0xffffffff81000000
[  481.206233][T10933]  ? __check_object_size+0x300/0x410
[  481.211543][T10933]  ? bpf_lsm_netlink_send+0x5/0x10
[  481.216688][T10933]  netlink_sendmsg+0xa30/0xd60
[  481.221499][T10933]  ? netlink_getsockopt+0x5b0/0x5b0
[  481.226727][T10933]  ? futex_wait+0x634/0x740
[  481.231266][T10933]  ? aa_sock_msg_perm+0x91/0x150
[  481.236233][T10933]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  481.241550][T10933]  ? security_socket_sendmsg+0x7d/0xa0
[  481.247037][T10933]  ? netlink_getsockopt+0x5b0/0x5b0
[  481.252273][T10933]  ____sys_sendmsg+0x59e/0x8f0
[  481.257083][T10933]  ? __sys_sendmsg_sock+0x30/0x30
[  481.262142][T10933]  ? import_iovec+0x77/0xa0
[  481.266675][T10933]  ___sys_sendmsg+0x252/0x2e0
[  481.271380][T10933]  ? __sys_sendmsg+0x260/0x260
[  481.276220][T10933]  ? __fdget+0x191/0x220
[  481.280489][T10933]  __se_sys_sendmsg+0x19a/0x260
[  481.285370][T10933]  ? __x64_sys_sendmsg+0x80/0x80
[  481.290339][T10933]  ? syscall_enter_from_user_mode+0x2e/0x240
[  481.296339][T10933]  ? lockdep_hardirqs_on+0x94/0x130
[  481.301565][T10933]  ? syscall_enter_from_user_mode+0x2e/0x240
[  481.307569][T10933]  do_syscall_64+0x3b/0x80
[  481.312008][T10933]  ? clear_bhb_loop+0x15/0x70
[  481.316992][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  481.322931][T10933] RIP: 0033:0x7f75fdeb9169
[  481.327375][T10933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.347008][T10933] RSP: 002b:00007f75fbd21038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.355464][T10933] RAX: ffffffffffffffda RBX: 00007f75fe0e0fa0 RCX: 00007f75fdeb9169
[  481.363470][T10933] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[  481.371459][T10933] RBP: 00007f75fdf3ba68 R08: 0000000000000000 R09: 0000000000000000
[  481.379473][T10933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.387479][T10933] R13: 0000000000000000 R14: 00007f75fe0e0fa0 R15: 00007ffea4438168
[  481.395498][T10933]  </TASK>
[  481.398534][T10933] 
[  481.400918][T10933] Allocated by task 10933:
[  481.405350][T10933]  ____kasan_kmalloc+0xba/0xf0
[  481.410185][T10933]  __kmalloc+0x168/0x300
[  481.414442][T10933]  sk_prot_alloc+0xe0/0x200
[  481.418959][T10933]  sk_alloc+0x35/0x310
[  481.423038][T10933]  pfkey_create+0xda/0x580
[  481.427468][T10933]  __sock_create+0x460/0x8f0
[  481.432083][T10933]  __sys_socket+0x132/0x370
[  481.436613][T10933]  __x64_sys_socket+0x76/0x80
[  481.441315][T10933]  do_syscall_64+0x3b/0x80
[  481.445757][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  481.451759][T10933] 
[  481.454095][T10933] Last potentially related work creation:
[  481.459833][T10933]  kasan_save_stack+0x36/0x60
[  481.464530][T10933]  kasan_record_aux_stack+0xba/0x100
[  481.469834][T10933]  call_rcu+0x1c4/0xa70
[  481.474007][T10933]  netlink_release+0x14e4/0x1980
[  481.478962][T10933]  sock_close+0xcd/0x230
[  481.483223][T10933]  __fput+0x3fe/0x8e0
[  481.487232][T10933]  task_work_run+0x129/0x1a0
[  481.491850][T10933]  do_exit+0x6a3/0x2480
[  481.496039][T10933]  do_group_exit+0x144/0x310
[  481.500646][T10933]  get_signal+0xc66/0x14e0
[  481.505241][T10933]  arch_do_signal_or_restart+0xbd/0x12b0
[  481.511046][T10933]  exit_to_user_mode_loop+0x97/0x130
[  481.516352][T10933]  exit_to_user_mode_prepare+0xb1/0x140
[  481.521914][T10933]  syscall_exit_to_user_mode+0x5d/0x240
[  481.527474][T10933]  do_syscall_64+0x47/0x80
[  481.531914][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  481.537869][T10933] 
[  481.540201][T10933] Second to last potentially related work creation:
[  481.546787][T10933]  kasan_save_stack+0x36/0x60
[  481.551488][T10933]  kasan_record_aux_stack+0xba/0x100
[  481.556787][T10933]  call_rcu+0x1c4/0xa70
[  481.560961][T10933]  netlink_release+0x14e4/0x1980
[  481.565913][T10933]  sock_close+0xcd/0x230
[  481.570172][T10933]  __fput+0x3fe/0x8e0
[  481.574170][T10933]  task_work_run+0x129/0x1a0
[  481.578789][T10933]  do_exit+0x6a3/0x2480
[  481.583000][T10933]  do_group_exit+0x144/0x310
[  481.587694][T10933]  get_signal+0xc66/0x14e0
[  481.592123][T10933]  arch_do_signal_or_restart+0xbd/0x12b0
[  481.597772][T10933]  exit_to_user_mode_loop+0x97/0x130
[  481.603075][T10933]  exit_to_user_mode_prepare+0xb1/0x140
[  481.608634][T10933]  syscall_exit_to_user_mode+0x5d/0x240
[  481.614206][T10933]  do_syscall_64+0x47/0x80
[  481.618655][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  481.624566][T10933] 
[  481.626899][T10933] The buggy address belongs to the object at ffff88807881a000
[  481.626899][T10933]  which belongs to the cache kmalloc-2k of size 2048
[  481.640966][T10933] The buggy address is located 1536 bytes inside of
[  481.640966][T10933]  2048-byte region [ffff88807881a000, ffff88807881a800)
[  481.654444][T10933] The buggy address belongs to the page:
[  481.660100][T10933] page:ffffea0001e20600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78818
[  481.670282][T10933] head:ffffea0001e20600 order:3 compound_mapcount:0 compound_pincount:0
[  481.678680][T10933] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  481.686711][T10933] raw: 00fff00000010200 0000000000000000 0000000400000001 ffff888017442000
[  481.695316][T10933] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[  481.703909][T10933] page dumped because: kasan: bad access detected
[  481.710430][T10933] page_owner tracks the page as allocated
[  481.716253][T10933] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4168, ts 69693153149, free_ts 69625497290
[  481.735460][T10933]  get_page_from_freelist+0x3b78/0x3d40
[  481.741036][T10933]  __alloc_pages+0x272/0x700
[  481.745642][T10933]  new_slab+0xbb/0x4b0
[  481.749725][T10933]  ___slab_alloc+0x6f6/0xe10
[  481.754329][T10933]  kmem_cache_alloc_trace+0x1a0/0x290
[  481.759716][T10933]  ipv6_add_dev+0xce/0x1180
[  481.764258][T10933]  addrconf_notify+0x697/0xf40
[  481.769058][T10933]  raw_notifier_call_chain+0xd0/0x170
[  481.774448][T10933]  register_netdevice+0x128e/0x16a0
[  481.779671][T10933]  nsim_create+0x329/0x3e0
[  481.784110][T10933]  __nsim_dev_port_add+0x6de/0xb90
[  481.789245][T10933]  nsim_dev_port_add_all+0x35/0x110
[  481.794463][T10933]  nsim_dev_probe+0x752/0x9f0
[  481.799157][T10933]  really_probe+0x24e/0xb60
[  481.803686][T10933]  __driver_probe_device+0x1a2/0x3d0
[  481.808987][T10933]  driver_probe_device+0x50/0x420
[  481.814030][T10933] page last free stack trace:
[  481.818718][T10933]  free_unref_page_prepare+0xc34/0xcf0
[  481.824298][T10933]  free_unref_page+0x95/0x2d0
[  481.828990][T10933]  __unfreeze_partials+0x1b7/0x210
[  481.834115][T10933]  put_cpu_partial+0x132/0x1a0
[  481.838907][T10933]  ___cache_free+0xe3/0x100
[  481.843420][T10933]  qlist_free_all+0x36/0x90
[  481.847948][T10933]  kasan_quarantine_reduce+0x162/0x180
[  481.853419][T10933]  __kasan_slab_alloc+0x2f/0xc0
[  481.858295][T10933]  slab_post_alloc_hook+0x53/0x380
[  481.863425][T10933]  kmem_cache_alloc_node+0x121/0x2c0
[  481.868739][T10933]  __alloc_skb+0xdd/0x590
[  481.873089][T10933]  netlink_sendmsg+0x6f8/0xd60
[  481.877872][T10933]  __sys_sendto+0x564/0x720
[  481.882402][T10933]  __x64_sys_sendto+0xda/0xf0
[  481.887105][T10933]  do_syscall_64+0x3b/0x80
[  481.891547][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  481.897462][T10933] 
[  481.899791][T10933] Memory state around the buggy address:
[  481.905431][T10933]  ffff88807881a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  481.913593][T10933]  ffff88807881a580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[  481.921665][T10933] >ffff88807881a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  481.929732][T10933]                    ^
[  481.933809][T10933]  ffff88807881a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  481.941882][T10933]  ffff88807881a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  481.950043][T10933] ==================================================================
[  481.958120][T10933] Disabling lock debugging due to kernel taint
[  481.964436][T10933] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  481.971640][T10933] CPU: 1 PID: 10933 Comm: syz.5.2116 Tainted: G    B             5.15.180-syzkaller #0
[  481.981284][T10933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  481.991360][T10933] Call Trace:
[  481.994655][T10933]  <TASK>
[  481.997598][T10933]  dump_stack_lvl+0x1e3/0x2d0
[  482.002298][T10933]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  482.007951][T10933]  ? panic+0x860/0x860
[  482.012050][T10933]  panic+0x318/0x860
[  482.015966][T10933]  ? check_panic_on_warn+0x1d/0xa0
[  482.021103][T10933]  ? fb_is_primary_device+0xd0/0xd0
[  482.026325][T10933]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[  482.032352][T10933]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  482.038354][T10933]  ? _raw_spin_unlock+0x40/0x40
[  482.043236][T10933]  check_panic_on_warn+0x7e/0xa0
[  482.048193][T10933]  ? xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  482.054725][T10933]  end_report+0x6d/0xf0
[  482.058906][T10933]  kasan_report+0x18e/0x1c0
[  482.063434][T10933]  ? xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  482.069960][T10933]  xfrm_policy_inexact_list_reinsert+0x5b5/0x660
[  482.076314][T10933]  ? __lock_acquire+0x1ff0/0x1ff0
[  482.081372][T10933]  xfrm_policy_inexact_insert_node+0x8e7/0xb00
[  482.087649][T10933]  xfrm_policy_inexact_alloc_chain+0x604/0xe20
[  482.093837][T10933]  ? xfrm_policy_inexact_insert+0xea/0x13c0
[  482.099760][T10933]  xfrm_policy_inexact_insert+0xea/0x13c0
[  482.105512][T10933]  ? do_raw_spin_lock+0x14a/0x370
[  482.110567][T10933]  ? __bpf_trace_softirq+0x10/0x10
[  482.115711][T10933]  ? __rwlock_init+0x140/0x140
[  482.120506][T10933]  ? init_timer_key+0x17c/0x2d0
[  482.125389][T10933]  ? policy_hash_bysel+0x12c/0x7c0
[  482.130526][T10933]  xfrm_policy_insert+0xe6/0x930
[  482.135493][T10933]  xfrm_add_policy+0x4f7/0x9b0
[  482.140291][T10933]  ? xfrm_dump_sa_done+0xd0/0xd0
[  482.145347][T10933]  ? apparmor_capable+0x12e/0x190
[  482.150473][T10933]  ? __nla_parse+0x3c/0x50
[  482.154921][T10933]  xfrm_user_rcv_msg+0x632/0x960
[  482.159939][T10933]  ? xfrm_netlink_rcv+0x90/0x90
[  482.164861][T10933]  ? __mutex_lock_common+0x444/0x25a0
[  482.170278][T10933]  netlink_rcv_skb+0x1cf/0x410
[  482.175141][T10933]  ? xfrm_netlink_rcv+0x90/0x90
[  482.180008][T10933]  ? netlink_ack+0xb10/0xb10
[  482.184611][T10933]  xfrm_netlink_rcv+0x75/0x90
[  482.189299][T10933]  netlink_unicast+0x7c0/0x990
[  482.194080][T10933]  ? netlink_detachskb+0x90/0x90
[  482.199024][T10933]  ? __virt_addr_valid+0x3bb/0x460
[  482.204144][T10933]  ? 0xffffffff81000000
[  482.208303][T10933]  ? __check_object_size+0x300/0x410
[  482.213611][T10933]  ? bpf_lsm_netlink_send+0x5/0x10
[  482.218746][T10933]  netlink_sendmsg+0xa30/0xd60
[  482.223616][T10933]  ? netlink_getsockopt+0x5b0/0x5b0
[  482.228825][T10933]  ? futex_wait+0x634/0x740
[  482.233338][T10933]  ? aa_sock_msg_perm+0x91/0x150
[  482.238285][T10933]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  482.243572][T10933]  ? security_socket_sendmsg+0x7d/0xa0
[  482.249039][T10933]  ? netlink_getsockopt+0x5b0/0x5b0
[  482.254256][T10933]  ____sys_sendmsg+0x59e/0x8f0
[  482.259025][T10933]  ? __sys_sendmsg_sock+0x30/0x30
[  482.264224][T10933]  ? import_iovec+0x77/0xa0
[  482.268729][T10933]  ___sys_sendmsg+0x252/0x2e0
[  482.273554][T10933]  ? __sys_sendmsg+0x260/0x260
[  482.278357][T10933]  ? __fdget+0x191/0x220
[  482.282613][T10933]  __se_sys_sendmsg+0x19a/0x260
[  482.287476][T10933]  ? __x64_sys_sendmsg+0x80/0x80
[  482.292425][T10933]  ? syscall_enter_from_user_mode+0x2e/0x240
[  482.298404][T10933]  ? lockdep_hardirqs_on+0x94/0x130
[  482.303602][T10933]  ? syscall_enter_from_user_mode+0x2e/0x240
[  482.309583][T10933]  do_syscall_64+0x3b/0x80
[  482.314001][T10933]  ? clear_bhb_loop+0x15/0x70
[  482.318679][T10933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  482.324574][T10933] RIP: 0033:0x7f75fdeb9169
[  482.328986][T10933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.348587][T10933] RSP: 002b:00007f75fbd21038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  482.357000][T10933] RAX: ffffffffffffffda RBX: 00007f75fe0e0fa0 RCX: 00007f75fdeb9169
[  482.364974][T10933] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[  482.372943][T10933] RBP: 00007f75fdf3ba68 R08: 0000000000000000 R09: 0000000000000000
[  482.380999][T10933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.388970][T10933] R13: 0000000000000000 R14: 00007f75fe0e0fa0 R15: 00007ffea4438168
[  482.396973][T10933]  </TASK>
[  482.400419][T10933] Kernel Offset: disabled
[  482.404747][T10933] Rebooting in 86400 seconds..