last executing test programs:

5m22.950036926s ago: executing program 2 (id=648):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
unshare(0x22020600)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb35405"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={0xffffffffffffffff, r3, 0x4, r3}, 0x10)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000003540)={0x0, 0x0, &(0x7f0000003500)={&(0x7f00000034c0)=ANY=[@ANYBLOB="100000000d14210e25bd70001ddb"], 0x10}, 0x1, 0x0, 0x0, 0x84}, 0x40)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

5m21.285674853s ago: executing program 2 (id=652):
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, &(0x7f00000005c0)={0x8, 0x70, 0x80000}, 0x20)
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
prctl$PR_SET_SECUREBITS(0x1c, 0xc)
socket$inet6(0xa, 0x2, 0x7)

5m19.957044803s ago: executing program 2 (id=656):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0xa, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0xb}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='highspeed\x00', 0xa)
sendto$inet6(r0, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x6}, 0x1c)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x121342, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='rcu_utilization\x00', r3}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x7ff, 0x2}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x1, 0xb, 0x7fffffff, 0x2}, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
socket(0x1, 0x3, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
shutdown(r0, 0x1)

5m14.970357655s ago: executing program 2 (id=662):
syz_mount_image$msdos(&(0x7f00000011c0), &(0x7f0000000000)='./bus\x00', 0x2808480, &(0x7f0000000380)=ANY=[@ANYBLOB="646f74732c6e6f626173652cc93dd31774732c646f733178666c6f7070792c009114f0851746f523ff57d6dd3b17000834c1a0c27cfb3aafa9d52d92dc291c8d8662838e7f166c5a2007f5ae3aeea5f09c184256405c74c4789ccc5eaed43f51e5037660ec7408fdf1f925074e5d9ed063e8c4be8bafcf5cbd85279f3c37e76700"/146], 0x3, 0x11e6, &(0x7f0000002440)="$eJzs20+LG3UYB/BH7Zpt4m7Xf9X24g+96GWwHjyIl0W2IA0obSO0gjDLzmpITEImh0Q81IMXT74Qj94E9Q3su/C2CKIXT0aSif2zbEXFTZbt5wNhnsz3N8nzhCQwIXP49tefdvbLbH8tItYj4vGYS38VEXEnXvvhrd++unHr9rXtZnPnekpXt29eeTOltPnS9x9+/s3LP44aH3y7+V0tDrY+OvzljZ8OLh5cOvzj5iftMrXL1OuPUp52+/1Rvtst0l677GQpvd8t8rJI7V5ZDKt89lTdIu13+4PBJOW9vY36YFiUZcp7k9QpJmnUT6PhJOUf5+1eyrIsbdSD/+qLxXY6nd3W4smYTqfT81GPRjwVG7EZF2Irno5n4tl4Lp6Pi/FCvBiX5qtW3DoAAAAAAAAAAAAAAAAAAACcMb9Pj17/f8H1/wAAAAAAAAAAAAAAAAAAALBkN27dvrbdbO5cT2k94uc749a4VW2r/Oq7zZ3X09zWvaN+HY9bT9zNr1R5ejCvRb3KGxFxTL4er75SHT/L3nmveSS/HHsnPz4AAAA8ErJ01zHn97XIsoflVXXf7wOz8/fGYsF43DoXl88tdxb+vXLyWSdfW9zJu91iON9TFYPO0T2nrHgsIv7XB4wvj412771gqx55+UVtMflp6WcVxYMfmoctnr0dV97qyYzM2XTfV9/fO7+khgAAAAAAAAAAAPhHlvF3wlXPCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+yA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArwIAAP//dW1ayw==")
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000b80), 0x200008, 0x0)
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322024, &(0x7f0000000100)=ANY=[], 0x1, 0x0, 0x0)
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x15)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
open_tree(r2, &(0x7f0000000640)='\x00', 0x89901)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000280)='binfmt_misc\x00', 0x800, 0x0)

5m13.09321057s ago: executing program 2 (id=667):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddc, 0x10100, 0x1, 0x203}, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400))
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
eventfd2(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f00000001c0), 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES64=r3], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0)

5m5.976442078s ago: executing program 2 (id=680):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x9b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x28}, 0x94)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0xffff, 0x100000001, 0x4})
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000200)={0x3f, &(0x7f00000003c0)=[{0x80, 0x5}]})

5m4.667673566s ago: executing program 32 (id=680):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x9b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x28}, 0x94)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0xffff, 0x100000001, 0x4})
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000200)={0x3f, &(0x7f00000003c0)=[{0x80, 0x5}]})

25.653093957s ago: executing program 3 (id=1146):
socket$key(0xf, 0x3, 0x2)
r0 = socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$read(0x16, 0x0, &(0x7f0000000240)=""/112, 0x349b7f55)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0xe, &(0x7f0000000400)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3}, 0x8, 0x10, &(0x7f0000000440)={0x0, 0x0, 0x2}, 0x10}, 0x94)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0)
ioctl$FBIO_WAITFORVSYNC(r4, 0x40044620, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e24, @private=0xa010101}], 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000002480)={0x2020}, 0x2020)
socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0xc)
setresuid(0x0, 0x0, r5)
r6 = getuid()
mount$fuseblk(&(0x7f0000000100), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2140000, &(0x7f0000000740)=ANY=[@ANYBLOB='\x00\x00', @ANYBLOB=',rootmode=00000000000000000100000,user_i', @ANYRES8=r5, @ANYBLOB=',default_permissions,d', @ANYRESDEC=r5, @ANYRESDEC, @ANYBLOB, @ANYRESDEC=r6, @ANYBLOB])
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

22.945480468s ago: executing program 3 (id=1151):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000400000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x3b, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x23)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sock_rcvqueue_full\x00', r2, 0x0, 0x80}, 0x18)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
ustat(0xd, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48c8}, 0x20004804)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x8000001c)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
r5 = io_uring_setup(0x4e4d, &(0x7f0000000080)={0x0, 0x5275, 0x80, 0x9, 0x200000})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f00000000c0)='cgroup.max.depth\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000080)=0x5, 0x12)
sendfile(r7, r7, 0x0, 0x9)
pause()
close_range(r5, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400))
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)

16.364954811s ago: executing program 0 (id=1157):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

16.364013771s ago: executing program 3 (id=1158):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x0, 0x5001)
socket$kcm(0x10, 0x2, 0x0)
mincore(&(0x7f0000184000/0x2000)=nil, 0x2000, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
shutdown(r3, 0x1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@o_path={0x0}, 0x18)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x17)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

13.873978413s ago: executing program 0 (id=1160):
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfffffffc}, &(0x7f00000007c0)=<r0=>0x0, &(0x7f0000000800))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, 0x0, 0x0, 0x4)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000002c0)=@gcm_128={{0x304}, "45542f745866c700", "7ffdfd042f0fef2e31eea67362f87200", "960ffc3d", "faffffffffffffff"}, 0x28)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
socket$kcm(0x29, 0x7, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/protocols\x00')
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r6 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r6, 0x7ab, 0x0)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
futex_waitv(&(0x7f00000000c0)=[{0x7, &(0x7f0000000940)=0x100000000ffff, 0x6}], 0x1, 0x0, 0x0, 0x1)
ioctl$KVM_REINJECT_CONTROL(r5, 0xae71, &(0x7f0000019080)={0xb4})
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000080)=0x4)
bpf$MAP_CREATE(0x600000000000000, 0x0, 0x0)
sendmsg$inet(r3, 0x0, 0x810)

13.825395057s ago: executing program 3 (id=1161):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xfe5d, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000280), 0x3, 0x389001)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))
r5 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xf}, 0x1c)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

13.822186477s ago: executing program 4 (id=1162):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x21ee, 0x4)
sendmmsg$inet(r3, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @random="b0c942034375", @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @rand_addr=0x64010102, @local}, "fbe308f429b2d1749eddb7f6a4aa3a944f429df3"}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x4000004, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

12.490011286s ago: executing program 1 (id=1163):
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000740)={0x1f, @none}, 0x8)
listen(r3, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
accept4(r3, 0x0, 0x0, 0x80800)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r4, 0xa0044d07, 0x0)
recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000000)=""/255, 0xff, 0x40000003, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001880)=ANY=[@ANYRES8=r3, @ANYRES16=r6, @ANYBLOB="01000000000000000000210000000e0001006e657464654a730a00000000000000006e65746478767369764b0000000000006c325f64726f7073000000000500830000000000"], 0x4c}}, 0x10040)
r7 = dup(r0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0x40045542, &(0x7f0000000140)=0x293c)
lsetxattr$security_capability(&(0x7f0000000280)='./cgroup/cgroup.procs\x00', &(0x7f0000000180), &(0x7f0000000040)=@v2={0x2000000, [{0x6, 0x4}, {0x4, 0x1bf}]}, 0x14, 0x1)

10.851861399s ago: executing program 1 (id=1164):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x1c, 0x8, 0x40, 0x42, 0x1}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

10.72113296s ago: executing program 4 (id=1165):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000018c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[], 0xfffffe2b}, 0x1, 0x0, 0x0, 0x80}, 0x2200c840)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x3b, 0x1, [{0xfbfffffa}]}})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6000003, 0x42031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r6)
process_mrelease(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00'}, 0x10)
io_uring_setup(0x7bda, &(0x7f00000004c0)={0x0, 0xeeeb, 0x2, 0x3, 0x5})
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

9.768559097s ago: executing program 0 (id=1166):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
clock_gettime(0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000001c0)=<r3=>0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000140), &(0x7f0000000240)=0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_freezer_state(r5, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r6, 0x0, 0x0)
mkdirat$cgroup(r5, &(0x7f00000000c0)='syz1\x00', 0x1ff)
mkdirat$cgroup(r5, &(0x7f0000000100)='syz0\x00', 0x1ff)
sendfile(r6, r6, 0x0, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000014a5b960818818ff654e5836a29c432afd2c56b1350ba174fb1cbe352ae967a7f0cb7532f495d7cc0a90226876548abac42cfe245e42ce8c5bcceda1cc302dbefc175d7154e593853455d3ff43396e0b90e03ab41faf593501ca555643870559fb2fb9b4d2fcac43a40a1e7d80f6cf4021894a7e6427e2a34039252bd256d0dbc577937ff61ecdd1bb"], 0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000400)={0x0, 0x3, 0x20}, 0xc)
ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000380)=@multiplanar_mmap={0x4, 0x13, 0x4, 0x20, 0x80000001, {}, {0x2, 0x0, 0x10, 0x4, 0x7, 0x6, "1d558e4a"}, 0x1b47, 0x1, {&(0x7f0000000140)=[{0x4, 0x8, {0x4b0}, 0xfffffff2}, {0x3, 0x8, {0x80}, 0x9}]}, 0x8001, 0x0, r3})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44080)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x17, &(0x7f0000000280), &(0x7f0000000340)=0x4)

9.744851099s ago: executing program 1 (id=1167):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900), 0x0, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)
recvmsg(r3, 0x0, 0xa3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000080)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
tkill(0x0, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = io_uring_setup(0x669, &(0x7f00000002c0))
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

8.164800317s ago: executing program 4 (id=1168):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r1, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$SIOCGSTAMP(r1, 0x8906, 0x0)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000000)={@private0, 0x0, 0x0, 0xff, 0x1, 0x0, 0x2}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000000)
sendto$inet6(r2, &(0x7f0000000300), 0x5aa, 0x0, 0x0, 0xfffffffffffffdfd)
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000040)=@setlink={0x44, 0x13, 0x5, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'bridge_slave_1\x00'}, @IFLA_MASTER={0x8}, @IFLA_CARRIER={0x5}]}, 0x44}}, 0x0)

6.453182336s ago: executing program 0 (id=1169):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

6.380708122s ago: executing program 4 (id=1170):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x0, 0x5001)
socket$kcm(0x10, 0x2, 0x0)
mincore(&(0x7f0000184000/0x2000)=nil, 0x2000, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)='O', 0x1, 0x80, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@o_path={0x0}, 0x18)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x17)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

6.269854491s ago: executing program 3 (id=1171):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x8, @local, 0x7fff}, {0xa, 0xfffe, 0x4, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe2f]}}, 0x5c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882)
syz_io_uring_setup(0x62ce, &(0x7f0000000780)={0x0, 0x3, 0x10100, 0x0, 0xffffffff}, &(0x7f00000000c0), &(0x7f00000003c0))
writev(r2, &(0x7f0000001800)=[{&(0x7f00000001c0)='*', 0x1}], 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14001c06744a975dc43e8f21e30ccee8619c0000", @ANYRES16, @ANYBLOB], 0x14}}, 0x2008000)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'vxcan1\x00'})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000280)=0x14)
sendmsg$MPTCP_PM_CMD_REMOVE(r2, &(0x7f0000000840)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x40, 0x0, 0x910, 0x70bd28, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1f}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20004041}, 0x40010)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="5400000009060102000000009a2b0000020000000900020073797a310000000005000100070000002c0007801800018014000240fe8000000000000000000000000000bb060004404e1f0000050007006700"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r9 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000000000/0x4000)=nil)
shmat(r9, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
process_madvise(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x14, 0x0)
process_madvise(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1, 0x14, 0x0)
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x58, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xbf, 0x4e}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @random="55793582cc4d"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="09d5b8fe1d03"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="0bb153ea2943"}]}, 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x40)

6.131177932s ago: executing program 1 (id=1172):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, 0x0, &(0x7f0000000340))
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x101, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaaaa810018000004bc00d3789c2222584e025ac76cc58949d62fdb20693d84327f438ad03e4853d2aad5879c3d465076e6692dc3462f0c6fb55b543566db8db2d09d3f060000006b04edadcc2251d87dc01143f4b980c088d2cf26591b8f51aa3c11336cd0b5bcf18843d2932bc1fe1002e09867cd43c03c9774b4884c350cb1c9a5209ad334d1c1ccc0f3676272febbe9e396bebb587b58a71faa13bd64ad802f1d49201cb55ab74c60f9"], &(0x7f0000000080)={0x0, 0x1, [0x2e9, 0x567, 0x865, 0x254]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000040)='connect aa:aa:aa:aa:aa:10 1', 0x1b)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000100)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
setsockopt$inet_buf(r4, 0x0, 0x26, &(0x7f00000003c0)="310e69f617fecde753a4bc7b1c987ee852db3dde9557eb8ccfd0671d2d70dae6edb46cfdbdc5f7589c5b04dac5735e375f373e073915df8bc1be1fd7008b9454d408e0ea1cb35223c805032d3ef0bef0204984bc34d5cc74f0692883b041ca1c7e6fc862c99a622faf090a9ff5db0ec26d9194887ad7b400b405d8927dc4376deb7ba0918d14facea2024d2571273a6a158e34c22c85fd69785676d9ede325ad30cbe040a7e18ac950d9c2baa9a3eff6fefc4a8abd167afa87eb0975d6256cf8f527b1d95a855dd9fec160bb1d7d9db786d1dc51c260d5641cfa5cff51ce7ea2d2", 0xe1)
getdents64(0xffffffffffffffff, &(0x7f0000000f80)=""/4096, 0x1000)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x101, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r7}, 0x0, &(0x7f00000002c0)}, 0x20)
sendmsg$rds(r6, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000ac0)=[@rdma_args={0x48, 0x114, 0x1, {{0x6, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/99, 0x63}], 0x1, 0x60, 0xfffffffefffffffe}}, @rdma_args={0x48, 0x114, 0x1, {{0x5, 0xa980}, {&(0x7f0000000740)=""/241, 0xf1}, &(0x7f0000000a40)=[{&(0x7f0000000880)=""/171, 0xab}, {&(0x7f0000000180)=""/20, 0x14}, {&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000000240)=""/47, 0x2f}, {&(0x7f0000000940)=""/230, 0xe6}], 0x5, 0x10, 0x1}}], 0x90, 0x8004}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

5.191283258s ago: executing program 0 (id=1173):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1823151a23065853}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r1, 0x400, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x0, 0x1a}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000840}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000000)=0xa83, &(0x7f0000000040)=0x4)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION_ID={0x8}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0x4}, 0x0)

5.190671328s ago: executing program 4 (id=1174):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r7 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r7, 0x2007ffc)
sendfile(r7, r7, 0x0, 0x800000009)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
setitimer(0x1, 0x0, 0x0)

5.097424096s ago: executing program 1 (id=1175):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x1c, 0x8, 0x40, 0x42, 0x1}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

1.808352543s ago: executing program 1 (id=1176):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000000)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@mcast1, 0x4e22, 0x12, 0x4e20, 0xb4f, 0xa, 0xa0, 0x80, 0x6c}, {0xc65, 0x1, 0x1000, 0x5, 0x1, 0x2, 0x7, 0x8}, {0xffffffffffffff80, 0x100000001, 0x9e7a, 0x74}, 0x2, 0x0, 0x1, 0x0, 0x3, 0x1}, {{@in=@multicast2, 0x4d2, 0x2b}, 0x2, @in=@rand_addr=0x64010100, 0x34ff, 0x3, 0x0, 0x3, 0x9, 0x81000, 0x2}}, 0xe8)
r1 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x0, 0xf)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x3)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000600))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r2, 0x80045104, &(0x7f00000002c0))
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000340)="0f01d10f01c9660ffbe064260f01c8baf80c66b8d4326c8566efbafc0c66edba4100ed0f216a0f01c2baf80c66b8142d258666efbafc0c66b80a00000066efbaf80c66b8d098a08366efbafc0c66b898b4609e66ef", 0x55}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000001400)='./file0\x00', &(0x7f0000001440), 0x100)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x3, 0x6, 0x8, '\x00', 0x6})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000300), r2)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000080)={r2, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed16831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0xa]}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000014c0), 0x80000, 0x0)
sendmsg$nl_generic(r2, &(0x7f00000013c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000001500)=ANY=[@ANYBLOB="0c1100002600080029bd7000fedbdf251c0000000800a90005000000cc8204fc4183054f5a0a9f298242b4db67770333f3b630cd741d9246a56c1037c02553137d9cf972621d2aa21a5ee883e4997e1972f15de40ba81e6cfe7c89c521bb50f3a914b9667048d4fa6681ea4f364909db64ed19415fcb1b52692801e45a0e160a6600e17b76e8f3602a0142195cf1c30cb5734a29affd83031c32f88d073ae4d4bbe28e5e185950c64a66207de7fa6b8fc87f6ff213ccd1cfa8873c29cd8761149f73cadf1f3ecf54cc47f2a8f0c499b4dd769c01b7169ca3f1a576cadbce5132f5167cfc6fd7de9a2a0095ab12890f4be2736bc842f2f8f84c1a02f2f36be8e8ff80af4c84103d5ab42bf6b8d7374c43b0267c6273517cb9c1d29fcd378bc80394cf9a6ac4bc7b265d96c4608ea0b8ae9400a3c6f0a5f026baa0290c180c718f1a36779ea07e809434d8f3009a8fd9415729422676c3fd606e1bb4e20303cc30dc703be5230e115dd663942f3706e98b137eabd32cccc7ee57fdb4f947ce3f08e19d783205c07d5b0468c95317ef5f25ebb89893d891d39be0f08745dc94366070a0d369f496758caa8ba43e7d6ccc52399321b2d0e2dbbc7acc914c3ac3deae195054c54774982081ee0f9a6abcf8d9ec4e70488748ec8ba5b04e1550682ae853ee5b73ed05cc168fbdc8bc2b86e057787cb09478cdb2d7bcf47d159018758ee1fc8afc84783c8ce5e4aac520cab0eb050c315ef72b6f3a7d8d967bb5009faa598d524681c6a635299ed59e1e42148437a2e5da8930c51882c0163aa55eaedc163ec92f7593cf1aaa7d586cec527693861723dd1b52997ce10e7b2a4d44639b8ccb38611fadf7a45ff7131ee8f4d8a9615ffcfd816dbd544eb1c261b13b032b0f18ce06deccf64a310bd91b704b0232bf116bed4f970623c7159f89796a02dcc1e52afbb00233eefac8736bde5baea951cd84df11130373083450c5face607666f2fa91fba5dc423d651cc895439e439b3291b39162c7024983d26aa881c75ed9cecae7307aa9178ce8caaa061375e05c9d180a717108e849874ad0f70f5a9c3907dbc9edc894fd3ddd726510fba73e0d50ee9dc85548e414210e784d81df505fcfec509cc67f3c82703586404eb57c21f68e095c1d6997daa068b16c6f75099ab39e55b268caef19186b28c4b5a9915082060c216e8b1b35ac704cd7d43a75143564a8ee58ac4da8d7c75262998714c2092eabb29b66b977ffc44baab1f76c79fcc9c1b9fc941aea1211510169ea982cb3debeabcff3b1ea5b18f127e2db1d6936b00b6bd02c3bfbbb153a1952ac5a06030ba0bfae63a20aaeab776eab8c8a198cb2a8ed2270dad79d6487cce35a73f412c6265dc294343ff25e6396d54c7fe0146497740ebecb6a12d7e95908a6b3177161a27804168908142ea73f3d73e5802f070da1e7fdb373edc6c83cc362942f5bb9ababc9850ec9cf2aac28efaac08e611636116175cad224bc7835465acb9ecf187399885125ecd08586ee6b37096b7c6a7c0f2833f955a35c94374dc6ee854b481622644087e4972efc413a438a8dda7e8a855dfb7000e072901688c0408245935bd35d932adb3e527c530143e1a1144fb07259d190584d9de28ebe352f0f5fd753f17f1517db014db7afb04600d6f5e354517be99d2e42c705439e7661358d14cb5d054c0d4a77e5627e7ded39263e652a4db653c3991ecd946b4754edea168a3315ab76be8b9afe15c3d00f6a8bc319a5f2540cc540180dcfaf99080b914b01b42f7a3286e10a9c50545ce56898416d12a5abf210517b800d02ede6c5b2050e1820a45a06e8c4b3c0969c3ac98729ecb450880bc374e597c0efc63246f32015a799d863bf4da48e65fafda5349a69b749ed42a0de0eb67b8c9a644c93a68386dbed17117c819f7353a392e900f5601435dfb6627d6456fc3ff8e87851db7c7747e0cd410f920e59bf12f5d8200f6e9630225399159a10c493cb097d65d72f1eabcddcf1ac30c0fe0a5203c7d0e3adb489bcbc6f2e2f4729126c58419682dd0204c3dd961f499e8e9fd97e148a97993502240a52f4e411ca47fb0691b04255ea18c6b470cac25e69774663b4cdeab4d74430a9c661d19deb007fad693b1d6a81c574e505f720580935b28ab6714141576d845bb62e41f644b6a201b7eb6ca4e12cc1094efdbffdf3efb88e7800102fdc4d504977e5bc4ab5d2492e953b46135a58b88ab657a4cdd2248ee76da1b0bca6fc0c2f4d04cba8f33c5dbaca0e49ccc3ad9028c2ebcb846a4768b0170627195baf0bc0fe64c52b4d8f02252ea2a907b3f1b289a8569814334e878e066dc177f028e22fb9747986e62097b3ff0312e9e141ac2dd401d5464f8d54365719f14d1b2bc4d7eefc4353c65e436b4cb0e3cf7101688762be4d97ffbb2fa5289abe97d02bf5095fb7342d33378e1e493fe832c491055d719845c8186040f7367b92c32cc108c9c345c0a1621e549bb0c6ae3f3101bfd2405e83333ae85d4dd428ececfe550db472d16901a52759c333903ade2ad1ce2fe314cce71b8c915e360c7c6316dc99c3a8b14e0acca2620f51b45b9bf2f5f2429d84aafc63c3a2f8c89d47d85f5c0ce705e8de85d76e74e344530959fd130eb1db40141d24734960a7b0d3fcd2d2c6b0cc1df1b3481e08ff4c52d0ae4348635c4909273a11e44ff2ec61e89d28c9984b620c15e5b9c1b3818caba15be0a771d0715953873d62ad31184b97b96c681d9945e57e57e6c3e1f8c8411ae7ad2f60a48e5079a8aac39d3b54c502be4ce9484955a4cde0a5587b429a00bace06665b185cf9cdcf3ef7cb5a27c7a4bf62e33cd33963447689166a93fbfd4b7671e14bc4853274f0e88c31c1f4f25c311d330582afd67dccd2c88837cbe9b38485345831bfc5c54e12706e54c9c4407c3315e995e453df8f458404d7c2eada6718ee21c96d6e1320a7b8a3e2bcbaef790673bb6728a37bcb556df954837e0e881ab6c99143bb171f7c1c2517e4fb3e75edec3fcfba293dd31a176201ef20b0266180ce01414b4f95ff949facf05d81acfc9392db410654dd0c5a13e42d327543f5e0534fa307d9e70a47a921223d684757ecd6bfd43d0147c49b1c773f61185a66fd90e0851169e99e4e74f9fff05a7596b9f05e08537cc737ace8cbdefdcdb5affe72f09fedb8012e2de782af5b77abf6e896148dd680b4f0d5abca5d3ab086010f1111d50faa9403de4cc2aced4b67a135b839c0c9863a4e2cf87d72d7c2cd3286bb6740fd6d7d88026eb0d28a8083af7b3db8e9f4f2f886a18eb894b1f7050e39725b2d291bf7ef867c3a5354ae072920b8e40e2d10763ffc5353a86bfa217ac546fbc5abd6b5b4b3bacd7c706b0dde276b3c62acbcbc47d5df58a71ed96947bc0f22e48710595fab76990e6b83c703fa4377b290551b3862a3f0604cf874a2efd6305fec02b8a0af53db82740bd49f02c85838818db1567e2aee742c86665a669eb100e85b25ba0dfbc427135eea2c2dae5dfd77c4b208a64dc14bcf9e9ebdfa163968308d8dab869fd42dc79bf67f484ad5fdb4d271c3e2ae732e51b7585268b9086ee15dbd169d06c416f4f31def1fa856f654669058e5d61503c6d4f99702da468a3a7130fdeb684c4274960fb67bcf100b0edd13d5044408b18c5886ea0b949ab1b7c331f051fcb67f39715ae94b0cabbf72a0a50e5a1977389fcb1fe974e53e17821ef80370bd4746049c18548047f6d24378a97e3cea86b62ff4f14237592a0128facf2db62aa91de89b0d7e3152f475c41656dd63833883e9d39bb624c4b0e5c6b0fdd4db4460ab50c5ffe75d56fed3dbb758259a03d75a90fd258b68940b144fa109ce7b960fe9b3a173469a3558da3dbc753d1d0febe4d83ac06afb2eefa94c0dc447a7533e1ecc7c9b3150d5583fbc0e9ae8be6bcd07a20a91d6d298eddcd69cdcb96c03d1b096980e4428278d4570282259321546262e4f5a1a80ff2e68603d05deccded6055e3c6bb38760e39a0601a8dde5b7464a102a460d296c6efdc4100c40bd86f36428374f6f80202170326bb4069c1c59f02fbf7369fa5ce2ba6906a4835a1dc66583066c55a2aea6079ebc6c25fbed301f09d2cf9e10e888f340c000abecedbc1037b3a46c80ef431ef4218071bc6ebf5b15eeaa46f08c801d91bc06dd5a9ed68d31f0fcbc6e09d2def53ceff9272feccba57140c42e591baaa9916b0be0677f48c59edc4df7a5f6b8d10ce8dfadd33d2ec31ce83055bc1ae0eb961c21b3b61e5767a03dbbae72e07ffe684526eb98b38a17411f8a078035444274af493c99ed421277a9939f2bd06f6a88f25be45a78fe37fcf374e3da2876a096e23055f63c5a84187c87c8defca52c1345ac2c8d2aa5a4fcfa65c9c1c9142894ad2f7cbae40de506a98f58ff6923d035d3efef30b4451b818ab728888f02ceef81520d60324ee44caf921251523621f95e895a70218d397c9d6e2fe938e078cfba588d4730a4b518894a6e20f396d1539605eff59e4969be9db0011aa1fae22512d26d73edf8cd6fd7f5539b4bf2bd37ca61f7d2d6755851d970a1ac2055fcee3f5fb76f76f168bdc6c10c242b5f23520fa8f6671eaf3cb6e114a621a61fb2a0399e0a57f026cad19a19824932dff642747fa5ec3a072a0356627f5f58a72ffb3d216b4b43045016287ce0065311fc9b9a494c14f37e3f38031227ab3f1f1073576df1f3442b9fab438eaa3cb5653216d3004040db1594448377b5b88749b2f15aedff6aabf7223f2e4a3b21008622c37d6c9a4ac1871776dd7c2746dc3fbfacef40f2c1e14bde2ac6b3dfb5ceff2af049b4675486609e3e672f9241b9b27426d82b6830767fc9a42f24cf12833fe221aca00fd39140cffb26b3b6dc1db8a6de94538be359c781b92d1ed1228bd365972caeeec7641cb840d9d1513656b4f962ba257ebd37597bc5a67b1e47b3bf1269143b4ce78f7fc4375bd6a994186c1f24fefc95b2785662e1236103e9409b403312f50cc9b2061474188ba60267c49bfd1fcf1e7b796cf826bfc46b523e4ee31ef565515717e87690db57d6fcb0fca268a67bb0cc5cb91d1c85fab71e63102bf95304412f22084888db984bc51ca0fc4e3887b65e9743b5d2ff32ea963786b2f8184585b3f4c23841c935ca706643fad10cb906888cd4fec10a7ca7f7b646c8b108d39b6bbf1948d19ea98d072b6f950d209eaba3ae0b791ac6300e8fe6e5c5bad204b892d51a7cc30af9e59826acd39050295af4e07746788a7eb21f00eded7acd8484402875480b7056a7602559c3e6e93a0f2115486967d3ec22a46c78ae57eb1409dbd8a78ddbec118828a5db7ff8d0959f4a71d51933d56457282c8eccc2a1837d8c44984d82c9f69c2beac0b529edf134fce2140092247ca4e323c052057f69fac17f75ec696c27f2f525fb665e16a1f4f1d2bdd29660718ca73b3d237eacd4c74880a53c52e77b015bd34fb1109ce2cf7c996ffe302c1c5e3d16b165985d5c3255ecdae2a25ee27da413e371cedd73f166c1460b347f92423d6781ef1a8391c8b745d861bdaa3b1d8162de951a59cdfa06cb0c01d33227e617c6b91f1ffac7df965fc48b6049e5436d5e85690d60de86b94250fd917be895d899d720a7d26f6489f75aab0e451ae61e496f50fceb731c7bf8ed23f5b2c58f5fbf9addbac045658b069f0ebf500c755f50490c9a508f9681b486d097652ddb57e19f868353440b1f1416053d03e8e8960a4d3a6cd27414bd5b40be0138a61455d2c95409b5d04bfb7e9b421e6347077849bbed01f446cd17bdbba27da7ee87b68bddd4d84d6c97634eb5a8244bb9a4515fca9364470db70113fb7c936d7af84dada64f5a25de7a936034155cf97e4ac35ba4260f386a60f26d49604a4240110240ec58ed5d5ee7d1d090218677556bdaa9b12dd6b3b894a6ec1a23ca8510cb2629b323e891fb8b508bf742c00d246029e9e8dfe8a024ab0e01e36aacbef0c4bf75c96e154f2f7c12201b8b91ef662d856426c13923e0d8b6812a191a7c0a0373fff07ab9f89f9ca97bd52871a2b1552b057fd4d83eb74d5838e4f55d6aaa45f43da1fbce4d01a5f414c11c9b718b3be61a269cd720fe239b0e95699b9d64c7c6558c03d4cb3db3001c46cd9efc64c2948912d943eae87dc3280ef7229c9ba465f54ad9b92bd9a2693870be3dcd1b65b244e4471d6db8bba7c54532d609ce3d0f13e4e1b523c7d8993a1d3d2804c2d2984f3d410e9d2eb0aaaad86c8fbb9e871e9c6f21c9e4e4f823e4ed79bfd28ceb3aa7e90f781ee185af15158971115f522bece2a13bcaa9d770c3cda6ec0ef75e4e45c053872e803873d716325cb1f451a2655b33e77d4d22e3cee82f60bd44c71aa7ce65e91802b0ea454a5246bf40cc14af63"], 0x110c}, 0x1, 0x0, 0x0, 0x80}, 0xc0)
r9 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x143240, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r9, 0xc0045103, &(0x7f0000000040))
fsync(r9)

1.799980984s ago: executing program 0 (id=1177):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
r5 = socket(0x10, 0x80003, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15)
r10 = dup(r9)
write$FUSE_BMAP(r10, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r10, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})
lstat(&(0x7f0000000280)='./file0\x00', 0x0)

82.710973ms ago: executing program 4 (id=1178):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1200800, &(0x7f00000008c0)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303031302c6e6c733d69736f383835392d332c747970653d78fa42012c666f7263652c6769643d", @ANYRESHEX=0x0, @ANYBLOB="00000000f5", @ANYRESHEX=0x0, @ANYBLOB], 0x3, 0x6ae, &(0x7f0000000e40)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBqNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmEyAYoSJw4oR44FKFw6AkhhFQOCFHOSEhcOOUeiRuHHABXM7O7Xtsbx25ir9t+PtJ43ts3773f/DJ/dsexNsBn1rnXsr+XIueOn79Z1u/d7XTv3e1cG5STTCVpJM16laKdFB8mZ1Mv+Xz5Yn+44mHzvHL/g6L57vudutbsL9X2jc36bTB2y15yYFjZl2SmLv53y8NuGK9aqnEuro73cFObNRbDuMuEHRskDiZtZYPeamPjkd23ft4Ce9bt+r65wXRyMPXdtbrF9a8Oj74yTN6m16be7sUBAAAAO2XsZ/lRTz3Ig9zMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4divo7A4v+0hiUZ1IMvv+/NfKd+q0Jh/uY3rlcrb771KQDAQAAAAAAAIDH8sKDPMjNHBrUV4rqd/4vVpXD1c/P5a3cyEKWciI3M5/lLGcpc0mmRwZq3ZxfXl6a29jzlyl7rqys3O73PDW256m1cfXWBzrufxps2AgAAAAAAAAAPrN+lHOrv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9oEj21atqOTwoT6fRTHIgSauYGW7emmiwT8BfJh0AAAAA7Lx2f32o+H9dWCmqz/xHqs/9B/JWrmc5i1lONwu5VD0LqD/1N/7R63Tv3e1cK5eNA3/j39uKoxox9bOH8TPPVls8N+xxLt/O93I8M7mQpSzm+5nPchYyk29VpfkUme4/vZi+d7edQawb4z27pnZhfWwvjJTL+I5WkbRzOYtVbCdysTUIvdHf7ujIbH9sJetmvFNmp3i1b4s5utRfl3v0i/56b5iu9nz/MCOz/dyX2Xh6NO8bc7/N42T9THNpDJ9BHV6dpayun+lj5fxgf13m+qc7m/NtPkpbm4nez8va4Og7snnOky//868XrjSuX71y+cbxvXMYfUzrj4nOSCae31ImumUmeo+RiQOPE/+T0+pno76Kbu9q+WLV91AW8528kUtZyOnMZi5nMpuv5VQ6OTWS1+c2z2t1rjW2d64d+1K/UN6TfjZyb9o1Uw9rKPP69EheR69001Xb6CurWXpmC1kqWhmfpX+NDaX5hX6hnOPHI3ecyVufibmRTDy7eSZ+/b+VJDe6168uXZl/c5M5bv354EuD8qBQnrbvrL02/+ZJ7tc29He3PF6eKf+xUt82Ro+Osu3ZQVudr6KZ1X6Hh21r73OtVqrzuW571JlajnTkzriR6rbnx87SqdqOjrSteZeTN9IdvgsBYA87+PLBVvt+++/t99o/aV9pnz/wzakzU19sZf/fmn/a97vGbxtfL17Oe/lhDk06UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS48fatq/Pd7sLSHiyk8YQHvDO2aZCK+pXW3tj3T2pharMj6vdJNunemkTM7SR7InVp7sJcUxnTdH74SjtpDONJcnWPfMEdsBNOLl978+SNt299ZfHa/OsLry9cP3Xm9KunO1+du33y8mJ3Ybb+OekogZ2w+jZg0pEAAAAAAAAAAAAAW7Ubf94wZtqiN4F9BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6Zzr2W/b0UmZs9MVvW793tdMtlUF7dspmkkaT4QVJ8mJxNvWR6ZLjiYfO8cv+DX7307vud1bGag+0b6/r94T8rK9vci15/yUySff31o01tabyLI+P1thlYrRjuYZmwY4PEwaR9FAAA///howfX")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x7, 0x0, 0x7, 0x0})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mlock(&(0x7f0000ff5000/0x9000)=nil, 0x9000)
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
fsopen(&(0x7f0000000100)='binder\x00', 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000045c0)=[{{&(0x7f0000000000)={0x2, 0x4e24, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000280)}}], 0x1, 0x80)
socket$xdp(0x2c, 0x3, 0x0)
r5 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$apparmor_current(r5, &(0x7f0000000040)=@profile={'stack ', ':\x00'}, 0x8)
r6 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f8900000ec00000000101ff0000000309ff5bffff00c7", 0x48}], 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r7, 0x0, 0x0)

0s ago: executing program 3 (id=1179):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000002640)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000002240)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000010000008500000007000000b7000000000000009500000000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r3, &(0x7f00000020c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0xe, 0x7ff}, @timestamp, @sack_perm, @window={0x3, 0x16}, @window={0x3, 0x0, 0xfffc}, @sack_perm, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

kernel console output (not intermixed with test programs):

ted: batadv_slave_0
[  135.481692][ T6435] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.493365][ T6435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.501289][ T6435] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.921253][ T6446] loop0: detected capacity change from 0 to 8
[  139.590087][ T6460] loop3: detected capacity change from 0 to 4096
[  139.662393][ T6460] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  139.718898][ T6460] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing.
[  139.771050][ T6460] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  139.886360][ T6460] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr.  Will not be able to remount read-write.  Run ntfsfix and/or chkdsk.
[  140.010961][ T6460] ntfs: volume version 3.1.
[  140.048425][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.147'.
[  140.061419][ T6468] IPVS: Error joining to the multicast group
[  141.832641][ T6471] overlayfs: failed to clone lowerpath
[  142.260081][  T787] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  142.869954][ T6484] block nbd0: NBD_DISCONNECT
[  142.922342][ T6484] block nbd0: Disconnected due to user request.
[  142.984832][ T6484] block nbd0: shutting down sockets
[  143.078133][  T787] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.147485][  T787] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  143.209525][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.318321][  T787] usb 3-1: config 0 descriptor??
[  143.362867][  T787] pwc: Askey VC010 type 2 USB webcam detected.
[  143.373430][   T28] audit: type=1326 audit(1754413977.963:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6478 comm="syz.3.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f567a18eb69 code=0x7fc00000
[  143.399381][   T28] audit: type=1326 audit(1754413977.963:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6478 comm="syz.3.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f567a18eb69 code=0x7fc00000
[  143.749128][  T787] pwc: recv_control_msg error -32 req 02 val 2b00
[  143.756607][  T787] pwc: recv_control_msg error -32 req 02 val 2700
[  143.764737][  T787] pwc: recv_control_msg error -32 req 02 val 2c00
[  143.771937][  T787] pwc: recv_control_msg error -32 req 04 val 1000
[  143.778955][  T787] pwc: recv_control_msg error -32 req 04 val 1300
[  143.786328][  T787] pwc: recv_control_msg error -32 req 04 val 1400
[  143.794210][  T787] pwc: recv_control_msg error -32 req 02 val 2000
[  143.802160][  T787] pwc: recv_control_msg error -32 req 02 val 2100
[  143.809366][  T787] pwc: recv_control_msg error -32 req 04 val 1500
[  143.816502][  T787] pwc: recv_control_msg error -32 req 02 val 2500
[  143.824132][  T787] pwc: recv_control_msg error -32 req 02 val 2400
[  143.831101][  T787] pwc: recv_control_msg error -32 req 02 val 2600
[  144.039450][  T787] pwc: recv_control_msg error -71 req 02 val 2800
[  144.047486][  T787] pwc: recv_control_msg error -71 req 04 val 1100
[  144.055387][  T787] pwc: recv_control_msg error -71 req 04 val 1200
[  144.065012][  T787] pwc: Registered as video103.
[  144.075500][  T787] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5
[  144.132088][  T787] usb 3-1: USB disconnect, device number 3
[  144.656069][ T6493] loop2: detected capacity change from 0 to 8
[  148.035489][ T6512] loop0: detected capacity change from 0 to 40427
[  148.081850][ T6512] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  148.089687][ T6512] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  148.125783][ T6512] F2FS-fs (loop0): invalid crc value
[  148.149814][ T6512] F2FS-fs (loop0): Found nat_bits in checkpoint
[  148.178965][ T6512] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  148.186045][ T6512] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  149.941237][   T28] audit: type=1800 audit(1754413983.023:9): pid=6520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.161" name="file1" dev="loop0" ino=10 res=0 errno=0
[  151.136777][ T5780] syz-executor: attempt to access beyond end of device
[  151.136777][ T5780] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  151.251077][ T5780] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  151.677279][ T6526] syz.3.165[6526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.677371][ T6526] syz.3.165[6526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.989051][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  152.219127][    T8] usb 4-1: Using ep0 maxpacket: 16
[  152.242011][    T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  152.272628][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  152.313417][    T8] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  152.346245][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.355467][    T8] usb 4-1: Product: syz
[  152.363201][    T8] usb 4-1: Manufacturer: syz
[  152.368702][    T8] usb 4-1: SerialNumber: syz
[  152.694267][    T8] usb 4-1: 0:2 : does not exist
[  152.714611][    T8] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  153.588466][    T8] usb 4-1: USB disconnect, device number 4
[  154.118727][ T6037] udevd[6037]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  154.132894][ T6547] syz.1.172 uses obsolete (PF_INET,SOCK_PACKET)
[  154.379674][ T6552] tipc: Started in network mode
[  154.384969][ T6552] tipc: Node identity caf92a0c1ac5, cluster identity 4711
[  154.413853][ T6552] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  154.427358][ T6552] syzkaller0: entered promiscuous mode
[  154.454838][ T6552] syzkaller0: entered allmulticast mode
[  154.487998][ T6554] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  154.495992][ T6552] tipc: Resetting bearer <eth:syzkaller0>
[  154.516033][ T6551] tipc: Resetting bearer <eth:syzkaller0>
[  154.792869][ T6551] tipc: Disabling bearer <eth:syzkaller0>
[  157.391525][ T6593] xt_NFQUEUE: number of total queues is 0
[  160.620232][ T5786] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  160.629414][ T5786] Bluetooth: hci3: Injecting HCI hardware error event
[  160.640886][ T5786] Bluetooth: hci3: hardware error 0x00
[  160.988808][ T6619] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.997861][ T6619] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.222981][ T6619] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.310784][ T6619] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.092030][ T6640] block nbd3: NBD_DISCONNECT
[  162.104454][ T6640] block nbd3: Disconnected due to user request.
[  162.813930][ T6640] block nbd3: shutting down sockets
[  162.828952][ T5786] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  163.083963][ T6645] loop3: detected capacity change from 0 to 256
[  164.464630][ T6655] tipc: Started in network mode
[  164.469729][ T6655] tipc: Node identity 080211000001, cluster identity 4711
[  164.619112][ T6655] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  164.661976][ T6655] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[  164.725649][ T6655] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  164.749426][ T6655] tipc: Resetting bearer <eth:syzkaller0>
[  164.839515][ T6654] mac80211_hwsim hwsim3 syzkaller0: Caught tx_queue_len zero misconfig
[  164.903500][ T6654] tipc: Resetting bearer <eth:syzkaller0>
[  165.846461][   T23] tipc: Node number set to 134418688
[  165.956176][ T6668] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  165.971137][ T6668] syzkaller0: entered promiscuous mode
[  165.977488][ T6668] syzkaller0: entered allmulticast mode
[  166.001249][ T6670] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.020565][ T6670] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.041725][ T6670] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.060259][ T6670] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.144743][ T6668] tipc: Resetting bearer <eth:syzkaller0>
[  166.241731][ T6667] tipc: Resetting bearer <eth:syzkaller0>
[  166.418132][ T6667] tipc: Disabling bearer <eth:syzkaller0>
[  167.149231][ T6679] block nbd2: NBD_DISCONNECT
[  167.226985][ T6679] block nbd2: Disconnected due to user request.
[  167.311030][ T6679] block nbd2: shutting down sockets
[  169.351721][ T6694] loop3: detected capacity change from 0 to 8192
[  169.379897][ T6694] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  169.423848][ T6694] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  169.523626][ T6694] REISERFS (device loop3): using ordered data mode
[  169.531133][ T6694] reiserfs: using flush barriers
[  169.568189][ T6694] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  170.406390][ T6714] loop2: detected capacity change from 0 to 1024
[  171.166457][ T6694] REISERFS warning (device loop3): journal-2004 journal_init: Journal cnode memory allocation failed (73728 bytes). Journal is too large for available memory. Usually this is due to a journal that is too large.
[  179.801809][   T24] null_blk: rq ffff888022570000 timed out
[  179.807966][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.818588][   T24] null_blk: rq ffff888022570180 timed out
[  179.824416][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.835060][   T24] null_blk: rq ffff888022570300 timed out
[  179.840903][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.851400][   T24] null_blk: rq ffff888022570480 timed out
[  179.857246][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.867754][   T24] null_blk: rq ffff888022570600 timed out
[  179.873977][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.885032][   T24] null_blk: rq ffff888022570780 timed out
[  179.890853][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.901339][   T24] null_blk: rq ffff888022570900 timed out
[  179.907069][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.917564][   T24] null_blk: rq ffff888022570a80 timed out
[  179.923334][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.935930][   T24] null_blk: rq ffff888022570c00 timed out
[  179.941789][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.952404][   T24] null_blk: rq ffff888022570d80 timed out
[  179.958179][   T24] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 2
[  179.968991][   T24] null_blk: rq ffff888022570f00 timed out
[  179.975413][   T24] null_blk: rq ffff888022571080 timed out
[  179.981243][   T24] null_blk: rq ffff888022571200 timed out
[  179.986980][   T24] null_blk: rq ffff888022571380 timed out
[  179.992769][   T24] null_blk: rq ffff888022571500 timed out
[  179.998498][   T24] null_blk: rq ffff888022571680 timed out
[  180.004416][   T24] null_blk: rq ffff888022571800 timed out
[  180.010327][   T24] null_blk: rq ffff888022571980 timed out
[  180.016052][   T24] null_blk: rq ffff888022571b00 timed out
[  180.021818][   T24] null_blk: rq ffff888022571c80 timed out
[  180.027546][   T24] null_blk: rq ffff888022571e00 timed out
[  180.033362][   T24] null_blk: rq ffff888022571f80 timed out
[  180.039576][   T24] null_blk: rq ffff888022572100 timed out
[  180.045289][   T24] null_blk: rq ffff888022572280 timed out
[  180.051214][   T24] null_blk: rq ffff888022572400 timed out
[  180.057068][   T24] null_blk: rq ffff888022572580 timed out
[  180.062952][   T24] null_blk: rq ffff888022572700 timed out
[  180.068665][   T24] null_blk: rq ffff888022572880 timed out
[  180.075264][   T24] null_blk: rq ffff888022572a00 timed out
[  180.081071][   T24] null_blk: rq ffff888022572b80 timed out
[  180.086797][   T24] null_blk: rq ffff888022572d00 timed out
[  180.092651][   T24] null_blk: rq ffff888022572e80 timed out
[  180.098520][   T24] null_blk: rq ffff888022573000 timed out
[  180.104383][   T24] null_blk: rq ffff888022573180 timed out
[  180.110187][   T24] null_blk: rq ffff888022573300 timed out
[  180.115915][   T24] null_blk: rq ffff888022573480 timed out
[  180.121727][   T24] null_blk: rq ffff888022573600 timed out
[  180.127459][   T24] null_blk: rq ffff888022573780 timed out
[  180.133294][   T24] null_blk: rq ffff888022573900 timed out
[  180.139397][   T24] null_blk: rq ffff888022573a80 timed out
[  180.145150][   T24] null_blk: rq ffff888022573c00 timed out
[  180.151013][   T24] null_blk: rq ffff888022573d80 timed out
[  180.156729][   T24] null_blk: rq ffff888022573f00 timed out
[  180.162964][   T24] null_blk: rq ffff888022574080 timed out
[  180.168688][   T24] null_blk: rq ffff888022574200 timed out
[  180.174746][   T24] null_blk: rq ffff888022574380 timed out
[  180.180938][   T24] null_blk: rq ffff888022574500 timed out
[  180.186659][   T24] null_blk: rq ffff888022574680 timed out
[  180.199100][   T24] null_blk: rq ffff888022574800 timed out
[  180.204877][   T24] null_blk: rq ffff888022574980 timed out
[  180.210684][   T24] null_blk: rq ffff888022574b00 timed out
[  180.219046][   T24] null_blk: rq ffff888022574c80 timed out
[  180.325636][ T6740] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.333299][ T6740] batman_adv: batadv0: Removing interface: batadv_slave_0
[  180.341569][ T6740] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  180.349164][ T6740] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.439170][ T6752] orangefs_mount: mount request failed with -4
[  182.414577][ T6757] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  182.432411][ T6757] syzkaller0: entered promiscuous mode
[  182.437936][ T6757] syzkaller0: entered allmulticast mode
[  182.493756][ T6757] tipc: Resetting bearer <eth:syzkaller0>
[  182.503873][ T6756] tipc: Resetting bearer <eth:syzkaller0>
[  182.505532][ T6762] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  182.516533][ T6762] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  182.538044][ T6762] vhci_hcd vhci_hcd.0: Device attached
[  182.685618][ T6756] tipc: Disabling bearer <eth:syzkaller0>
[  182.829236][ T5828] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[  183.007356][ T6776] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  183.017746][ T6776] syzkaller0: entered promiscuous mode
[  183.027485][ T6776] syzkaller0: entered allmulticast mode
[  183.073828][ T6776] tipc: Resetting bearer <eth:syzkaller0>
[  183.090125][ T6775] tipc: Resetting bearer <eth:syzkaller0>
[  183.125895][ T6775] tipc: Disabling bearer <eth:syzkaller0>
[  184.611526][ T6797] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  185.870394][ T6763] vhci_hcd: connection reset by peer
[  185.946177][   T48] vhci_hcd: stop threads
[  185.968774][   T48] vhci_hcd: release socket
[  185.992972][   T48] vhci_hcd: disconnect device
[  186.350729][ T6818] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  186.675541][ T6819] overlayfs: failed to resolve './file0/../file0': -2
[  187.969577][ T5828] vhci_hcd: vhci_device speed not set
[  189.088468][ T6842] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  189.095036][ T6842] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  189.109480][ T6842] vhci_hcd vhci_hcd.0: Device attached
[  189.246218][ T6847] loop0: detected capacity change from 0 to 512
[  189.287032][ T6847] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.252: casefold flag without casefold feature
[  189.301117][ T6847] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.252: couldn't read orphan inode 15 (err -117)
[  189.315123][ T6847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.379048][ T5890] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  189.669571][ T6854] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  189.963369][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.085652][ T6859] loop0: detected capacity change from 0 to 1024
[  190.116410][ T6859] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  190.144208][ T6859] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  190.179710][ T6859] EXT4-fs error (device loop0): ext4_get_journal_inode:5805: inode #5: comm syz.0.255: unexpected bad inode w/o EXT4_IGET_BAD
[  190.204652][ T6859] EXT4-fs (loop0): no journal found
[  190.219068][ T6859] EXT4-fs (loop0): can't get journal size
[  190.240899][ T6843] vhci_hcd: connection reset by peer
[  190.255093][ T3534] vhci_hcd: stop threads
[  190.256799][ T6859] EXT4-fs error (device loop0): ext4_protect_reserved_inode:160: inode #5: comm syz.0.255: unexpected bad inode w/o EXT4_IGET_BAD
[  190.259560][ T3534] vhci_hcd: release socket
[  190.259609][ T3534] vhci_hcd: disconnect device
[  190.283627][ T6859] EXT4-fs (loop0): failed to initialize system zone (-117)
[  190.314906][ T6859] EXT4-fs (loop0): mount failed
[  191.653306][ T5786] Bluetooth: hci1: command 0x0406 tx timeout
[  192.474914][ T6877] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  193.373883][ T6888] netlink: 28 bytes leftover after parsing attributes in process `syz.3.263'.
[  193.433685][ T6888] netlink: 8 bytes leftover after parsing attributes in process `syz.3.263'.
[  194.538308][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  194.554978][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  194.709740][ T5890] vhci_hcd: vhci_device speed not set
[  195.119329][ T6903] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  195.125898][ T6903] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  195.134192][ T6903] vhci_hcd vhci_hcd.0: Device attached
[  195.343491][ T6904] vhci_hcd: connection closed
[  195.374191][   T12] vhci_hcd: stop threads
[  195.463356][   T12] vhci_hcd: release socket
[  195.521129][   T12] vhci_hcd: disconnect device
[  195.934569][ T6910] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  195.963120][ T6912] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  195.970903][ T6912] syzkaller0: entered promiscuous mode
[  195.976414][ T6912] syzkaller0: entered allmulticast mode
[  196.028352][ T6912] tipc: Resetting bearer <eth:syzkaller0>
[  196.043078][ T6911] tipc: Resetting bearer <eth:syzkaller0>
[  196.076794][ T6911] tipc: Disabling bearer <eth:syzkaller0>
[  196.169785][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  196.370995][   T23] usb 1-1: config 0 has no interfaces?
[  196.538748][ T6924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.271'.
[  197.102262][   T23] usb 1-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  197.122122][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.141561][ T6928] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  197.143601][   T23] usb 1-1: Product: syz
[  197.154259][   T23] usb 1-1: Manufacturer: syz
[  197.159273][   T23] usb 1-1: SerialNumber: syz
[  197.170549][   T23] usb 1-1: config 0 descriptor??
[  197.781160][ T6908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.793026][ T6908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.813152][ T6908] netlink: 12 bytes leftover after parsing attributes in process `syz.0.267'.
[  197.827132][ T5890] usb 1-1: USB disconnect, device number 2
[  198.150595][ T6935] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  198.928923][    C0] hrtimer: interrupt took 48419 ns
[  199.512011][ T6954] tipc: Started in network mode
[  199.516946][ T6954] tipc: Node identity b6d98971467, cluster identity 4711
[  199.524992][ T6954] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  199.534664][ T6954] syzkaller0: entered promiscuous mode
[  199.540725][ T6954] syzkaller0: entered allmulticast mode
[  199.602218][ T6954] tipc: Resetting bearer <eth:syzkaller0>
[  199.612524][ T6953] tipc: Resetting bearer <eth:syzkaller0>
[  200.147602][ T6953] tipc: Disabling bearer <eth:syzkaller0>
[  201.146890][ T6976] loop0: detected capacity change from 0 to 128
[  201.178799][ T6976] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  201.259876][ T6976] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  201.344242][ T6976] EXT4-fs error (device loop0): __ext4_get_inode_loc:4483: comm syz.0.289: Invalid inode table block 0 in block_group 0
[  201.403968][ T6933] udevd[6933]: incorrect ext4 checksum on /dev/loop0
[  201.413014][ T6976] EXT4-fs warning (device loop0): ext4_group_add:1747: Error opening resize inode
[  202.183171][ T5780] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  204.656178][ T7006] 8021q: VLANs not supported on ip6gre0
[  205.257576][ T7011] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  206.553080][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.300'.
[  209.439128][   T27] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  209.749216][   T27] usb 4-1: Using ep0 maxpacket: 8
[  209.764858][   T27] usb 4-1: config 150 has an invalid interface number: 204 but max is 1
[  209.774125][   T27] usb 4-1: config 150 has an invalid descriptor of length 0, skipping remainder of the config
[  209.787915][   T27] usb 4-1: config 150 has 1 interface, different from the descriptor's value: 2
[  209.799251][   T27] usb 4-1: config 150 has no interface number 0
[  209.818997][   T27] usb 4-1: config 150 interface 204 has no altsetting 0
[  209.849158][   T27] usb 4-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  209.858994][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.867057][   T27] usb 4-1: Product: syz
[  209.916817][   T27] usb 4-1: Manufacturer: syz
[  209.929207][   T27] usb 4-1: SerialNumber: syz
[  210.227685][ T7066] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  214.929143][  T787] usb 4-1: USB disconnect, device number 5
[  216.335783][ T7095] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  216.344927][ T7100] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  216.355036][ T7095] syzkaller0: entered promiscuous mode
[  216.361929][ T7095] syzkaller0: entered allmulticast mode
[  216.371810][ T7100] syzkaller0: entered promiscuous mode
[  216.381133][ T7100] syzkaller0: entered allmulticast mode
[  216.423163][ T7102] loop3: detected capacity change from 0 to 1024
[  216.455932][ T7102] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  216.472900][ T7102] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  216.500907][ T7102] EXT4-fs error (device loop3): ext4_get_journal_inode:5805: inode #5: comm syz.3.320: unexpected bad inode w/o EXT4_IGET_BAD
[  216.521926][ T7102] EXT4-fs (loop3): no journal found
[  216.534831][ T7102] EXT4-fs (loop3): can't get journal size
[  216.535549][ T7104] tipc: Resetting bearer <eth:syzkaller0>
[  216.551852][ T7102] EXT4-fs error (device loop3): ext4_protect_reserved_inode:160: inode #5: comm syz.3.320: unexpected bad inode w/o EXT4_IGET_BAD
[  216.593256][ T7102] EXT4-fs (loop3): failed to initialize system zone (-117)
[  216.603249][ T7102] EXT4-fs (loop3): mount failed
[  216.764453][ T7106] tipc: Resetting bearer <eth:syzkaller0>
[  216.921237][ T7099] tipc: Resetting bearer <eth:syzkaller0>
[  217.073089][ T7099] tipc: Disabling bearer <eth:syzkaller0>
[  217.132774][ T7094] tipc: Resetting bearer <eth:syzkaller0>
[  217.157585][ T7094] tipc: Disabling bearer <eth:syzkaller0>
[  217.302067][ T7109] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  217.810077][ T7119] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  217.825793][ T7119] syzkaller0: entered promiscuous mode
[  217.852646][ T7119] syzkaller0: entered allmulticast mode
[  217.890176][ T7123] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  217.900643][ T7119] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  217.930845][ T7119] tipc: Resetting bearer <eth:syzkaller0>
[  217.938564][ T7118] tipc: Resetting bearer <eth:syzkaller0>
[  217.964492][ T7118] tipc: Disabling bearer <eth:syzkaller0>
[  221.009367][ T7151] loop2: detected capacity change from 0 to 64
[  221.989524][ T5779] hfs: node 4:3 still has 1 user(s)!
[  221.997204][ T7159] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  222.003763][ T7159] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  222.029119][ T7159] vhci_hcd vhci_hcd.0: Device attached
[  222.113412][ T7166] loop2: detected capacity change from 0 to 1024
[  222.242205][ T7166] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  222.252238][  T787] vhci_hcd: vhci_device speed not set
[  222.260858][ T7166] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  222.329239][  T787] usb 39-1: new full-speed USB device number 3 using vhci_hcd
[  223.022621][ T7166] EXT4-fs error (device loop2): ext4_get_journal_inode:5805: inode #5: comm syz.2.335: unexpected bad inode w/o EXT4_IGET_BAD
[  223.037884][ T7161] vhci_hcd: connection reset by peer
[  223.072039][   T42] vhci_hcd: stop threads
[  223.079499][   T42] vhci_hcd: release socket
[  223.085009][ T7166] EXT4-fs (loop2): no journal found
[  223.092914][ T7166] EXT4-fs (loop2): can't get journal size
[  223.100007][ T7166] EXT4-fs error (device loop2): ext4_protect_reserved_inode:160: inode #5: comm syz.2.335: unexpected bad inode w/o EXT4_IGET_BAD
[  223.118554][   T42] vhci_hcd: disconnect device
[  223.201918][ T7166] EXT4-fs (loop2): failed to initialize system zone (-117)
[  223.212113][ T7166] EXT4-fs (loop2): mount failed
[  225.255144][ T7198] dvmrp8: entered allmulticast mode
[  226.335577][ T7205] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  227.434539][ T7217] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  227.442413][ T7217] syzkaller0: entered promiscuous mode
[  227.447959][ T7217] syzkaller0: entered allmulticast mode
[  227.884849][ T7217] tipc: Resetting bearer <eth:syzkaller0>
[  227.918731][ T7215] tipc: Resetting bearer <eth:syzkaller0>
[  227.964761][ T7215] tipc: Disabling bearer <eth:syzkaller0>
[  228.265422][  T787] vhci_hcd: vhci_device speed not set
[  228.659263][ T7228] rdma_op ffff88807d4d81f0 conn xmit_rdma 0000000000000000
[  229.788183][ T7233] loop3: detected capacity change from 0 to 64
[  229.841903][ T7233] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  231.009859][ T6003] null_blk: rq ffff888022570000 timed out
[  231.015777][ T6003] blk_print_req_error: 42 callbacks suppressed
[  231.015786][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.032704][ T6003] null_blk: rq ffff888022570180 timed out
[  231.038526][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.051084][ T6003] null_blk: rq ffff888022570300 timed out
[  231.057047][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.069009][ T6003] null_blk: rq ffff888022570480 timed out
[  231.074842][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.086492][ T6003] null_blk: rq ffff888022570600 timed out
[  231.092364][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.113400][ T6003] null_blk: rq ffff888022570780 timed out
[  231.119690][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.479169][ T6003] null_blk: rq ffff888022570900 timed out
[  231.485148][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.496129][ T6003] null_blk: rq ffff888022570a80 timed out
[  231.502081][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.513045][ T6003] null_blk: rq ffff888022570c00 timed out
[  231.518983][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.637280][ T6003] null_blk: rq ffff888022570d80 timed out
[  231.646330][ T6003] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  231.657267][ T6003] null_blk: rq ffff888022570f00 timed out
[  231.665599][ T6003] null_blk: rq ffff888022571080 timed out
[  231.673846][ T6003] null_blk: rq ffff888022571200 timed out
[  231.679857][ T6003] null_blk: rq ffff888022571380 timed out
[  231.743675][ T6003] null_blk: rq ffff888022571500 timed out
[  231.749631][ T6003] null_blk: rq ffff888022571680 timed out
[  231.755367][ T6003] null_blk: rq ffff888022571800 timed out
[  231.761277][ T6003] null_blk: rq ffff888022571980 timed out
[  231.767020][ T6003] null_blk: rq ffff888022571b00 timed out
[  231.772851][ T6003] null_blk: rq ffff888022571c80 timed out
[  231.778575][ T6003] null_blk: rq ffff888022571e00 timed out
[  231.784640][ T6003] null_blk: rq ffff888022571f80 timed out
[  231.791291][ T6003] null_blk: rq ffff888022572100 timed out
[  231.797146][ T6003] null_blk: rq ffff888022572280 timed out
[  231.807651][ T6003] null_blk: rq ffff888022572400 timed out
[  231.813473][ T6003] null_blk: rq ffff888022572580 timed out
[  231.819240][ T6003] null_blk: rq ffff888022572700 timed out
[  231.824965][ T6003] null_blk: rq ffff888022572880 timed out
[  231.830875][ T6003] null_blk: rq ffff888022572a00 timed out
[  231.836669][ T6003] null_blk: rq ffff888022572b80 timed out
[  231.843114][ T6003] null_blk: rq ffff888022572d00 timed out
[  231.848979][ T6003] null_blk: rq ffff888022572e80 timed out
[  231.854738][ T6003] null_blk: rq ffff888022573000 timed out
[  231.860864][ T6003] null_blk: rq ffff888022573180 timed out
[  231.866634][ T6003] null_blk: rq ffff888022573300 timed out
[  231.872782][ T6003] null_blk: rq ffff888022573480 timed out
[  231.878513][ T6003] null_blk: rq ffff888022573600 timed out
[  231.884311][ T6003] null_blk: rq ffff888022573780 timed out
[  231.890390][ T6003] null_blk: rq ffff888022573900 timed out
[  231.896118][ T6003] null_blk: rq ffff888022573a80 timed out
[  231.902050][ T6003] null_blk: rq ffff888022573c00 timed out
[  231.907761][ T6003] null_blk: rq ffff888022573d80 timed out
[  231.913662][ T6003] null_blk: rq ffff888022573f00 timed out
[  231.919431][ T6003] null_blk: rq ffff888022574080 timed out
[  231.925165][ T6003] null_blk: rq ffff888022574200 timed out
[  231.930948][ T6003] null_blk: rq ffff888022574380 timed out
[  231.936689][ T6003] null_blk: rq ffff888022574500 timed out
[  231.942481][ T6003] null_blk: rq ffff888022574680 timed out
[  231.948196][ T6003] null_blk: rq ffff888022574800 timed out
[  231.954087][ T6003] null_blk: rq ffff888022574980 timed out
[  231.959881][ T6003] null_blk: rq ffff888022574b00 timed out
[  231.965640][ T6003] null_blk: rq ffff888022574c80 timed out
[  231.971496][ T6003] null_blk: rq ffff888022574e00 timed out
[  231.977212][ T6003] null_blk: rq ffff888022574f80 timed out
[  231.982976][ T6003] null_blk: rq ffff888022575100 timed out
[  231.989065][ T6003] null_blk: rq ffff888022575280 timed out
[  231.995082][ T6003] null_blk: rq ffff888022575400 timed out
[  232.000843][ T6003] null_blk: rq ffff888022575580 timed out
[  232.006557][ T6003] null_blk: rq ffff888022575700 timed out
[  232.012416][ T6003] null_blk: rq ffff888022575880 timed out
[  232.018155][ T6003] null_blk: rq ffff888022575a00 timed out
[  232.023994][ T6003] null_blk: rq ffff888022575b80 timed out
[  232.029733][ T6003] null_blk: rq ffff888022575d00 timed out
[  232.035444][ T6003] null_blk: rq ffff888022575e80 timed out
[  232.200002][ T7251] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  232.245639][ T7256] loop3: detected capacity change from 0 to 1024
[  232.611008][ T7263] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  234.001160][ T7282] loop2: detected capacity change from 0 to 64
[  234.019817][ T7282] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  234.973751][ T7295] netlink: 16 bytes leftover after parsing attributes in process `syz.1.366'.
[  238.595163][ T7332] netlink: 80 bytes leftover after parsing attributes in process `syz.0.376'.
[  238.609500][ T7332] netlink: 80 bytes leftover after parsing attributes in process `syz.0.376'.
[  242.862397][ T7358] loop3: detected capacity change from 0 to 256
[  248.941716][ T7372] loop0: detected capacity change from 0 to 4096
[  249.316066][ T7372] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  249.390053][ T7372] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  249.491610][   T28] audit: type=1800 audit(1754414084.063:10): pid=7370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.384" name="file1" dev="loop0" ino=24 res=0 errno=0
[  249.732929][ T5780] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22.
[  250.692359][ T7389] tipc: Enabled bearer <eth:team0>, priority 0
[  251.321850][ T7381] hub 9-0:1.0: USB hub found
[  251.327820][ T7381] hub 9-0:1.0: 1 port detected
[  251.453992][ T7394] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  251.952150][ T5884] tipc: Node number set to 4037642609
[  253.881252][ T7415] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  256.120057][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  256.126477][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  257.002767][ T7440] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  257.244263][ T7451] loop2: detected capacity change from 0 to 512
[  257.319554][ T7452] UBIFS error (pid: 7452): cannot open "./file0", error -22
[  257.649344][ T7451] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  257.750205][ T7451] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  257.758487][ T7451] System zones: 1-12
[  257.794056][ T7451] EXT4-fs (loop2): 1 truncate cleaned up
[  257.816073][ T7451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.548531][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.791772][ T7493] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  264.561196][ T7503] loop2: detected capacity change from 0 to 32768
[  264.884604][ T7507] vxcan1: entered allmulticast mode
[  265.050796][ T7503] (syz.2.418,7503,0):ocfs2_load_local_alloc:338 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  265.050796][ T7503] found = 2, set = 0, taken = 0, off = 0
[  265.071997][ T7503] (syz.2.418,7503,0):ocfs2_load_local_alloc:355 ERROR: status = -22
[  265.080258][ T7503] (syz.2.418,7503,0):ocfs2_check_volume:2462 ERROR: status = -22
[  265.088014][ T7503] (syz.2.418,7503,0):ocfs2_check_volume:2490 ERROR: status = -22
[  265.095846][ T7503] (syz.2.418,7503,0):ocfs2_mount_volume:1822 ERROR: status = -22
[  265.198006][ T7503] (syz.2.418,7503,0):ocfs2_fill_super:1178 ERROR: status = -22
[  267.310525][ T7524] loop2: detected capacity change from 0 to 128
[  269.296669][ T7524] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.342685][ T7524] ext4 filesystem being mounted at /91/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  269.438935][ T5779] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.479604][   T27] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  270.233352][ T7541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.430'.
[  270.250945][   T27] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  270.266582][   T27] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  270.270843][ T7541] bond_slave_0: entered promiscuous mode
[  270.277925][   T27] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  270.281713][ T7541] bond_slave_1: entered promiscuous mode
[  270.291810][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  270.296670][ T7541] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  270.304692][   T27] usb 1-1: SerialNumber: syz
[  270.319091][ T7541] macvtap1: entered promiscuous mode
[  270.326709][ T7541] bond0: entered promiscuous mode
[  270.339487][ T7541] macvtap1: entered allmulticast mode
[  270.345056][ T7541] bond0: entered allmulticast mode
[  270.350397][ T7541] bond_slave_0: entered allmulticast mode
[  270.356255][ T7541] bond_slave_1: entered allmulticast mode
[  270.362869][ T7541] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  270.372000][ T7541] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  270.513616][ T7546] bond0: left allmulticast mode
[  270.518689][ T7546] bond_slave_0: left allmulticast mode
[  270.525130][ T7546] bond_slave_1: left allmulticast mode
[  270.531193][ T7546] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  270.538199][ T7546] bond0: left promiscuous mode
[  270.544369][ T7546] bond_slave_0: left promiscuous mode
[  270.549858][ T7546] bond_slave_1: left promiscuous mode
[  270.555574][ T7546] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  270.573643][   T27] usb 1-1: 0:2 : does not exist
[  270.629805][   T27] usb 1-1: USB disconnect, device number 3
[  270.684388][ T6933] udevd[6933]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  271.470095][ T7557] loop3: detected capacity change from 0 to 4096
[  271.654987][ T7557] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  271.727215][ T7557] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  271.754728][   T28] audit: type=1800 audit(1754414106.343:11): pid=7557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.434" name="file1" dev="loop3" ino=24 res=0 errno=0
[  271.949358][ T5777] ntfs3: loop3: ino=1a, ntfs_sync_fs failed, -22.
[  272.052456][ T7565] loop2: detected capacity change from 0 to 1024
[  273.781441][ T7569] hfsplus: xattr searching failed
[  273.817586][ T7580] loop0: detected capacity change from 0 to 512
[  273.867449][ T7580] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  273.926331][ T7580] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  273.951735][ T7580] System zones: 1-12
[  273.983939][ T7580] EXT4-fs (loop0): 1 truncate cleaned up
[  274.013289][ T7580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.104026][ T7584] kvm: kvm [7583]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  274.114714][ T7584] kvm: kvm [7583]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  276.068717][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.215653][ T7610] loop3: detected capacity change from 0 to 256
[  276.262610][ T7610] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  276.504721][   T27] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  277.302552][   T27] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  277.314066][   T27] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  277.324511][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.367928][   T27] usb 1-1: config 0 descriptor??
[  277.385552][   T27] pwc: Askey VC010 type 2 USB webcam detected.
[  277.512697][ T7614] kvm: kvm [7613]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x800006e04
[  277.787976][   T27] pwc: recv_control_msg error -32 req 02 val 2b00
[  277.795531][   T27] pwc: recv_control_msg error -32 req 02 val 2700
[  277.803277][   T27] pwc: recv_control_msg error -32 req 02 val 2c00
[  277.811850][   T27] pwc: recv_control_msg error -32 req 04 val 1000
[  277.997497][   T27] pwc: recv_control_msg error -32 req 04 val 1300
[  278.005166][   T27] pwc: recv_control_msg error -32 req 04 val 1400
[  278.415935][   T27] pwc: recv_control_msg error -32 req 02 val 2000
[  278.425826][   T27] pwc: recv_control_msg error -32 req 02 val 2100
[  278.435171][   T27] pwc: recv_control_msg error -32 req 04 val 1500
[  278.456781][   T27] pwc: recv_control_msg error -32 req 02 val 2500
[  278.473767][   T27] pwc: recv_control_msg error -32 req 02 val 2400
[  278.485371][   T27] pwc: recv_control_msg error -32 req 02 val 2600
[  278.497371][   T27] pwc: recv_control_msg error -32 req 02 val 2900
[  278.716122][   T27] pwc: recv_control_msg error -71 req 04 val 1100
[  278.742110][   T27] pwc: recv_control_msg error -71 req 04 val 1200
[  278.753936][   T27] pwc: Registered as video103.
[  278.764031][   T27] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  278.807643][   T27] usb 1-1: USB disconnect, device number 4
[  280.078936][ T7641] netlink: 'syz.1.459': attribute type 1 has an invalid length.
[  281.097747][ T7649] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  281.123576][ T7649] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  281.185131][ T7658] gretap1: entered promiscuous mode
[  282.123762][ T7641] macvlan3: entered promiscuous mode
[  282.136265][ T7660] netlink: 32 bytes leftover after parsing attributes in process `syz.3.460'.
[  282.148941][ T7641] macvlan3: entered allmulticast mode
[  282.155435][ T7641] bond1: entered promiscuous mode
[  282.168602][ T7641] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  282.190009][ T7641] bond1: left promiscuous mode
[  283.284457][ T7677] netlink: 'syz.3.465': attribute type 1 has an invalid length.
[  284.340602][ T7677] bond1: (slave gretap1): making interface the new active one
[  284.361695][ T7677] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  284.425312][ T7677] vlan2: entered allmulticast mode
[  284.436306][ T7677] bond1: entered allmulticast mode
[  284.444131][ T7677] gretap1: entered allmulticast mode
[  284.530560][ T7677] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  286.845103][ T7708] loop0: detected capacity change from 0 to 256
[  287.040375][ T7708] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  290.826369][ T7734] loop3: detected capacity change from 0 to 1024
[  293.223193][ T7757] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  298.948611][ T7808] loop2: detected capacity change from 0 to 16
[  299.823504][ T7808] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  302.344252][ T7862] loop3: detected capacity change from 0 to 256
[  302.369801][ T7862] FAT-fs (loop3): Directory bread(block 64) failed
[  302.376713][ T7862] FAT-fs (loop3): Directory bread(block 65) failed
[  302.383755][ T7862] FAT-fs (loop3): Directory bread(block 66) failed
[  302.405620][ T7862] FAT-fs (loop3): Directory bread(block 67) failed
[  302.439358][ T7862] FAT-fs (loop3): Directory bread(block 68) failed
[  302.470406][ T7862] FAT-fs (loop3): Directory bread(block 69) failed
[  302.569780][ T7862] FAT-fs (loop3): Directory bread(block 70) failed
[  302.576353][ T7862] FAT-fs (loop3): Directory bread(block 71) failed
[  302.583073][ T7862] FAT-fs (loop3): Directory bread(block 72) failed
[  302.589885][ T7862] FAT-fs (loop3): Directory bread(block 73) failed
[  305.355184][ T7899] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  305.367770][ T7885] kvm: kvm [7884]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1ac9
[  305.412762][ T7885] kvm: kvm [7884]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x145a
[  306.716970][ T7914] warning: `syz.3.506' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  307.503125][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.510'.
[  307.551010][ T7923] bond_slave_0: entered promiscuous mode
[  307.556846][ T7923] bond_slave_1: entered promiscuous mode
[  307.599273][ T7923] macvtap1: entered promiscuous mode
[  307.604626][ T7923] bond0: entered promiscuous mode
[  307.637601][ T7923] macvtap1: entered allmulticast mode
[  307.661802][ T7923] bond0: entered allmulticast mode
[  307.669514][ T7923] bond_slave_0: entered allmulticast mode
[  307.675917][ T7923] bond_slave_1: entered allmulticast mode
[  307.731375][ T7923] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  309.063358][ T7924] bond0: left allmulticast mode
[  309.068279][ T7924] bond_slave_0: left allmulticast mode
[  309.082187][ T7924] bond_slave_1: left allmulticast mode
[  309.087913][ T7924] bond0: left promiscuous mode
[  309.112857][ T7924] bond_slave_0: left promiscuous mode
[  309.118434][ T7924] bond_slave_1: left promiscuous mode
[  309.743458][ T7941] loop0: detected capacity change from 0 to 764
[  309.761182][ T7941] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  309.785482][   T11] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  310.144248][ T7945] netlink: 4 bytes leftover after parsing attributes in process `syz.2.517'.
[  310.417823][ T7949] kvm: kvm [7948]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6b00
[  310.433218][ T7949] kvm: kvm [7948]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xeb00
[  310.444267][ T7949] kvm: kvm [7948]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xa300
[  310.458431][ T7949] kvm: kvm [7948]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xa300
[  311.779292][ T7984] kvm: kvm [7983]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  311.793044][ T7984] kvm: kvm [7983]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  311.803721][ T7984] kvm: kvm [7983]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  312.441918][ T7991] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  312.586546][ T7984] kvm: kvm [7983]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[  312.715364][ T7999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.526'.
[  312.752362][ T7999] bond_slave_0: entered promiscuous mode
[  312.758084][ T7999] bond_slave_1: entered promiscuous mode
[  312.766858][ T7999] macvtap1: entered promiscuous mode
[  312.773137][ T7999] bond0: entered promiscuous mode
[  312.819921][ T7999] macvtap1: entered allmulticast mode
[  312.825361][ T7999] bond0: entered allmulticast mode
[  312.868988][ T7999] bond_slave_0: entered allmulticast mode
[  312.875026][ T7999] bond_slave_1: entered allmulticast mode
[  312.883621][ T7999] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  312.900043][ T8001] bond0: left allmulticast mode
[  312.909016][ T8001] bond_slave_0: left allmulticast mode
[  312.926006][ T8001] bond_slave_1: left allmulticast mode
[  312.944768][ T8001] bond0: left promiscuous mode
[  312.955381][ T8001] bond_slave_0: left promiscuous mode
[  312.960997][ T8001] bond_slave_1: left promiscuous mode
[  313.347783][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.0.530'.
[  314.779937][ T8017] loop3: detected capacity change from 0 to 512
[  315.041291][ T8017] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  315.230862][ T8017] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.531: corrupted in-inode xattr: e_name out of bounds
[  315.328995][ T8017] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  315.367205][ T8017] EXT4-fs (loop3): 1 truncate cleaned up
[  315.383178][ T8017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.429505][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.435831][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.473892][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.812021][ T8062] binder: 8059:8062 ioctl 541b 200000000140 returned -22
[  320.940381][   T27] libceph: connect (1)[c::]:6789 error -101
[  320.950727][   T27] libceph: mon0 (1)[c::]:6789 connect error
[  320.967953][   T27] libceph: connect (1)[c::]:6789 error -101
[  321.004929][ T8070] atomic_op ffff88802c103198 conn xmit_atomic 0000000000000000
[  321.043873][   T27] libceph: mon0 (1)[c::]:6789 connect error
[  321.082457][   T23] IPVS: starting estimator thread 0...
[  321.680410][ T8072] IPVS: using max 26 ests per chain, 62400 per kthread
[  321.841856][   T23] libceph: connect (1)[c::]:6789 error -101
[  321.848076][ T8065] ceph: No mds server is up or the cluster is laggy
[  321.856624][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  322.371914][ T8081] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  322.967719][   T23] libceph: connect (1)[c::]:6789 error -101
[  323.029495][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  325.755811][ T8105] Bluetooth: MGMT ver 1.22
[  326.294316][ T8113] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  326.654444][ T8116] loop2: detected capacity change from 0 to 4096
[  326.686975][ T8116] ntfs3: loop2: Unsupported bytes per MFT record 8192.
[  326.694477][ T8116] ntfs3: loop2: try to read out of volume at offset 0x1ffe00
[  327.060252][ T8119] loop3: detected capacity change from 0 to 256
[  327.134399][ T6933] blk_print_req_error: 54 callbacks suppressed
[  327.134415][ T6933] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  329.570601][ T8135] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  329.577153][ T8135] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  329.622231][ T8140] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  329.669029][ T8135] vhci_hcd vhci_hcd.0: Device attached
[  329.776917][ T8141] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  329.879721][    T8] vhci_hcd: vhci_device speed not set
[  330.026024][    T8] usb 39-1: new full-speed USB device number 4 using vhci_hcd
[  330.096984][ T8135] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(11)
[  330.103625][ T8135] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  330.113585][ T8135] vhci_hcd vhci_hcd.0: Device attached
[  330.869339][ T8135] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(15)
[  330.875999][ T8135] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  330.895875][ T8135] vhci_hcd vhci_hcd.0: Device attached
[  330.916006][ T8152] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  331.120007][ T8152] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  331.143712][ T8141] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(18)
[  331.150354][ T8141] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  331.393408][ T8141] vhci_hcd vhci_hcd.0: Device attached
[  331.406831][ T8147] vhci_hcd: connection closed
[  331.407146][ T7073] vhci_hcd: stop threads
[  331.418034][ T8138] vhci_hcd: connection reset by peer
[  331.418040][ T8142] vhci_hcd: connection closed
[  331.424214][ T7073] vhci_hcd: release socket
[  331.848589][ T7073] vhci_hcd: disconnect device
[  331.859557][ T7073] vhci_hcd: stop threads
[  331.863941][ T7073] vhci_hcd: release socket
[  331.868588][ T7073] vhci_hcd: disconnect device
[  331.873786][ T7073] vhci_hcd: stop threads
[  331.878089][ T7073] vhci_hcd: release socket
[  331.884913][ T7073] vhci_hcd: disconnect device
[  331.896761][ T8153] vhci_hcd: connection closed
[  331.897161][ T7073] vhci_hcd: stop threads
[  331.908381][ T7073] vhci_hcd: release socket
[  331.913238][ T7073] vhci_hcd: disconnect device
[  335.703903][    T8] vhci_hcd: vhci_device speed not set
[  336.630807][ T8209] loop3: detected capacity change from 0 to 16
[  337.190435][ T8209] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  338.004483][ T8216] loop0: detected capacity change from 0 to 764
[  339.902781][ T8219] Symlink component flag not implemented
[  339.909456][ T8219] Symlink component flag not implemented
[  339.916769][ T8219] Symlink component flag not implemented (128)
[  339.923840][ T8219] Symlink component flag not implemented (122)
[  340.942379][ T8227] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.952660][ T8227] syzkaller0: entered promiscuous mode
[  340.958171][ T8227] syzkaller0: entered allmulticast mode
[  341.052612][ T8227] tipc: Resetting bearer <eth:syzkaller0>
[  341.065614][ T8225] tipc: Resetting bearer <eth:syzkaller0>
[  341.101233][ T8225] tipc: Disabling bearer <eth:syzkaller0>
[  343.426213][ T8252] loop2: detected capacity change from 0 to 64
[  344.349571][ T8265] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  346.714618][ T8287] syz_tun: entered allmulticast mode
[  346.762396][ T8287] dvmrp8: entered allmulticast mode
[  346.778943][ T5884] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  346.818231][ T8286] syz_tun: left allmulticast mode
[  347.058916][ T5884] usb 1-1: Using ep0 maxpacket: 8
[  347.066374][ T5884] usb 1-1: config index 0 descriptor too short (expected 19730, got 18)
[  347.091903][ T5884] usb 1-1: config 0 has too many interfaces: 54, using maximum allowed: 32
[  347.142304][ T5884] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 54
[  347.811034][ T5884] usb 1-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=c4.6d
[  347.892748][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.952992][ T5884] usb 1-1: Product: syz
[  347.992789][ T5884] usb 1-1: Manufacturer: syz
[  348.020694][ T5884] usb 1-1: SerialNumber: syz
[  348.030019][ T5884] usb 1-1: config 0 descriptor??
[  348.051366][ T5884] gspca_main: sn9c2028-2.14.0 probing 0c45:8001
[  348.998443][ T5884] gspca_sn9c2028: read1 error -110
[  349.004122][ T5884] gspca_sn9c2028: read1 error -32
[  349.019429][ T5884] gspca_sn9c2028: read1 error -32
[  349.024561][ T5884] sn9c2028: probe of 1-1:0.0 failed with error -32
[  349.141343][ T5884] usb 1-1: USB disconnect, device number 5
[  351.372010][ T8322] loop0: detected capacity change from 0 to 2048
[  351.391176][ T8326] loop3: detected capacity change from 0 to 2048
[  351.404531][ T8326] UDF-fs: bad mount option "0xffffffffffffffff" or missing value
[  351.416621][ T8322] FAT-fs (loop0): Unrecognized mount option "msdos" or missing value
[  352.802306][ T8342] loop0: detected capacity change from 0 to 128
[  352.809742][ T8342] EXT4-fs: Ignoring removed nobh option
[  353.700717][ T8343] No such timeout policy "syz1"
[  353.876625][ T8342] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  353.890088][ T8342] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  354.093275][ T5780] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  358.471692][ T8364] loop3: detected capacity change from 0 to 1024
[  359.259632][ T8364] hfsplus: unable to find HFS+ superblock
[  360.078929][ T5884] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  360.258986][ T5884] usb 4-1: Using ep0 maxpacket: 8
[  360.276383][ T5884] usb 4-1: config index 0 descriptor too short (expected 19730, got 18)
[  361.071358][ T5884] usb 4-1: config 0 has too many interfaces: 54, using maximum allowed: 32
[  361.411679][ T5884] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 54
[  361.613964][ T5884] usb 4-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=c4.6d
[  361.628476][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.658886][ T5884] usb 4-1: Product: syz
[  361.663116][ T5884] usb 4-1: Manufacturer: syz
[  361.683773][ T5884] usb 4-1: SerialNumber: syz
[  361.699953][ T5884] usb 4-1: config 0 descriptor??
[  361.726527][ T5884] gspca_main: sn9c2028-2.14.0 probing 0c45:8001
[  362.103081][ T5884] gspca_sn9c2028: read1 error -71
[  362.144951][ T5884] gspca_sn9c2028: read1 error -71
[  362.177240][ T5884] gspca_sn9c2028: read1 error -71
[  362.190967][ T5884] sn9c2028: probe of 4-1:0.0 failed with error -71
[  362.237517][ T5884] usb 4-1: USB disconnect, device number 6
[  363.556481][ T8394] syz.2.619 (8394): drop_caches: 2
[  367.847388][ T8433] loop0: detected capacity change from 0 to 2048
[  367.857700][ T8433] FAT-fs (loop0): Unrecognized mount option "msdos" or missing value
[  371.127923][ T8453] loop0: detected capacity change from 0 to 8192
[  372.278703][ T8453] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  372.349003][ T8453] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  372.362116][ T8453] REISERFS (device loop0): using ordered data mode
[  372.369326][ T8453] reiserfs: using flush barriers
[  372.950704][ T8453] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  372.971917][ T8453] REISERFS (device loop0): checking transaction log (loop0)
[  372.988268][ T8453] REISERFS (device loop0): Using r5 hash to sort names
[  373.296608][ T8453] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  375.130945][   T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  376.573908][ T8487] affs: No valid root block on device nullb0
[  376.839495][   T23] usb 1-1: Using ep0 maxpacket: 8
[  377.168302][   T23] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  377.296232][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.324723][   T23] usb 1-1: Product: syz
[  377.347294][   T23] usb 1-1: Manufacturer: syz
[  377.368214][   T23] usb 1-1: SerialNumber: syz
[  377.620022][   T23] usb 1-1: config 0 descriptor??
[  377.638726][   T23] usb 1-1: can't set config #0, error -71
[  377.647941][   T23] usb 1-1: USB disconnect, device number 6
[  378.095669][   T28] audit: type=1800 audit(1754414212.643:12): pid=8503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.646" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  378.751740][ T8507] fuse: root generation should be zero
[  378.843481][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  379.029455][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  379.951524][ T8523] loop3: detected capacity change from 0 to 1024
[  379.979532][ T8523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.061966][ T8523] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.073101][ T8528] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  380.073101][ T8528] The task syz.0.651 (8528) triggered the difference, watch for misbehavior.
[  381.282733][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.067720][ T8560] syz.0.657 (8560) used greatest stack depth: 20904 bytes left
[  387.790794][ T8579] loop2: detected capacity change from 0 to 8192
[  387.949274][ T8585] netlink: 168 bytes leftover after parsing attributes in process `syz.0.664'.
[  391.065297][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.067893][ T8608] loop3: detected capacity change from 0 to 8192
[  392.441702][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.809213][ T8618] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  393.818411][ T8618] FAT-fs (loop3): Filesystem has been set read-only
[  394.237138][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.351166][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.383137][ T8624] tipc: Started in network mode
[  394.388057][ T8624] tipc: Node identity 4, cluster identity 4711
[  394.394418][ T8624] tipc: Node number set to 4
[  395.321032][ T8632] loop3: detected capacity change from 0 to 512
[  395.460837][ T8635] netlink: 56 bytes leftover after parsing attributes in process `syz.1.679'.
[  395.475624][ T8632] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  395.629733][   T12] tipc: Left network mode
[  395.670419][ T8632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  395.782774][ T8632] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.004751][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  398.932680][ T8661] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  398.943469][ T8661] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  398.976281][ T8661] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  398.997570][ T8661] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  399.005476][ T8661] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  399.012945][ T8661] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  401.080551][ T5789] Bluetooth: hci2: command tx timeout
[  401.100011][    T8] IPVS: starting estimator thread 0...
[  401.239069][ T8691] IPVS: using max 25 ests per chain, 60000 per kthread
[  401.716750][ T8696] loop0: detected capacity change from 0 to 2048
[  401.775864][   T12] dvmrp8 (unregistering): left allmulticast mode
[  401.788305][ T8698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.692'.
[  401.825226][ T8696] NILFS (loop0): invalid segment: Inconsistency found
[  401.851960][ T8698] 8021q: adding VLAN 0 to HW filter on device bond2
[  401.889775][ T8696] NILFS (loop0): trying rollback from an earlier position
[  401.998978][ T8696] NILFS (loop0): recovery complete
[  402.141185][ T8710] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  403.175233][ T5789] Bluetooth: hci2: command tx timeout
[  403.424745][ T8724] xt_socket: unknown flags 0x50
[  403.462870][ T8724] overlayfs: missing 'lowerdir'
[  404.373841][   T12] hsr_slave_0: left promiscuous mode
[  404.449119][   T12] hsr_slave_1: left promiscuous mode
[  404.465731][   T12] bridge_slave_1: left allmulticast mode
[  404.478951][   T12] bridge_slave_1: left promiscuous mode
[  404.487355][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.515451][   T12] bridge_slave_0: left allmulticast mode
[  404.532847][   T12] bridge_slave_0: left promiscuous mode
[  404.553221][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.667737][   T12] veth1_macvtap: left promiscuous mode
[  404.686768][   T12] veth0_macvtap: left promiscuous mode
[  404.696895][   T12] veth1_vlan: left promiscuous mode
[  404.707212][   T12] veth0_vlan: left promiscuous mode
[  405.240680][ T5789] Bluetooth: hci2: command tx timeout
[  405.780644][   T12] team0 (unregistering): Port device team_slave_1 removed
[  406.018260][   T12] team0 (unregistering): Port device team_slave_0 removed
[  406.191704][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  406.433024][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.723068][ T8752] loop0: detected capacity change from 0 to 2048
[  406.744414][ T8752] UDF-fs: bad mount option "0xffffffffffffffff" or missing value
[  407.224428][   T12] bond0 (unregistering): Released all slaves
[  407.359526][ T5789] Bluetooth: hci2: command tx timeout
[  407.554116][ T8726] tipc: Resetting bearer <eth:syzkaller0>
[  407.560735][ T8726] tipc: Resetting bearer <eth:syzkaller0>
[  407.688273][ T8660] chnl_net:caif_netlink_parms(): no params data found
[  408.174244][ T8660] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.174405][ T8660] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.174578][ T8660] bridge_slave_0: entered allmulticast mode
[  408.176321][ T8660] bridge_slave_0: entered promiscuous mode
[  408.192594][ T8660] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.192689][ T8660] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.192847][ T8660] bridge_slave_1: entered allmulticast mode
[  408.194259][ T8660] bridge_slave_1: entered promiscuous mode
[  409.237369][ T8660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.250404][ T8660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  410.166142][ T8784] loop0: detected capacity change from 0 to 512
[  410.261868][ T8784] EXT4-fs: Ignoring removed nomblk_io_submit option
[  410.278628][ T8784] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  410.325074][ T8660] team0: Port device team_slave_0 added
[  410.436687][ T8784] EXT4-fs (loop0): 1 truncate cleaned up
[  410.463307][ T8660] team0: Port device team_slave_1 added
[  410.933614][ T8784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.272971][ T8660] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.288881][ T8660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.374257][ T8660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.389071][ T8660] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.396318][ T8660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.423252][ T8660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.535025][ T8804] netlink: 'syz.0.706': attribute type 16 has an invalid length.
[  411.543033][ T8804] netlink: 'syz.0.706': attribute type 3 has an invalid length.
[  411.550981][ T8804] netlink: 64066 bytes leftover after parsing attributes in process `syz.0.706'.
[  411.862121][ T8660] hsr_slave_0: entered promiscuous mode
[  411.888587][ T8660] hsr_slave_1: entered promiscuous mode
[  411.904120][ T8660] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  411.924932][ T8660] Cannot create hsr debugfs directory
[  411.991494][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.442665][ T8830] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  415.528576][ T8836] loop3: detected capacity change from 0 to 4096
[  415.820527][ T8660] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  415.861602][   T28] audit: type=1800 audit(1754414250.443:13): pid=8836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.715" name="file1" dev="loop3" ino=33 res=0 errno=0
[  415.902460][ T8660] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  415.991905][   T28] audit: type=1800 audit(1754414250.563:14): pid=8852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.715" name="file1" dev="loop3" ino=33 res=0 errno=0
[  416.050246][ T8660] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  416.406956][ T8660] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  416.994179][ T8660] 8021q: adding VLAN 0 to HW filter on device bond0
[  417.025938][ T8660] 8021q: adding VLAN 0 to HW filter on device team0
[  417.132526][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.139691][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.160610][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.169115][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  418.436428][ T8874] overlayfs: failed to resolve './file1': -2
[  419.448956][ T8884] fuse: Bad value for 'fd'
[  420.792657][ T8660] 8021q: adding VLAN 0 to HW filter on device batadv0
[  420.987789][ T8905] loop0: detected capacity change from 0 to 2048
[  421.030229][ T8905] EXT4-fs: Ignoring removed bh option
[  421.080001][ T8905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.371343][ T8910] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  422.023206][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.403408][ T8660] veth0_vlan: entered promiscuous mode
[  422.421139][ T8660] veth1_vlan: entered promiscuous mode
[  422.787412][ T8933] cgroup: Unknown subsys name '¬§@п¬Ѕжм¦4*oдВТЈhУоєoюьнUЬ'
[  423.751617][ T8938] loop0: detected capacity change from 0 to 512
[  423.783373][ T8660] veth0_macvtap: entered promiscuous mode
[  423.802102][ T8660] veth1_macvtap: entered promiscuous mode
[  423.828067][ T8938] EXT4-fs (loop0): #blocks per group too big: 466944
[  423.852842][ T8660] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.886588][ T8660] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.920223][ T8660] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.956234][ T8660] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.977736][ T8660] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.987996][ T8660] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.150375][ T8948] overlayfs: workdir and upperdir must reside under the same mount
[  424.228333][ T8943] tipc: Resetting bearer <eth:syzkaller0>
[  424.745221][ T8955] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  424.751797][ T8955] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  424.763093][  T573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.796759][ T8955] vhci_hcd vhci_hcd.0: Device attached
[  424.806630][  T573] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.897551][ T8955] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(10)
[  424.904392][ T8955] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  424.958425][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.972881][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.990339][ T8955] vhci_hcd vhci_hcd.0: Device attached
[  425.044228][ T8964] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(13)
[  425.050977][ T8964] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  425.131830][ T8964] vhci_hcd vhci_hcd.0: Device attached
[  425.212039][ T8955] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  425.249441][ T8821] usb 39-1: new low-speed USB device number 5 using vhci_hcd
[  425.302508][ T8964] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(17)
[  425.309177][ T8964] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  425.331331][ T8955] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(16)
[  425.338002][ T8955] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  425.392900][ T8976] netlink: 'syz.1.733': attribute type 16 has an invalid length.
[  425.400816][ T8976] netlink: 'syz.1.733': attribute type 3 has an invalid length.
[  425.408508][ T8976] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.733'.
[  425.834309][ T8964] vhci_hcd vhci_hcd.0: Device attached
[  425.864551][ T8978] loop4: detected capacity change from 0 to 512
[  425.875232][ T8979] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  425.933984][ T8955] vhci_hcd vhci_hcd.0: Device attached
[  425.967710][ T8964] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  425.978629][ T8964] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  426.000327][ T8978] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.682: iget: bad extended attribute block 1
[  426.065541][ T8978] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.682: couldn't read orphan inode 15 (err -117)
[  426.115782][ T8964] vhci_hcd vhci_hcd.0: port 0 already used
[  426.142826][ T8978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.967475][ T8960] vhci_hcd: connection closed
[  426.971588][ T8965] vhci_hcd: connection closed
[  426.976802][   T11] vhci_hcd: stop threads
[  426.986197][ T8968] vhci_hcd: connection closed
[  427.019255][ T8956] vhci_hcd: connection reset by peer
[  427.030596][ T8971] vhci_hcd: connection closed
[  427.030794][   T11] vhci_hcd: release socket
[  427.068451][   T11] vhci_hcd: disconnect device
[  427.073690][   T11] vhci_hcd: stop threads
[  427.077963][   T11] vhci_hcd: release socket
[  427.083233][   T11] vhci_hcd: disconnect device
[  427.107793][   T11] vhci_hcd: stop threads
[  427.189633][   T11] vhci_hcd: release socket
[  427.284097][   T11] vhci_hcd: disconnect device
[  427.289276][ T8993] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  427.299284][   T11] vhci_hcd: stop threads
[  427.308318][   T11] vhci_hcd: release socket
[  427.313471][   T11] vhci_hcd: disconnect device
[  427.351835][   T11] vhci_hcd: stop threads
[  427.356148][   T11] vhci_hcd: release socket
[  427.423836][   T11] vhci_hcd: disconnect device
[  427.770619][ T8660] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.564977][ T9016] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:bb to non-existent VLAN 2048
[  428.616484][ T9018] loop0: detected capacity change from 0 to 64
[  428.679209][ T6933] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  428.905923][ T9021] bond0: (slave wlan1): Releasing backup interface
[  429.526882][ T9027] loop4: detected capacity change from 0 to 1024
[  429.635932][ T9027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  429.649478][ T9027] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  430.282879][ T9039] syz.4.741 (9039) used greatest stack depth: 20744 bytes left
[  430.299231][   T28] audit: type=1800 audit(1754414264.873:15): pid=9039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.741" name="file1" dev="loop4" ino=15 res=0 errno=0
[  430.439192][ T9042] loop3: detected capacity change from 0 to 512
[  430.499297][ T9042] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  430.680058][ T9042] EXT4-fs (loop3): 1 truncate cleaned up
[  430.689401][ T9042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.744943][ T8660] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.948435][ T8821] vhci_hcd: vhci_device speed not set
[  430.961265][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.109296][   T27] usb usb40-port1: attempt power cycle
[  434.123801][ T9077] loop4: detected capacity change from 0 to 4096
[  437.429838][   T27] usb usb40-port1: unable to enumerate USB device
[  437.790592][ T9110] loop4: detected capacity change from 0 to 2048
[  438.161597][ T9110] NILFS (loop4): invalid segment: Inconsistency found
[  438.187158][ T9110] NILFS (loop4): trying rollback from an earlier position
[  438.329717][ T9110] NILFS (loop4): recovery complete
[  438.380342][ T9118] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  439.054266][ T9129] xt_socket: unknown flags 0x50
[  439.062907][ T9129] overlayfs: missing 'lowerdir'
[  439.564264][ T9133] netlink: 'syz.1.760': attribute type 10 has an invalid length.
[  440.284095][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  440.291024][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  440.412738][ T9139] x_tables: duplicate underflow at hook 1
[  441.468150][ T9159] Error parsing options; rc = [-22]
[  441.513111][ T9156] loop4: detected capacity change from 0 to 64
[  444.325550][ T9176] loop0: detected capacity change from 0 to 4096
[  444.432110][ T9183] netlink: 129384 bytes leftover after parsing attributes in process `syz.1.770'.
[  445.911937][ T9206] loop4: detected capacity change from 0 to 16
[  446.802904][ T9206] erofs: (device loop4): erofs_read_inode: unsupported i_format 128 of nid 36
[  447.098018][ T9222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.771'.
[  447.803216][ T9222] bridge_slave_1: left allmulticast mode
[  447.828435][ T9222] bridge_slave_1: left promiscuous mode
[  447.870464][ T9201] loop4: detected capacity change from 0 to 512
[  447.884237][ T9222] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.272617][ T9222] bridge_slave_0: left allmulticast mode
[  448.278534][ T9222] bridge_slave_0: left promiscuous mode
[  448.289230][ T9222] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.808096][ T9264] overlayfs: failed to clone upperpath
[  452.519122][ T9267] netlink: 24 bytes leftover after parsing attributes in process `syz.0.784'.
[  458.042128][ T9301] loop4: detected capacity change from 0 to 4096
[  459.943721][ T9369] veth1_macvtap: left promiscuous mode
[  459.951490][ T9369] macsec0: entered allmulticast mode
[  460.161814][ T9301] ntfs3: loop4: Failed to read $AttrDef (-4).
[  461.351450][ T9391] xt_CT: You must specify a L4 protocol and not use inversions on it
[  462.029930][ T9385] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  463.590359][ T9421] netlink: 'syz.0.804': attribute type 11 has an invalid length.
[  464.347931][ T9407] syz.4.799 (9407) used greatest stack depth: 19976 bytes left
[  465.178180][ T9441] binder: 9434:9441 ioctl c0306201 0 returned -14
[  466.271899][ T9454] ipvlan2: entered promiscuous mode
[  469.738538][ T9471] netlink: 48 bytes leftover after parsing attributes in process `syz.4.811'.
[  472.463192][ T9525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  473.248466][ T9542] netlink: 16 bytes leftover after parsing attributes in process `syz.4.821'.
[  474.059939][ T9547] loop3: detected capacity change from 0 to 32768
[  474.091552][ T9547] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.825 (9547)
[  474.110098][ T9547] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  474.120376][ T9547] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  474.129057][ T9547] BTRFS info (device loop3): using free space tree
[  474.250122][ T9547] BTRFS info (device loop3): enabling ssd optimizations
[  474.257353][ T9547] BTRFS info (device loop3): auto enabling async discard
[  474.548060][ T5789] Bluetooth: hci2: command tx timeout
[  475.488384][   T27] IPVS: starting estimator thread 0...
[  475.899001][ T9576] IPVS: using max 17 ests per chain, 40800 per kthread
[  476.081326][ T5777] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  476.813852][ T9584] syz.1.827 (9584) used greatest stack depth: 16936 bytes left
[  483.586924][ T9643] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  485.153456][ T9662] loop0: detected capacity change from 0 to 1024
[  485.216514][ T9667] netlink: 'syz.1.845': attribute type 10 has an invalid length.
[  485.224344][ T9667] netlink: 40 bytes leftover after parsing attributes in process `syz.1.845'.
[  485.233501][ T9667] dummy0: entered promiscuous mode
[  485.239413][ T9667] bridge0: port 3(dummy0) entered blocking state
[  485.245892][ T9667] bridge0: port 3(dummy0) entered disabled state
[  485.252389][ T9667] dummy0: entered allmulticast mode
[  485.258921][ T9667] bridge0: port 3(dummy0) entered blocking state
[  485.265357][ T9667] bridge0: port 3(dummy0) entered forwarding state
[  485.286984][ T9662] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.702215][ T9662] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  487.033452][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.307289][ T9733] netlink: 'syz.1.854': attribute type 1 has an invalid length.
[  498.109269][ T9804] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[  498.647396][ T9811] netlink: 16 bytes leftover after parsing attributes in process `syz.0.867'.
[  504.334858][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  504.334959][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  504.409177][ T9849] tty tty3: ldisc open failed (-12), clearing slot 2
[  505.028593][ T9857] loop0: detected capacity change from 0 to 32768
[  505.036123][ T9857] XFS: ikeep mount option is deprecated.
[  505.332060][ T9857] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  506.525522][ T9857] XFS (loop0): Ending clean mount
[  506.550273][ T9857] XFS (loop0): Quotacheck needed: Please wait.
[  507.378996][ T9857] XFS (loop0): Quotacheck: Done.
[  508.849096][ T9896] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  509.930924][ T9903] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  509.999951][ T5780] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  510.066239][ T9905] loop3: detected capacity change from 0 to 4096
[  510.090973][ T9905] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  510.142370][ T9905] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing.
[  510.153371][ T9905] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  510.247670][ T9905] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr.  Will not be able to remount read-write.  Run ntfsfix and/or chkdsk.
[  510.305049][ T9905] ntfs: volume version 3.1.
[  510.316278][ T9912] netlink: 16 bytes leftover after parsing attributes in process `syz.4.888'.
[  513.779394][ T9933] loop0: detected capacity change from 0 to 256
[  515.005809][ T9933] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011ded, chksum : 0x9838888d, utbl_chksum : 0xe619d30d)
[  515.138890][ T9940] loop4: detected capacity change from 0 to 32768
[  515.247027][ T9940] (syz.4.892,9940,1):ocfs2_load_local_alloc:338 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  515.247027][ T9940] found = 2, set = 0, taken = 0, off = 0
[  515.267500][ T9940] (syz.4.892,9940,1):ocfs2_load_local_alloc:355 ERROR: status = -22
[  515.275530][ T9940] (syz.4.892,9940,1):ocfs2_check_volume:2462 ERROR: status = -22
[  515.283329][ T9940] (syz.4.892,9940,1):ocfs2_check_volume:2490 ERROR: status = -22
[  515.291070][ T9940] (syz.4.892,9940,1):ocfs2_mount_volume:1822 ERROR: status = -22
[  515.321509][ T9940] (syz.4.892,9940,1):ocfs2_fill_super:1178 ERROR: status = -22
[  516.170376][ T9952] netlink: 16 bytes leftover after parsing attributes in process `syz.3.898'.
[  516.895675][ T9958] loop4: detected capacity change from 0 to 1024
[  518.047226][    C0] vcan0: j1939_tp_rxtimer: 0xffff88801e707c00: rx timeout, send abort
[  518.552548][ T9965] loop3: detected capacity change from 0 to 128
[  518.558964][    C0] vcan0: j1939_tp_rxtimer: 0xffff88801e707c00: abort rx timeout. Force session deactivation
[  518.592984][ T9966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.895'.
[  518.689188][ T9969] netlink: set zone limit has 8 unknown bytes
[  518.848996][ T9967] loop0: detected capacity change from 0 to 128
[  524.331996][ T8661] Bluetooth: hci2: command 0x0406 tx timeout
[  524.544490][   T28] audit: type=1326 audit(1754414359.133:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  524.749484][T10015] loop3: detected capacity change from 0 to 40427
[  524.796425][T10015] F2FS-fs (loop3): invalid crc value
[  524.951345][T10015] F2FS-fs (loop3): Found nat_bits in checkpoint
[  525.007577][T10015] F2FS-fs (loop3): Start checkpoint disabled!
[  525.040252][T10018] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  525.074619][   T28] audit: type=1326 audit(1754414359.223:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  525.231818][   T28] audit: type=1326 audit(1754414359.363:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  525.497016][T10015] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  525.556315][T10015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.913'.
[  525.565952][   T28] audit: type=1326 audit(1754414359.363:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  525.638663][   T28] audit: type=1326 audit(1754414359.363:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  525.676957][   T28] audit: type=1326 audit(1754414359.463:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f186978d4d0 code=0x7ffc0000
[  525.709853][   T28] audit: type=1326 audit(1754414359.463:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f186978d4d0 code=0x7ffc0000
[  526.969036][   T28] audit: type=1326 audit(1754414359.463:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  527.080565][   T28] audit: type=1326 audit(1754414359.463:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186978eb69 code=0x7ffc0000
[  527.103244][   T28] audit: type=1804 audit(1754414360.203:25): pid=10015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.913" name="/newroot/223/file0/file0" dev="loop3" ino=10 res=1 errno=0
[  527.254610][ T3534] kworker/u4:7: attempt to access beyond end of device
[  527.254610][ T3534] loop3: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  527.342861][ T3534] kworker/u4:7: attempt to access beyond end of device
[  527.342861][ T3534] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  527.352042][ T3534] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  527.449022][ T3534] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  531.944792][T10059] 9pnet_fd: Insufficient options for proto=fd
[  532.055195][T10067] loop3: detected capacity change from 0 to 128
[  533.319976][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.328990][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.337819][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.346980][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.356086][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.365056][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.374013][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.383047][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.392003][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  533.400960][T10084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.927'.
[  534.129136][T10085] syz.3.925: attempt to access beyond end of device
[  534.129136][T10085] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  535.448808][T10086] netlink: 'syz.0.926': attribute type 10 has an invalid length.
[  535.459490][T10086] tipc: Resetting bearer <eth:team0>
[  535.681219][T10086] tipc: Resetting bearer <eth:team0>
[  535.719112][T10086] 8021q: adding VLAN 0 to HW filter on device team0
[  535.967399][T10086] bond0: (slave team0): Enslaving as an active interface with an up link
[  535.967554][T10079] binder: 10076:10079 unknown command 1074553619
[  535.982487][T10079] binder: 10076:10079 ioctl c0306201 200000000540 returned -22
[  536.069427][T10091] netlink: 'syz.1.928': attribute type 9 has an invalid length.
[  537.849739][    T8] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  538.131527][T10113] loop4: detected capacity change from 0 to 128
[  538.148200][T10113] EXT4-fs (loop4): Test dummy encryption mode enabled
[  538.159110][    T8] usb 4-1: device descriptor read/64, error -71
[  538.620247][T10113] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  538.648675][T10113] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.728843][    T8] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  538.978517][T10130] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  538.985095][T10130] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  539.040119][    T8] usb 4-1: device descriptor read/64, error -71
[  539.042859][T10130] vhci_hcd vhci_hcd.0: Device attached
[  539.056799][T10136] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(10)
[  539.063627][T10136] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  539.092125][T10136] vhci_hcd vhci_hcd.0: Device attached
[  539.112518][T10113] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  539.118900][T10130] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  539.138465][T10130] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(14)
[  539.145120][T10130] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  539.156273][T10130] vhci_hcd vhci_hcd.0: Device attached
[  539.159167][    T8] usb usb4-port1: attempt power cycle
[  539.167025][T10130] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(16)
[  539.173841][T10130] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  539.184442][T10130] vhci_hcd vhci_hcd.0: Device attached
[  539.251784][   T23] vhci_hcd: vhci_device speed not set
[  539.326665][T10136] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  539.336446][   T23] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  539.344582][T10130] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(18)
[  539.351292][T10130] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  539.368901][T10130] vhci_hcd vhci_hcd.0: Device attached
[  539.369560][T10151] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  539.619359][    T8] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  539.628183][T10130] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  539.754653][    T8] usb 4-1: device descriptor read/8, error -71
[  539.810779][T10130] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  539.883046][T10136] vhci_hcd vhci_hcd.0: port 0 already used
[  539.951533][T10149] vhci_hcd: connection closed
[  539.952051][T10145] vhci_hcd: connection closed
[  539.955422][  T573] vhci_hcd: stop threads
[  539.957123][T10140] vhci_hcd: connection closed
[  539.966596][T10132] vhci_hcd: connection reset by peer
[  539.966847][T10137] vhci_hcd: connection closed
[  540.000909][  T573] vhci_hcd: release socket
[  540.188228][ T8660] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  540.224476][  T573] vhci_hcd: disconnect device
[  540.264990][  T573] vhci_hcd: stop threads
[  540.271837][  T573] vhci_hcd: release socket
[  540.276490][  T573] vhci_hcd: disconnect device
[  540.332372][  T573] vhci_hcd: stop threads
[  540.336681][  T573] vhci_hcd: release socket
[  540.854497][  T573] vhci_hcd: disconnect device
[  540.878452][  T573] vhci_hcd: stop threads
[  540.907786][  T573] vhci_hcd: release socket
[  541.236621][  T573] vhci_hcd: disconnect device
[  541.419431][  T573] vhci_hcd: stop threads
[  541.423748][  T573] vhci_hcd: release socket
[  541.445746][  T573] vhci_hcd: disconnect device
[  542.290897][T10178] loop0: detected capacity change from 0 to 1024
[  544.386043][ T7814] hfsplus: b-tree write err: -5, ino 8
[  544.608887][   T23] vhci_hcd: vhci_device speed not set
[  546.405300][ T5781] usb usb34-port1: attempt power cycle
[  546.427837][T10201] sctp: [Deprecated]: syz.1.949 (pid 10201) Use of int in max_burst socket option deprecated.
[  546.427837][T10201] Use struct sctp_assoc_value instead
[  547.360444][ T5781] usb usb34-port1: unable to enumerate USB device
[  551.119166][T10240] loop3: detected capacity change from 0 to 1024
[  551.130648][T10240] hfsplus: unable to parse mount options
[  551.324079][T10243] loop4: detected capacity change from 0 to 4096
[  551.366122][T10243] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  551.499590][T10246] loop3: detected capacity change from 0 to 128
[  553.027712][T10243] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  553.036788][T10243] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  553.100437][T10246] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  553.239139][T10243] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Will not be able to remount read-write.  Run ntfsfix and/or chkdsk.
[  553.241121][T10246] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  553.267529][T10243] ntfs: volume version 3.1.
[  554.781613][T10255] loop3: detected capacity change from 0 to 2048
[  554.839846][T10255] UDF-fs: bad mount option "яж~nb" or missing value
[  557.762889][T10274] loop0: detected capacity change from 0 to 32768
[  557.874312][T10274] (syz.0.963,10274,0):ocfs2_load_local_alloc:338 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  557.874312][T10274] found = 2, set = 0, taken = 0, off = 0
[  557.895125][T10274] (syz.0.963,10274,0):ocfs2_load_local_alloc:355 ERROR: status = -22
[  557.903463][T10274] (syz.0.963,10274,0):ocfs2_check_volume:2462 ERROR: status = -22
[  557.911395][T10274] (syz.0.963,10274,0):ocfs2_check_volume:2490 ERROR: status = -22
[  557.919289][T10274] (syz.0.963,10274,0):ocfs2_mount_volume:1822 ERROR: status = -22
[  557.945586][T10274] (syz.0.963,10274,0):ocfs2_fill_super:1178 ERROR: status = -22
[  559.499583][T10288] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  559.510805][T10288] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  560.887604][T10295] loop0: detected capacity change from 0 to 128
[  562.384757][T10307] __nla_validate_parse: 38 callbacks suppressed
[  562.391342][T10307] netlink: 28 bytes leftover after parsing attributes in process `syz.3.972'.
[  563.116628][   T58] kworker/u4:4: attempt to access beyond end of device
[  563.116628][   T58] loop0: rw=1, sector=145, nr_sectors = 896 limit=128
[  563.169884][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  563.221206][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  564.435028][   T28] audit: type=1800 audit(1754414399.003:26): pid=10320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.973" name="bus" dev="overlay" ino=1284 res=0 errno=0
[  567.317722][T10331] loop3: detected capacity change from 0 to 32768
[  567.363612][T10331] (syz.3.974,10331,0):ocfs2_load_local_alloc:338 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  567.363612][T10331] found = 2, set = 0, taken = 0, off = 0
[  567.384250][T10331] (syz.3.974,10331,0):ocfs2_load_local_alloc:355 ERROR: status = -22
[  567.392435][T10331] (syz.3.974,10331,0):ocfs2_check_volume:2462 ERROR: status = -22
[  567.400490][T10331] (syz.3.974,10331,0):ocfs2_check_volume:2490 ERROR: status = -22
[  567.408294][T10331] (syz.3.974,10331,0):ocfs2_mount_volume:1822 ERROR: status = -22
[  567.426054][T10331] (syz.3.974,10331,0):ocfs2_fill_super:1178 ERROR: status = -22
[  568.851713][T10342] netlink: 28 bytes leftover after parsing attributes in process `syz.0.977'.
[  569.004309][T10342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.977'.
[  570.063053][T10364] hugetlbfs: syz.1.981 (10364): Using mlock ulimits for SHM_HUGETLB is obsolete
[  570.717033][T10366] netlink: 28 bytes leftover after parsing attributes in process `syz.4.983'.
[  570.756298][T10368] bpq0: left allmulticast mode
[  572.411070][T10384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.986'.
[  572.420009][T10384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.986'.
[  576.104033][T10416] netlink: 'syz.0.995': attribute type 12 has an invalid length.
[  576.112149][T10416] netlink: 'syz.0.995': attribute type 29 has an invalid length.
[  576.120108][T10416] netlink: 148 bytes leftover after parsing attributes in process `syz.0.995'.
[  576.129390][T10416] netlink: 59 bytes leftover after parsing attributes in process `syz.0.995'.
[  579.642882][T10438] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  581.694321][T10453] loop4: detected capacity change from 0 to 1024
[  586.958183][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.303667][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.337832][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.358882][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.366332][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.412967][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.433583][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.452340][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.471183][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.478621][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  587.504864][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.951252][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.959476][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.966904][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.977938][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.985487][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  588.995854][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.003488][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.011044][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.018623][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.026183][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.033647][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.041206][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.049152][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.056599][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.064631][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.072466][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.080248][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.087868][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.096269][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.104067][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.112018][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.120028][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.127681][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.135241][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.142980][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.150748][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.158232][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.166465][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.183785][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.191442][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.198893][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.208855][   T23] hid-generic 0000:007F:0001.0001: unknown main item tag 0x0
[  589.225019][   T23] hid-generic 0000:007F:0001.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  590.397354][T10504] fido_id[10504]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  590.627979][T10519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1022'.
[  594.323596][T10549] syz.3.1030 uses old SIOCAX25GETINFO
[  594.562350][T10552] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1031'.
[  594.664971][T10554] usb usb1: check_ctrlrecip: process 10554 (syz.0.1031) requesting ep 01 but needs 81
[  594.676371][T10554] usb usb1: usbfs: process 10554 (syz.0.1031) did not claim interface 0 before use
[  598.535493][T10576] xt_CT: No such helper "netbios-ns"
[  600.299154][T10585] fuse: Unknown parameter '0x0000000000000000'
[  606.099572][T10626] loop4: detected capacity change from 0 to 256
[  606.129303][T10626] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  606.159617][T10626] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  606.192915][T10626] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  606.395515][T10633] tipc: New replicast peer: 172.30.1.2
[  606.403299][T10633] tipc: Enabled bearer <udp:syz2>, priority 10
[  608.899618][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1050'.
[  608.916138][T10647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1050'.
[  611.109276][T10659] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1054'.
[  613.211618][T10665] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1055'.
[  614.929915][T10679] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1066'.
[  614.975753][T10679] unsupported nlmsg_type 40
[  614.990924][T10681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1066'.
[  615.518845][ T5890] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  615.530396][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1066'.
[  615.771090][T10689] loop3: detected capacity change from 0 to 64
[  615.780826][ T5890] usb 1-1: no configurations
[  615.954090][ T5890] usb 1-1: can't read configurations, error -22
[  616.918877][ T5890] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  617.373417][T10693] loop3: detected capacity change from 0 to 2048
[  617.412710][ T6933] udevd[6933]: incorrect nilfs2 checksum on /dev/loop3
[  617.438811][T10693] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  617.449632][T10693] NILFS (loop3): mounting unchecked fs
[  617.482728][T10693] NILFS (loop3): recovery complete
[  617.542175][T10694] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  617.560331][ T5890] usb 1-1: device descriptor read/all, error -71
[  617.589956][ T5890] usb usb1-port1: attempt power cycle
[  620.330236][T10714] loop3: detected capacity change from 0 to 256
[  620.774613][T10716] fuse: Unknown parameter '0x0000000000000000'
[  620.785786][T10716] loop4: detected capacity change from 0 to 16
[  620.827447][T10716] erofs: (device loop4): mounted with root inode @ nid 36.
[  621.732934][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 87 @ nid 36
[  621.742848][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 86 @ nid 36
[  621.753879][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 363 @ lcn 82 of nid 36
[  621.764513][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 83 @ nid 36
[  621.773769][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 363 @ lcn 82 of nid 36
[  621.787441][T10718] syz.0.1065 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  621.798249][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 82 @ nid 36
[  621.808336][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 79 @ nid 36
[  621.817765][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 78 @ nid 36
[  621.827218][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1485 @ lcn 75 of nid 36
[  621.838256][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 76 @ nid 36
[  621.847642][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1485 @ lcn 75 of nid 36
[  621.858512][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 75 @ nid 36
[  621.867994][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 74 @ nid 36
[  621.877517][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 72 @ nid 36
[  621.886986][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 71 @ nid 36
[  621.896454][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 70 @ nid 36
[  621.917517][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 63 @ nid 36
[  621.926863][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 61 @ nid 36
[  621.936254][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1024 @ lcn 58 of nid 36
[  621.946968][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 59 @ nid 36
[  621.956329][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1024 @ lcn 58 of nid 36
[  621.967192][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 58 @ nid 36
[  621.976608][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 56 @ nid 36
[  621.985994][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1586 @ lcn 46 of nid 36
[  622.028759][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 47 @ nid 36
[  622.038519][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1586 @ lcn 46 of nid 36
[  622.049415][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 46 @ nid 36
[  622.058804][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 45 @ nid 36
[  622.068266][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  622.079102][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 43 @ nid 36
[  622.088480][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  622.099322][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 42 @ nid 36
[  622.108577][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 774 @ lcn 40 of nid 36
[  622.119466][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 41 @ nid 36
[  622.128734][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 774 @ lcn 40 of nid 36
[  622.139791][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 40 @ nid 36
[  622.149026][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 39 @ nid 36
[  622.158298][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 38 @ nid 36
[  622.167920][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 36 @ nid 36
[  622.269165][T10716] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1468 @ lcn 31 of nid 36
[  622.280046][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 31 @ nid 36
[  622.289680][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 25 @ nid 36
[  622.299025][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 24 @ nid 36
[  622.308738][T10716] erofs: (device loop4): z_erofs_readahead: readahead error at folio 19 @ nid 36
[  622.318677][T10716] syz.4.1063: attempt to access beyond end of device
[  622.318677][T10716] loop4: rw=524288, sector=784, nr_sectors = 64 limit=16
[  622.332930][T10716] syz.4.1063: attempt to access beyond end of device
[  622.332930][T10716] loop4: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  622.348145][T10716] syz.4.1063: attempt to access beyond end of device
[  622.348145][T10716] loop4: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  622.362994][T10716] syz.4.1063: attempt to access beyond end of device
[  622.362994][T10716] loop4: rw=524288, sector=32, nr_sectors = 64 limit=16
[  622.376790][T10716] syz.4.1063: attempt to access beyond end of device
[  622.376790][T10716] loop4: rw=524288, sector=8, nr_sectors = 24 limit=16
[  622.442832][T10716] syz.4.1063: attempt to access beyond end of device
[  622.442832][T10716] loop4: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  622.683484][T10714] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  622.731110][T10714] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  622.764960][T10714] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  624.601709][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  624.608069][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  625.138880][T10730] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1068'.
[  631.496176][   T28] audit: type=1326 audit(1754414466.083:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10778 comm="syz.4.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f398eb69 code=0x7fc00000
[  632.386802][   T28] audit: type=1326 audit(1754414466.973:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10778 comm="syz.4.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23f398eb69 code=0x7fc00000
[  632.416263][T10801] pim6reg: entered allmulticast mode
[  632.473198][T10797] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1083'.
[  632.640553][T10808] loop4: detected capacity change from 0 to 256
[  632.681480][T10808] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  632.744308][T10808] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  632.762009][T10808] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  634.558268][T10824] loop3: detected capacity change from 0 to 128
[  635.834452][T10828] loop4: detected capacity change from 0 to 1764
[  635.879581][   T12] kworker/u4:1: attempt to access beyond end of device
[  635.879581][   T12] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  635.927059][ T6933] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  636.168255][T10828] netlink: 'syz.4.1092': attribute type 64 has an invalid length.
[  636.176483][T10828] netlink: 'syz.4.1092': attribute type 4 has an invalid length.
[  636.184425][T10828] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1092'.
[  637.845877][T10849] Lens B: =================  START STATUS  =================
[  637.866009][T10849] Lens B: Focus, Absolute: 0
[  637.876099][T10849] Lens B: ==================  END STATUS  ==================
[  639.246513][T10864] loop3: detected capacity change from 0 to 4096
[  639.276849][T10864] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  639.317125][T10866] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  639.358290][T10864] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  639.383436][T10868] loop4: detected capacity change from 0 to 1024
[  641.703472][   T28] audit: type=1800 audit(1754414476.293:29): pid=10869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1099" name="file1" dev="loop3" ino=30 res=0 errno=0
[  642.655102][T10881] loop4: detected capacity change from 0 to 256
[  642.695986][T10881] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  642.740068][T10881] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  642.802727][T10881] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  642.937691][T10885] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.1106'.
[  643.772002][T10889] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  643.848026][   T28] audit: type=1800 audit(1754414478.433:30): pid=10891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1102" name="file1" dev="loop4" ino=1048616 res=0 errno=0
[  643.918441][T10893] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1105'.
[  645.221256][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.250642][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.268508][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.292318][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.301191][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.308640][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  645.369611][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.288775][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.296236][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.445652][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.453993][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.462867][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.471755][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.481241][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.495682][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.510774][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  647.555183][T10910] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1110'.
[  647.807269][T10912] Cannot find del_set index 0 as target
[  648.376005][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.383691][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.391250][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.400315][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.407907][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.415589][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.427849][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.457557][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.716777][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.772882][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.830866][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.887430][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.929389][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.937396][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.970724][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  648.978184][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.033683][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.043746][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.054263][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.070158][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.091041][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.111990][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.135264][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.154128][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.181787][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.192382][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  649.201987][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  651.027009][T10933] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  652.409167][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  652.416748][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  652.425043][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  652.433006][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.422432][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.428977][   T28] audit: type=1326 audit(1754414488.013:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10937 comm="syz.1.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0bbf8eb69 code=0x7fc00000
[  653.430599][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.459920][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.468398][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.476116][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.489652][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.497170][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  653.504650][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.079215][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.086834][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.088764][   T28] audit: type=1326 audit(1754414488.673:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10937 comm="syz.1.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0bbf8eb69 code=0x7fc00000
[  654.150110][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.166339][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.201771][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.213095][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.221108][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.228551][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.236148][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.243712][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.251215][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.258643][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.266294][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.381748][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.389945][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.400251][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.407839][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.416019][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.425438][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.433241][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  654.442046][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.515601][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.548903][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.578952][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.586394][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.643939][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.655576][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.663629][ T5828] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  655.679096][ T5828] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  655.845152][T10955] fido_id[10955]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  656.500219][T10963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1127'.
[  657.328836][T10970] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1119'.
[  657.424112][T10971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'.
[  664.373219][T11017] afs: Bad value for 'source'
[  667.088587][T11036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1132'.
[  670.505807][T11053] ceph: No mds server is up or the cluster is laggy
[  672.867248][T11076] 8021q: adding VLAN 0 to HW filter on device bond0
[  672.897912][T11076] bond0: (slave rose0): Enslaving as an active interface with an up link
[  675.223058][T11095] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1143'.
[  680.176159][T11123] loop4: detected capacity change from 0 to 1024
[  680.632281][T11123] hfsplus: unable to parse mount options
[  680.824610][T11132] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1152'.
[  681.780981][T11145] netlink: 420 bytes leftover after parsing attributes in process `syz.4.1153'.
[  682.622300][T11152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1155'.
[  685.228781][ T5828] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  685.529166][ T5828] usb 5-1: Using ep0 maxpacket: 16
[  685.583254][ T5828] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  685.744448][ T5828] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  686.338466][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  686.347011][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  686.725256][ T5828] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.739077][ T5828] usb 5-1: Product: syz
[  686.743331][ T5828] usb 5-1: Manufacturer: syz
[  686.748034][ T5828] usb 5-1: SerialNumber: syz
[  686.774391][ T5828] usb 5-1: config 0 descriptor??
[  687.526675][ T5828] usb 5-1: can't set config #0, error -71
[  687.554994][ T5828] usb 5-1: USB disconnect, device number 2
[  690.505068][T11192] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  691.564843][T11173] Bluetooth: hci4: Frame reassembly failed (-84)
[  691.585645][   T48] Bluetooth: hci4: Frame reassembly failed (-84)
[  692.678873][T11209] mmap: syz.4.1165 (11209) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  693.558924][ T5789] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  694.325520][T11223] bridge_slave_1: left allmulticast mode
[  694.331963][T11223] bridge_slave_1: left promiscuous mode
[  694.339319][T11223] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.891313][T11223] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  697.192621][T11252] loop4: detected capacity change from 0 to 1024
[  699.552758][T11252] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  699.607685][   T28] audit: type=1800 audit(1754414534.193:33): pid=11250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1174" name="file1" dev="loop4" ino=15 res=0 errno=0
[  699.827977][T11250] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4036: comm syz.4.1174: Allocating blocks 497-513 which overlap fs metadata
[  699.851079][T11250] EXT4-fs (loop4): pa ffff88807364cd98: logic 32, phys. 161, len 22
[  699.860215][T11250] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5377: group 0, free 0, pa_free 1
[  701.278481][ T8660] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.401949][    C0] ==================================================================
[  701.410070][    C0] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x46a/0x4b0
[  701.418081][    C0] Read of size 2 at addr ffff88802f33b82a by task cmp/11268
[  701.425373][    C0] 
[  701.427714][    C0] CPU: 0 PID: 11268 Comm: cmp Not tainted 6.6.101-syzkaller #0
[  701.435330][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  701.445417][    C0] Call Trace:
[  701.448705][    C0]  <IRQ>
[  701.451564][    C0]  dump_stack_lvl+0x16c/0x230
[  701.456297][    C0]  ? __lock_acquire+0x7c80/0x7c80
[  701.461348][    C0]  ? show_regs_print_info+0x20/0x20
[  701.466577][    C0]  ? load_image+0x3b0/0x3b0
[  701.471196][    C0]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  701.476616][    C0]  ? __virt_addr_valid+0x18c/0x540
[  701.481791][    C0]  ? __virt_addr_valid+0x469/0x540
[  701.486934][    C0]  print_report+0xac/0x220
[  701.487871][T11271] loop4: detected capacity change from 0 to 1024
[  701.491354][    C0]  ? rose_timer_expiry+0x46a/0x4b0
[  701.491380][    C0]  kasan_report+0x117/0x150
[  701.491400][    C0]  ? rose_timer_expiry+0x46a/0x4b0
[  701.512564][    C0]  rose_timer_expiry+0x46a/0x4b0
[  701.517602][    C0]  call_timer_fn+0x16e/0x530
[  701.522218][    C0]  ? rose_start_t1timer+0xd0/0xd0
[  701.527273][    C0]  ? call_timer_fn+0xbf/0x530
[  701.531972][    C0]  ? __run_timers+0x7d0/0x7d0
[  701.536679][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  701.541921][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  701.547154][    C0]  ? rose_start_t1timer+0xd0/0xd0
[  701.552217][    C0]  __run_timers+0x52d/0x7d0
[  701.556759][    C0]  ? detach_timer+0x2b0/0x2b0
[  701.561476][    C0]  ? lock_chain_count+0x20/0x20
[  701.566357][    C0]  run_timer_softirq+0x67/0xf0
[  701.571146][    C0]  handle_softirqs+0x280/0x820
[  701.575933][    C0]  ? __irq_exit_rcu+0xc7/0x190
[  701.580724][    C0]  ? do_softirq+0x180/0x180
[  701.585262][    C0]  __irq_exit_rcu+0xc7/0x190
[  701.589870][    C0]  ? irq_exit_rcu+0x20/0x20
[  701.594399][    C0]  irq_exit_rcu+0x9/0x20
[  701.598678][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  701.604347][    C0]  </IRQ>
[  701.607287][    C0]  <TASK>
[  701.610221][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  701.616226][    C0] RIP: 0010:do_mprotect_pkey+0x4a7/0xc30
[  701.621872][    C0] Code: 8f 18 b9 ff bb f4 ff ff ff 48 8b 44 24 28 48 89 44 24 50 4c 8b 74 24 48 48 8d bc 24 40 01 00 00 31 f6 e8 5c dd 8d 08 49 89 c7 <48> 8b 44 24 60 42 80 3c 20 00 74 08 4c 89 f7 e8 55 5e 10 00 4d 8b
[  701.641478][    C0] RSP: 0018:ffffc9000ec6fd00 EFLAGS: 00000282
[  701.647540][    C0] RAX: ffff888077c52300 RBX: 00000000fffffff4 RCX: ffff88805a7e5a00
[  701.655509][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  701.663476][    C0] RBP: ffffc9000ec6fee8 R08: ffff88805a7e5a00 R09: 0000000000000003
[  701.671457][    C0] R10: 0000000000000002 R11: 0000000000000000 R12: dffffc0000000000
[  701.679512][    C0] R13: 0000000000000000 R14: ffff888077c52600 R15: ffff888077c52300
[  701.687496][    C0]  ? prot_none_test+0x10/0x10
[  701.692179][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  701.698232][    C0]  __x64_sys_mprotect+0x80/0x90
[  701.703108][    C0]  do_syscall_64+0x55/0xb0
[  701.707526][    C0]  ? clear_bhb_loop+0x40/0x90
[  701.712232][    C0]  ? clear_bhb_loop+0x40/0x90
[  701.716929][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  701.722878][    C0] RIP: 0033:0x7f9df44a22c7
[  701.727325][    C0] Code: 89 3d fd 3f 01 00 eb 90 0f 1f 00 f7 d8 89 05 f0 3f 01 00 48 c7 c0 ff ff ff ff eb 91 0f 1f 80 00 00 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d c9 3f 01 00 f7 d8 89 01 48 83
[  701.746945][    C0] RSP: 002b:00007fff3ddb97e8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  701.755445][    C0] RAX: ffffffffffffffda RBX: 00007f9df447f050 RCX: 00007f9df44a22c7
[  701.763439][    C0] RDX: 0000000000000001 RSI: 0000000000001000 RDI: 00007f9df41c9000
[  701.771431][    C0] RBP: 00007fff3ddb9ab0 R08: 0000000000000000 R09: 00007f9df421b870
[  701.779396][    C0] R10: 00007f9df447f050 R11: 0000000000000206 R12: 0000000000000010
[  701.787375][    C0] R13: 000001695dcc2a10 R14: 0000000000000000 R15: 00007f9df44b6310
[  701.795364][    C0]  </TASK>
[  701.798402][    C0] 
[  701.800721][    C0] Allocated by task 573:
[  701.804960][    C0]  kasan_set_track+0x4e/0x70
[  701.809549][    C0]  __kasan_kmalloc+0x8f/0xa0
[  701.814130][    C0]  batadv_forw_packet_alloc+0x1e9/0x390
[  701.819668][    C0]  batadv_iv_ogm_queue_add+0x77b/0xcf0
[  701.825118][    C0]  batadv_iv_ogm_schedule+0xab3/0xe90
[  701.830484][    C0]  batadv_iv_send_outstanding_bat_ogm_packet+0x731/0x840
[  701.837498][    C0]  process_scheduled_works+0xa45/0x15b0
[  701.843035][    C0]  worker_thread+0xa55/0xfc0
[  701.847613][    C0]  kthread+0x2fa/0x390
[  701.851673][    C0]  ret_from_fork+0x48/0x80
[  701.856081][    C0]  ret_from_fork_asm+0x11/0x20
[  701.860838][    C0] 
[  701.863145][    C0] Freed by task 7814:
[  701.867109][    C0]  kasan_set_track+0x4e/0x70
[  701.871689][    C0]  kasan_save_free_info+0x2e/0x50
[  701.876711][    C0]  ____kasan_slab_free+0x126/0x1e0
[  701.881836][    C0]  slab_free_freelist_hook+0x130/0x1b0
[  701.887296][    C0]  __kmem_cache_free+0xba/0x1f0
[  701.892158][    C0]  process_scheduled_works+0xa45/0x15b0
[  701.897695][    C0]  worker_thread+0xa55/0xfc0
[  701.902281][    C0]  kthread+0x2fa/0x390
[  701.906340][    C0]  ret_from_fork+0x48/0x80
[  701.910763][    C0]  ret_from_fork_asm+0x11/0x20
[  701.915539][    C0] 
[  701.917849][    C0] Last potentially related work creation:
[  701.923547][    C0]  kasan_save_stack+0x3e/0x60
[  701.928213][    C0]  __kasan_record_aux_stack+0xaf/0xc0
[  701.933575][    C0]  insert_work+0x3d/0x310
[  701.937892][    C0]  __queue_work+0xd2c/0x1020
[  701.942465][    C0]  call_timer_fn+0x16e/0x530
[  701.947071][    C0]  __run_timers+0x558/0x7d0
[  701.951738][    C0]  run_timer_softirq+0x67/0xf0
[  701.956486][    C0]  handle_softirqs+0x280/0x820
[  701.961248][    C0]  __irq_exit_rcu+0xc7/0x190
[  701.965952][    C0]  irq_exit_rcu+0x9/0x20
[  701.970180][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  701.975805][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  701.981781][    C0] 
[  701.984090][    C0] Second to last potentially related work creation:
[  701.990687][    C0]  kasan_save_stack+0x3e/0x60
[  701.995353][    C0]  __kasan_record_aux_stack+0xaf/0xc0
[  702.000717][    C0]  kvfree_call_rcu+0xee/0x780
[  702.005408][    C0]  mld_clear_delrec+0x193/0x5d0
[  702.010279][    C0]  ipv6_mc_destroy_dev+0x45/0x590
[  702.015303][    C0]  addrconf_ifdown+0x139f/0x1880
[  702.020234][    C0]  addrconf_notify+0x6c6/0x1010
[  702.025167][    C0]  notifier_call_chain+0x197/0x390
[  702.030292][    C0]  unregister_netdevice_many_notify+0xf36/0x1810
[  702.036636][    C0]  default_device_exit_batch+0x9cb/0xa60
[  702.042276][    C0]  cleanup_net+0x77f/0xb90
[  702.046859][    C0]  process_scheduled_works+0xa45/0x15b0
[  702.052396][    C0]  worker_thread+0xa55/0xfc0
[  702.056982][    C0]  kthread+0x2fa/0x390
[  702.061040][    C0]  ret_from_fork+0x48/0x80
[  702.065450][    C0]  ret_from_fork_asm+0x11/0x20
[  702.070213][    C0] 
[  702.072524][    C0] The buggy address belongs to the object at ffff88802f33b800
[  702.072524][    C0]  which belongs to the cache kmalloc-512 of size 512
[  702.086584][    C0] The buggy address is located 42 bytes inside of
[  702.086584][    C0]  freed 512-byte region [ffff88802f33b800, ffff88802f33ba00)
[  702.100294][    C0] 
[  702.102604][    C0] The buggy address belongs to the physical page:
[  702.109002][    C0] page:ffffea0000bcce00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f338
[  702.119144][    C0] head:ffffea0000bcce00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  702.128085][    C0] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  702.136525][    C0] page_type: 0xffffffff()
[  702.140853][    C0] raw: 00fff00000000840 ffff888017841c80 0000000000000000 dead000000000001
[  702.149424][    C0] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  702.157991][    C0] page dumped because: kasan: bad access detected
[  702.164399][    C0] page_owner tracks the page as allocated
[  702.170097][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3862, tgid 3862 (kworker/u4:1), ts 13467300697, free_ts 0
[  702.190662][    C0]  post_alloc_hook+0x1cd/0x210
[  702.195422][    C0]  get_page_from_freelist+0x195c/0x19f0
[  702.200963][    C0]  __alloc_pages+0x1e3/0x460
[  702.205545][    C0]  alloc_slab_page+0x5d/0x170
[  702.210221][    C0]  new_slab+0x87/0x2e0
[  702.214283][    C0]  ___slab_alloc+0xc6d/0x12f0
[  702.218954][    C0]  __kmem_cache_alloc_node+0x1a2/0x260
[  702.224418][    C0]  kmalloc_trace+0x2a/0xe0
[  702.228826][    C0]  alloc_bprm+0x56/0x9c0
[  702.233056][    C0]  kernel_execve+0x98/0x9c0
[  702.237550][    C0]  call_usermodehelper_exec_async+0x20b/0x350
[  702.243633][    C0]  ret_from_fork+0x48/0x80
[  702.248050][    C0]  ret_from_fork_asm+0x11/0x20
[  702.252892][    C0] page_owner free stack trace missing
[  702.258249][    C0] 
[  702.260565][    C0] Memory state around the buggy address:
[  702.266183][    C0]  ffff88802f33b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  702.274233][    C0]  ffff88802f33b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  702.282365][    C0] >ffff88802f33b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  702.290411][    C0]                                   ^
[  702.295770][    C0]  ffff88802f33b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  702.303904][    C0]  ffff88802f33b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  702.311983][    C0] ==================================================================
[  702.320246][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  702.327480][    C0] CPU: 0 PID: 11268 Comm: cmp Not tainted 6.6.101-syzkaller #0
[  702.335048][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  702.345120][    C0] Call Trace:
[  702.348393][    C0]  <IRQ>
[  702.351230][    C0]  dump_stack_lvl+0x16c/0x230
[  702.355903][    C0]  ? show_regs_print_info+0x20/0x20
[  702.361089][    C0]  ? load_image+0x3b0/0x3b0
[  702.365609][    C0]  panic+0x2c0/0x710
[  702.369499][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  702.374086][    C0]  ? _raw_spin_unlock_irqrestore+0xa9/0x110
[  702.379978][    C0]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  702.385866][    C0]  ? _raw_spin_unlock+0x40/0x40
[  702.390725][    C0]  ? print_memory_metadata+0x314/0x400
[  702.396178][    C0]  ? rose_timer_expiry+0x46a/0x4b0
[  702.401282][    C0]  check_panic_on_warn+0x84/0xa0
[  702.406302][    C0]  ? rose_timer_expiry+0x46a/0x4b0
[  702.411401][    C0]  end_report+0x6f/0x140
[  702.415638][    C0]  kasan_report+0x128/0x150
[  702.420133][    C0]  ? rose_timer_expiry+0x46a/0x4b0
[  702.425246][    C0]  rose_timer_expiry+0x46a/0x4b0
[  702.430185][    C0]  call_timer_fn+0x16e/0x530
[  702.434766][    C0]  ? rose_start_t1timer+0xd0/0xd0
[  702.439813][    C0]  ? call_timer_fn+0xbf/0x530
[  702.444479][    C0]  ? __run_timers+0x7d0/0x7d0
[  702.449149][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  702.454347][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  702.459540][    C0]  ? rose_start_t1timer+0xd0/0xd0
[  702.464557][    C0]  __run_timers+0x52d/0x7d0
[  702.469082][    C0]  ? detach_timer+0x2b0/0x2b0
[  702.473749][    C0]  ? lock_chain_count+0x20/0x20
[  702.478591][    C0]  run_timer_softirq+0x67/0xf0
[  702.483359][    C0]  handle_softirqs+0x280/0x820
[  702.488163][    C0]  ? __irq_exit_rcu+0xc7/0x190
[  702.492918][    C0]  ? do_softirq+0x180/0x180
[  702.497416][    C0]  __irq_exit_rcu+0xc7/0x190
[  702.502025][    C0]  ? irq_exit_rcu+0x20/0x20
[  702.506715][    C0]  irq_exit_rcu+0x9/0x20
[  702.510950][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  702.516581][    C0]  </IRQ>
[  702.519507][    C0]  <TASK>
[  702.522429][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  702.528412][    C0] RIP: 0010:do_mprotect_pkey+0x4a7/0xc30
[  702.534045][    C0] Code: 8f 18 b9 ff bb f4 ff ff ff 48 8b 44 24 28 48 89 44 24 50 4c 8b 74 24 48 48 8d bc 24 40 01 00 00 31 f6 e8 5c dd 8d 08 49 89 c7 <48> 8b 44 24 60 42 80 3c 20 00 74 08 4c 89 f7 e8 55 5e 10 00 4d 8b
[  702.553644][    C0] RSP: 0018:ffffc9000ec6fd00 EFLAGS: 00000282
[  702.559708][    C0] RAX: ffff888077c52300 RBX: 00000000fffffff4 RCX: ffff88805a7e5a00
[  702.567720][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  702.575697][    C0] RBP: ffffc9000ec6fee8 R08: ffff88805a7e5a00 R09: 0000000000000003
[  702.583702][    C0] R10: 0000000000000002 R11: 0000000000000000 R12: dffffc0000000000
[  702.591684][    C0] R13: 0000000000000000 R14: ffff888077c52600 R15: ffff888077c52300
[  702.599666][    C0]  ? prot_none_test+0x10/0x10
[  702.604380][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  702.610453][    C0]  __x64_sys_mprotect+0x80/0x90
[  702.615299][    C0]  do_syscall_64+0x55/0xb0
[  702.619721][    C0]  ? clear_bhb_loop+0x40/0x90
[  702.624388][    C0]  ? clear_bhb_loop+0x40/0x90
[  702.629172][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  702.635092][    C0] RIP: 0033:0x7f9df44a22c7
[  702.639507][    C0] Code: 89 3d fd 3f 01 00 eb 90 0f 1f 00 f7 d8 89 05 f0 3f 01 00 48 c7 c0 ff ff ff ff eb 91 0f 1f 80 00 00 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d c9 3f 01 00 f7 d8 89 01 48 83
[  702.659120][    C0] RSP: 002b:00007fff3ddb97e8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  702.667534][    C0] RAX: ffffffffffffffda RBX: 00007f9df447f050 RCX: 00007f9df44a22c7
[  702.675495][    C0] RDX: 0000000000000001 RSI: 0000000000001000 RDI: 00007f9df41c9000
[  702.683462][    C0] RBP: 00007fff3ddb9ab0 R08: 0000000000000000 R09: 00007f9df421b870
[  702.691444][    C0] R10: 00007f9df447f050 R11: 0000000000000206 R12: 0000000000000010
[  702.699420][    C0] R13: 000001695dcc2a10 R14: 0000000000000000 R15: 00007f9df44b6310
[  702.707421][    C0]  </TASK>
[  702.710690][    C0] Kernel Offset: disabled
[  702.715009][    C0] Rebooting in 86400 seconds..