last executing test programs:

3m54.151287986s ago: executing program 2 (id=1344):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
process_vm_writev(0x0, &(0x7f0000001c80), 0x0, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448f0, 0x0)
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r2, 0x81ff)

3m46.921312431s ago: executing program 2 (id=1352):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10001, 0x7, 0x6361, 0x5, 0x1, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80001, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x10, 0xb}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x8, 0x4, 0x3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc874}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3m44.4541833s ago: executing program 2 (id=1356):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000001c00), &(0x7f00000004c0)=r2}, 0x20)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.numa_stat\x00', 0x275a, 0x0)
write$binfmt_elf64(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x64, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x34, 0x2, [@TCA_BASIC_EMATCHES={0x30, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_META={0x20, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x1}, {0x5, 0x40}}}]}}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r10}, 0x18)

3m43.097312621s ago: executing program 2 (id=1359):
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x16, 0x1ff, 0x10000, 0x3, 0x8800, 0x1, 0x17, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x2}, 0x50)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCSIFBR(r2, 0x8941, 0x0)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r6, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000280)=""/204, 0xcc}], 0x1}, 0x0, 0x80002101})
io_uring_enter(0xffffffffffffffff, 0xd81, 0x0, 0x0, 0x0, 0x0)
write(r5, &(0x7f0000000200), 0x0)
getsockopt$inet_sctp_SCTP_STATUS(r4, 0x84, 0xe, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000012c0), 0x0, 0x11, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f00000002c0)=@req3={0x10000, 0x1, 0x100, 0x100, 0xe, 0x0, 0x3}, 0x1c)

3m41.585479516s ago: executing program 2 (id=1364):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

3m40.311568296s ago: executing program 2 (id=1367):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)

3m24.92097168s ago: executing program 32 (id=1367):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)

11.97520858s ago: executing program 1 (id=1877):
r0 = socket$alg(0x26, 0x5, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
epoll_create1(0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r2 = accept(r0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r2, &(0x7f000000b680)={0x0, 0x10400004, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2}, 0x0)

10.112163389s ago: executing program 4 (id=1879):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0x6)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000080)=0x1c)

10.001781251s ago: executing program 1 (id=1880):
r0 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x2b94, 0x80, 0x4, 0x3cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x41, 0x0, 0x0, 0x9, &(0x7f00000000c0), 0x1, 0x4})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x59fa, 0x400, 0x8, 0x2}, 0x0, 0x0)

9.721776485s ago: executing program 1 (id=1883):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000002000010027bd7000000000000a108000000000080400000014000200fc020000000000000000000000000000140001002001"], 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc02000000000000000000"], 0x5c}}, 0x0)

9.660256986s ago: executing program 1 (id=1884):
socket$nl_route(0x10, 0x3, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[], 0x3c}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SIOCSIFMTU(r0, 0x5411, &(0x7f0000000080)={'dummy0\x00'})

9.568616828s ago: executing program 3 (id=1886):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, 0x0)

9.299306242s ago: executing program 3 (id=1888):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
ioctl$sock_netdev_private(r3, 0x8912, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$KDDISABIO(r2, 0x4b37)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r0)
r7 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x100000e, 0x4018831, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x5})
r9 = syz_io_uring_setup(0x72ae, &(0x7f0000000280)={0x0, 0xffffffff, 0x10100, 0x0, 0x1c3}, &(0x7f0000000500), &(0x7f0000000000)=<r10=>0x0)
syz_io_uring_setup(0x2287, &(0x7f0000000200)={0x0, 0x6e79, 0x400, 0x1, 0x1}, &(0x7f0000000080)=<r11=>0x0, &(0x7f0000001540))
syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r9, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000380)="5e73663bf4082f7c6c9ed7f09d6dd7be5a06dfd645630500c1a303434a36bfc41f1c1eb3c4f54167ec77ffdc0fb243c3111dda42112650cc00", 0x0, 0x48)

7.165529176s ago: executing program 4 (id=1889):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r1, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f0000000140)=0x6, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
eventfd(0x2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)
r3 = eventfd(0x7ff)
io_submit(0x0, 0x3, &(0x7f0000000580)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x7, 0xffffffffffffffff, &(0x7f0000000200)="215bfa41c538df61e6c61df82405d0a14ee87856d6c5ed395f2a3f3dbb7150464d41387b34b055c3c77dafe9ef54e570112d9b75650606bad4a5e0e0eeb09037984a80533b72169cd06a8cba073daae5d952be4637f022c6f628fedee8f67864c4072dd46b47603a3d56c3bd6d686979319d18bf", 0x74, 0xfffffffffffff000, 0x0, 0x2, r3}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x6, 0x1, r2, &(0x7f0000000480)="ceae957f5cd1619d8ef27a39612ebd85bb4e5decefc72fe4ae82f624f879c6", 0x1f, 0x7, 0x0, 0x3}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000500)="37fcfc4f3444c10000000000000000", 0xf, 0xffffffffffff8000}])
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80080)
write$P9_RREAD(r4, &(0x7f0000002340)=ANY=[@ANYBLOB], 0xe4)
r5 = syz_open_procfs(0x0, &(0x7f0000002880)='net/ip6_mr_vif\x00')
read$FUSE(r5, &(0x7f0000000300)={0x2020}, 0x2020)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)=ANY=[], 0x2c}}, 0x0)

6.962085599s ago: executing program 3 (id=1890):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002500)=ANY=[@ANYBLOB="380000004800010029bd7000ffdbdf250a000000", @ANYRES32, @ANYBLOB="010000000800020002000000140001"], 0x38}, 0x1, 0x0, 0x0, 0x24048804}, 0x20000840)
syz_emit_ethernet(0xebc, &(0x7f00000010c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @icmpv6={0xa, 0x6, "4f3f8a", 0xe86, 0x3a, 0x0, @local, @private2, {[@srh={0x3c, 0x10, 0x4, 0x8, 0xae, 0x30, 0xb, [@private2, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @dev={0xfe, 0x80, '\x00', 0xf}, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}], @ndisc_ns={0x87, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, [{0x1f, 0x19, "8335e7073e944cd6560b0e441c2147e92926694ecb3581a72202071849121cc7ce47424f4af5a8cb0601d35bbc9acd5e764f4b4a910fca336a69cb204ed3f617f9b38d63bd2f6a5333ed50bc314284702658f2f02d84c7ae846ddbc82e30ebb93e12566d204717f16ab96105cf7183419e2217730197edd3643bf4b5475296b1281bfecf061b8a7618c212771457df2a4aad61ae0db8abe773cf2674c78f4084167a9ca463e10d7500822eb54485ac976c053a7d16e3463c90bc6f5c4b6392f42b7cc0660036903cd649ba"}, {0x1f}, {0xe, 0xa, "f0749118229213f62d83ef54243e48e5b6fd3cae1ea3b5bac98682958392bbf8dd2458c0a58318e7880e4b4e62fc1871ca55c946056fb7c41ef634cc22cddec16e41bc37c3aea2f429fa687a70f6978dc6bf9cca"}, {0x18, 0x18, "ea95ab0a03f93049172c0281c483125e5b0d01ec159c49c5a6924beddc8278e8168630508eada0f4e6d137abfdcdd034673c5bc0c0f922fcd822fe593240b2e66e2c656ac7bfced046cf5c3e03cd87fcd90bd1ca58eeecb40a8d8c16296394e1c09807c648fb5d0e0efdaeef82905fb1370796c5a1960836bf3cb007326010b88498fd095590d5bacf287d2ee767e9fda78cd1052492a684d63678082bc6099bd5f40237e9c2ef2a8151b729b8844077d57db6f20438fb44431a18f155c0c00c6cc5efb7"}, {0x14, 0x17f, "5410d5bc1e896fc2e59af62dc9c810b5bdb94f48e22ee57fe5a39a91aff47de7af78c97c5b5bbe9b6f683afcc4ffec043c7cadcd9c17ef5dcd068126bf0c69c95b98bb208fcb56124b2928cf80977b550d6f46d6d4a6942902311f9aa7153e9a893183603077bd41f20cee2027100120282a6429196ab4f8cbae49cd359a5a4dbc76d6786a518f7d2d9cac75c0b303ccc7c795a59c0977c57a98aca8c99ffee97f9409607d4a3b3ce45d3dae35a8a8e42cff3239107852383b45fc1ac92a03e27904c477dae73279afe7906a1acbe87f8b283b66a8246cb1e4bb8cf4f2b7932c0fcb18316fc3e075e3d3382222e3faaba9c60dc8e1b5c96af5084d47d2f3a165e3fe644aed54de4f10ea361e0c53a7bb7a0ee3b4650c7b0409b30716db4b7211aa49bd51b2ea9bb7dce5f58d81749c3be621d26407e995563a1923d2f73a66cda999af33522b0878bba0413370a44de8098b3ec959ee4d6d870746e3a2c0c59af6a427ba9eda1c06a5feb2c0014efc339ac60207f9ec05d86af785d8643cd8ebb6d335682249b4cb24ce2f0d5148f9b65bbe62ec14b3163610788989f7389c1a52f71823523dfe5d96b143a97599d46526da55ca5aa046135fe2b770efe78e16119169faf9df4998079883ffe85026ddee4bce1c66c79c3c063cfdbaceafada81892ef836106327aaf93aa0e855269cb34a691bac877faa0b294da6b83329c7f43a6d06359b76f9993723634afbbf149f2b40389dd93d9b58688f362e515ee7cb07d46cd775536fc56c1ddbf9b1bc3478e613bc18aae2fdfd1f5d64b4d42810801d6d9b3d21988e484a9429de24be9037042eef33ceef19fc7994f91713d56a1f8de485c52c8b033087d3410acb275835445ed09e9845902a93f9061b47f36acac63425d63b7877441a5f44ad75140156764a1d27f12a681d1a5f5ef1abb12544f17def2b76ac5625f39470a20738ea98a99cdeccae666018eb64cebbfb4345d96a93b854118e138204d03de81f008b74175bb8265add714475166b99a439ee253c5c3396ef545c9d9b3b1be6dd17b7470ad388b8dd9cbac135c3c74ae833ce85f3e070e0403b4defef0430f132b17c87e76e0e0dbabefabde8f8d005eb29e6a4eb62cde700f0d889c16f30e2dcd9579a5ebe3eef1e3071bb7e2b5d0762f48d212a692aa856b2312b20a17f92e48ed2acf0e9ebb689b847decd1f1149084b1cc02d48cdc471b3e018afdb85be418f9d1afdc93ae68cdcdbae60f94105c1ec420cc11979ff4853b35e79fcc12d650bb1cce7fc84a46f90ec18d6577ec843e1eeaaf1797f4fd888b612213d9669367a41be08de038e005d84d69a51ce9cae60e844eb2536cc6e7ed0b0040764e39bbe8ce2499b1357147f14b30a526671a5adcbf8b76dedecb1979fce3765eb70193faf9a1b5b1d7ed852c5542623da9f609ecce6b88d08ac88b36625e5706b20d82e862c3b50861ae4a1713c1b56032f7a242285ae871d9bf2444f744628f7650848f8cb51dd292a60d4c14c599d1c1bdda76ae0c956f45f5235eb6af62f13b22e0fa7c78a3605b227f0cd5a68d759a2ccac831d19f71f872d83517f02205a0d082cea380065d6a6f20d0c4897e609d71d295a94ff5a90b049fca237bc3ce302c1f65528107d2224d23640d2bbeea1a545759bcf2a7339a64cfdd926bd0025a376d418e2c9d0ad3e2ee2752fb72a54aa3ea089df928e933009138e0ca9eb6c99c406962ca3bbc3df11fe9974b90a22bcd7068953266f615edf9bc32f125effdb85b6f44232c495df1729a4ba2d866797313e8491080a86842b3e78b8e8a6d5d1c85b3766739749a712f8cc518aa42c56641e07f0bfe3a4a798f833761c494e2230059849e156ad68697398b48aa1c29b9ef67e25278564188ebd725c876573e93394fe65b4421fc1ec0d07213ebd6a0be5fc95aba7fb2655fd65e0ac6e99d88c6439246a8b17f4ca4628414a77d2363536eec1c5aace4ce797da96cdb7c8c8d6b074c3b9533e49bef0bbb82053193455f74f178f914b2578d7135161742b81963418228ca91629c36e84dca645de593dee83a4363b97952ee20efb250b3ce89639cbbb8798dd65101cd4c1fef5faf12e86060367361dbb0c22c55d13617a2787b898c3614fab03d0efbbb4a976811743cd7451e5bba2146e57cd4bc5f7b3ff9e0172ec8d6f1b8886e1a005131ab7337442a0a0129bba63b825f3a8c068ff87c814f100418bd34ac916adbb4dc872cae3cffbfe5fb7cf436f000931c02a7621dbcb4e80898035043c6b4411988051f4e487f08bb6e2ccfea8855232ec9199de423a7c18c10c3e160b076e91fbf271c952b096ced2f198a3f71e859c87636f373e8e2fba2392d3f8adcc6926e06ac3e4a68e1b558d00478d9bf4ec26ae5f76cb6255af16a1b5a6fd4d79a47dca48ddde4e32b7354c73c89d5756b003ded6afdb515ad8cba49c124e973bfe57831b0503f5cf8460aad2399daf1cbf1c7e2be8fdb314db3e23e468328d3263980902132f7d0d5457fdd4795150cec8e261a9ac249e27d6672bc668e03340dcfcf2e04c6e2e4e9b428f0c024b81aa6facbf0e7751077ae8cd43ce5f8975a6bf6851da8bac6ece9e4426b0fd221a64e9dccd9cc85e50aab44e21144dae5a88a4b35f56920d531a4fdf989406c92f6ad40cfa3f5633bd3fbf670f4e3c74019141a3cd80bde04260327cd8b4b0d5af034ae4be454093f95858d0b0399f011d6aa74a1729360ad6250c54d1a906ec876b3eb5ae45debd184b7c7119cf100979a8fc0d555bc972b15eeb5abe9cdbfcfab35a40dc54115a42876721b0647892d37f980a7ba10cd512302c9e6672e8f9e671c2bc0f5be3ebb47a834db3e92be88e6ac4ef6f97603ef5023c5acf6f09d119a083d51c3483a953953fd0f1040e4ccfd59b7f283ff2da1311cc1c92c35b97d2423c02082fc8d297f9fa12eb6c712268667c5ea2aa0fa5d71d8e500351795bbc4b03d2d9dbf20364f791ff93d1c4de11c61983435eb40c1bc50caa09d328ac0627c47aab1346200ec606dd4eb41c9dbadf7ff717b172da866ddfc1f2b9b1e49a053a120cbd0885f543608408abff79fc5cce98bd31102453f556a8887f7cfe0126ac77748d5b11c614b595e516bd3347db7cd746004ac33518d73363d6cdb88edbdbd89eef3a0bad2d77bc56ecb2e704695556434e1d641ad9464a1359187fa1591c2f7deae84b6331ea40313a6b96b64f98b316c3409a79dfd0104dfb66b7ed6a81633ed652c2949418de10666c575abe1e4e1dea02d1ec0aca8c54c9a155938fe97a45c81b4434ebed60b8a511f2c3c099cf1d1d33cea22c5aa4f524fa203f2782ea8a8b97b2cab24bb2346b94068e2fd30cd4ecfb7f10b94f9fc41d23159cdab88b2cff834223f23c386072c36bece314b76ae771746eaa1895e9410fae482a8c2f059f128a556f2b23904243279b596d9bfc9869675483878744f5de09ded6299c25758f60df183387bcd62dc786b5e9fbde069aae2c15f45e29fbefecae2bd867069c340802e47fd681a05adf59d07fa9695cdf7c7bef9a406107c251ea4f4e03ab83e216cc63b9f673b25a35da58a33348a3e5ce707f96cbf93816e2f1f4f53708f57058e5f650e9ef6e04e060d967e6cf085904217ffed77afc63670aa50efaa23f445559533c7ae0dd5c74d52b8a652b52ad2d84518a43d3a1aef864967ca92b00f8e849256a0e8e211d888af406e281eaca8cc4f71d1b114e4cbda71204ff4168965f04409a40a3c259f2fb3849d0cb2fc99663e01ecf0bcc0a95be28e51cd733ca097e68ccf4025a636814b4792ed90534e997e3bf2e8509adff62af2c4767feabce6ee6732b5909c3efdff8597ceae981ab35dbb23d6ae57223ff4b30851f1436a97432f3331236999abc2e12f0288976ba65e2b672803384e4d483f28c6661d2d4bfdc63a2fc5081beaeb8d7fb34bbb8460c230c4275e0a06b5c86c017c0a3b5bbd336058be2a67b6ece6ecc3b3743b8b571bd29b4c0ad2693bc4cb206d5f913f631992c45c42dd367c0500b4248cf935f3eaf9d4fd4094cfddde14af840039e106f6e91bb8e4f386537fd49937c6b9b72c81935b809f4d8fae31c6745c8e4ad5f20ddd53d818da5976bc56012e9543a8259ceccef0a4527ed72e4a29fa8e663fe824150c7741dbece6657f8022a0b026c25c91db2290c8aa28f97af03ba60c7ffabe395f39a19103c2f45abf134636dbc87ae7647388c2f60ca8873866c6e2bb5ad620422b02e516f1704029b7c809895438cc8dc8411e4d1b5385d188f3b03cc29810646c4d36b203e422fef24cfd927584"}]}}}}}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x73, 0x0, @local, @local, {[@fragment={0x2f, 0x0, 0x7, 0x1, 0x0, 0x9, 0x66}]}}}}}, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10)
socket$kcm(0x29, 0x2, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000000040)=0x1c00)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
semget$private(0x0, 0x2, 0x302)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
listen(0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e000000180002801400"], 0x48}}, 0x0)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007a80)=[{{&(0x7f0000000b40)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x8004}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}}], 0x2, 0x48000)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x250, 0x0, 0xb, 0x148, 0x0, 0x148, 0x1b8, 0x230, 0x242, 0x1b8, 0x215, 0x3, 0x0, {[{{@ip={@remote, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'geneve0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf0, 0x0, {0xff0f000000000000}, [@inet=@rpfilter={{0x28}, {0x4}}, @common=@unspec=@devgroup={{0x38}, {0x0, 0x0, 0x0, 0x6}}]}, @unspec=@TRACE={0x20}}, {{@ip={@local, @rand_addr=0x64010101, 0xffffff00, 0xffffffff, 'veth0_to_batadv\x00', 'pimreg\x00', {0xff}, {0xff}, 0x33, 0x2, 0x22}, 0xec010000, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x7}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0)
r4 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0x9, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000001c0)="696d9fe62306edf82ff96b94000c8ca8702447ef2fe7f51ac97716", 0x1b, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000380)='f2fs\x00', 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000800)=ANY=[@ANYBLOB="48010000100013070000000000000000fe880000000000000000000000000001ac1e000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa00000000330000002001000000000000000000000000000200002000"/151, @ANYRES32=0x0, @ANYBLOB="000000004c0014007368613100"/80], 0x148}}, 0x0)

5.993583045s ago: executing program 0 (id=1892):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder1\x00', 0xc00, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000140)=@udp6=r0, 0x1}, 0x20)

5.811163558s ago: executing program 5 (id=1893):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x22, &(0x7f00000001c0)=0x4, 0x4)

5.776759358s ago: executing program 0 (id=1894):
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = userfaultfd(0x801)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1, {0x4}}, './file0\x00'})
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYRES16=r3, @ANYBLOB="020228bd7000fcdbdf250c00000008003c000600000008003b0002000000"], 0x24}, 0x1, 0x0, 0x0, 0x24000004}, 0x8005)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f00000003c0)={'sit0\x00', <r4=>0x0, 0x1, 0x4007, 0x3, 0x80, {{0x29, 0x4, 0x1, 0x5, 0xa4, 0x68, 0x0, 0x7f, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@timestamp_prespec={0x44, 0x14, 0xd8, 0x3, 0x9, [{@remote, 0x8}, {@rand_addr=0x64010100, 0x2}]}, @timestamp_prespec={0x44, 0x24, 0xa2, 0x3, 0x3, [{@multicast1, 0x4}, {@multicast2, 0x8b2}, {@empty, 0xc}, {@broadcast, 0x200}]}, @timestamp_prespec={0x44, 0x14, 0x78, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x13}, 0x7b0af356}, {@remote, 0x5}]}, @timestamp_prespec={0x44, 0x44, 0x87, 0x3, 0x0, [{@rand_addr=0x64010102, 0x1}, {@dev={0xac, 0x14, 0x14, 0x17}, 0x7}, {@loopback, 0x80000001}, {@remote, 0xe}, {@dev={0xac, 0x14, 0x14, 0x1b}, 0x2}, {@private=0xa010100}, {@remote}, {@multicast1, 0xb05}]}]}}}}})
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000005c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r3, 0x4, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x73a}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20044800}, 0x4001)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000120a09000000000000000000020000000900020073797a31000000000800044000000003080003406180a04f9c000000010900010073797a30000000000800084000000000140000001100010000000000000000000000000a"], 0x6c}, 0x1, 0x0, 0x0, 0x5}, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020100000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a60000000160a01010000000000000000020000000900020073797a31000000000900010073797a30000000002c000380080002400000000008000140000000001800038014000100776c616e3000000000000000000000000800070200000001140000001100010000000000000000000000000a"], 0x88}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r7 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
bind$alg(r2, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

4.617675046s ago: executing program 5 (id=1895):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000002000010027bd7000000000000a108000000000080400000014000200fc020000000000000000000000000000140001002001"], 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc02000000000000000000"], 0x5c}}, 0x0)

4.565267257s ago: executing program 3 (id=1896):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10001, 0x7, 0x6361, 0x5, 0x1, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4.427932969s ago: executing program 0 (id=1897):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x1, 0x0, 0x0, 0x67, 0x1ff, {0x5, 0x4, 0x1, 0x2, 0x69d2, 0x66, 0xfff, 0x4, 0x21, 0x8, @multicast1, @multicast2}}}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000008000f00fd000000", 0x24)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280), r2)

4.40517583s ago: executing program 4 (id=1898):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000ff7f0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

4.251483452s ago: executing program 5 (id=1899):
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, 0x0, 0x400c1)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2309fefffffffcffffff0100000005000700000000000800090000000000060002000100000008000a000400010008001700", @ANYRES32], 0x3c}}, 0x0)

4.078220865s ago: executing program 4 (id=1900):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
ioctl$sock_netdev_private(r3, 0x8912, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$KDDISABIO(r2, 0x4b37)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r0)
r7 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x100000e, 0x4018831, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x5})
r9 = syz_io_uring_setup(0x72ae, &(0x7f0000000280)={0x0, 0xffffffff, 0x10100, 0x0, 0x1c3}, &(0x7f0000000500), &(0x7f0000000000)=<r10=>0x0)
syz_io_uring_setup(0x2287, &(0x7f0000000200)={0x0, 0x6e79, 0x400, 0x1, 0x1}, &(0x7f0000000080)=<r11=>0x0, &(0x7f0000001540))
syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r9, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000380)="5e73663bf4082f7c6c9ed7f09d6dd7be5a06dfd645630500c1a303434a36bfc41f1c1eb3c4f54167ec77ffdc0fb243c3111dda42112650cc00", 0x0, 0x48)

3.968892696s ago: executing program 5 (id=1901):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0x6)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000080)=0x1c)

3.948885757s ago: executing program 0 (id=1902):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8)
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = socket$kcm(0x2, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r4})
sendmsg$kcm(r3, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0)
close(r3)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5}, 0x18)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000000)="0a000000010001", 0x7)

3.008695892s ago: executing program 4 (id=1903):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r0}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[], 0x50)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
close_range(r1, r1, 0x2)
fsetxattr$security_ima(r1, 0x0, 0x0, 0x0, 0x3)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000002900)=0x5, 0x2)

2.760714246s ago: executing program 3 (id=1904):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x8000, 0x0, 0x0, r2, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r3, &(0x7f0000000200)=[{&(0x7f00000003c0)='n\nl', 0x3}], 0x1)
dup3(r0, r3, 0x6700000000000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

2.758991146s ago: executing program 1 (id=1905):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0xcaf, &(0x7f0000000100)={0x0, 0xb601, 0x1, 0x5, 0x17a}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2.667878017s ago: executing program 5 (id=1906):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000002000)=ANY=[], 0x140}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
openat$cuse(0xffffff9c, 0x0, 0x2, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, 0x0)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004811)
write$tun(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="0800080002010900680000800900456f009100660000401190780a010102ac1414aa4f204e22007d9078c10200169c79cb22459ff50866ff829694a603d3c443eead4100af7b350c12fa15932138ee8f6a6d2afdde33d5a4298b32860f7d3d68030697e95d9cff97f976b3ac6d8c10e10601a959b4bf18b7d52cd3b5a4c19759c5e155c033fbf5a6b311de39eb228702b8bf55388a273db8f23105e37c"], 0x9f)
symlink(&(0x7f0000000880)='.\x00', 0x0)
mount$nfs(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(r3, 0x2201, 0x0)
syz_clone(0x20304000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
syz_io_uring_setup(0x1714, &(0x7f0000000300)={0x0, 0x2dd2, 0x10100, 0x0, 0x1}, &(0x7f0000000100), &(0x7f0000000080))

2.617824568s ago: executing program 1 (id=1907):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x102)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x1000000, &(0x7f00000002c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x189040, 0x10a)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
openat$userio(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x500, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

2.573224389s ago: executing program 0 (id=1908):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea048500000050000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[], 0x50)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
close_range(r1, r1, 0x2)
fsetxattr$security_ima(r1, &(0x7f0000000a40), 0x0, 0x0, 0x3)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x40a700, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3})
socket$inet_udp(0x2, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000650000000600000085100000010000009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x3}, 0x90)

187.367076ms ago: executing program 4 (id=1909):
syz_open_dev$vim2m(&(0x7f00000003c0), 0x20000000000003e, 0x2)
r0 = socket(0xa, 0x3, 0xff)
pwritev(r0, &(0x7f0000000180)=[{0x0}], 0x1, 0x5, 0x1)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe6)
prlimit64(0x0, 0xe, &(0x7f0000000900)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x1, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_DQEVENT(r3, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r3, 0xc0506107, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x27, 0x0, 0x0)

21.958939ms ago: executing program 5 (id=1910):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000002000010027bd7000000000000a108000000000080400000014000200fc020000000000000000000000000000140001002001"], 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc02000000000000000000ff"], 0x5c}}, 0x0)

824.62µs ago: executing program 0 (id=1911):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r1, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f0000000140)=0x6, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
eventfd(0x2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)
r3 = eventfd(0x7ff)
io_submit(0x0, 0x3, &(0x7f0000000580)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x7, 0xffffffffffffffff, &(0x7f0000000200)="215bfa41c538df61e6c61df82405d0a14ee87856d6c5ed395f2a3f3dbb7150464d41387b34b055c3c77dafe9ef54e570112d9b75650606bad4a5e0e0eeb09037984a80533b72169cd06a8cba073daae5d952be4637f022c6f628fedee8f67864c4072dd46b47603a3d56c3bd6d686979319d18bf", 0x74, 0xfffffffffffff000, 0x0, 0x2, r3}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x6, 0x1, r2, &(0x7f0000000480)="ceae957f5cd1619d8ef27a39612ebd85bb4e5decefc72fe4ae82f624f879c6", 0x1f, 0x7, 0x0, 0x3}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000500)="37fcfc4f3444c10000000000000000", 0xf, 0xffffffffffff8000}])
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80080)
write$P9_RREAD(r4, &(0x7f0000002340)=ANY=[@ANYBLOB], 0xe4)
r5 = syz_open_procfs(0x0, &(0x7f0000002880)='net/ip6_mr_vif\x00')
read$FUSE(r5, &(0x7f0000000300)={0x2020}, 0x2020)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)=ANY=[], 0x2c}}, 0x0)

0s ago: executing program 3 (id=1912):
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, 0x0, 0x400c1)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2309fefffffffcffffff0100000005000700000000000800090000000000060002000100000008000a000400010008001700", @ANYRES32], 0x3c}}, 0x0)

kernel console output (not intermixed with test programs):

617][ T6189] usb 4-1: config 0 descriptor??
[  318.222573][ T6189] usb 4-1: can't set config #0, error -71
[  318.229473][ T6189] usb 4-1: USB disconnect, device number 3
[  318.281737][ T7097] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  318.292637][ T7097] tipc: Resetting bearer <eth:syzkaller0>
[  318.333191][ T7096] tipc: Disabling bearer <eth:syzkaller0>
[  318.801727][ T7103] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  318.858969][ T7103] device syzkaller0 entered promiscuous mode
[  319.010048][ T7103] tipc: Resetting bearer <eth:syzkaller0>
[  319.022872][ T7100] tipc: Resetting bearer <eth:syzkaller0>
[  319.220361][ T7100] tipc: Disabling bearer <eth:syzkaller0>
[  319.880113][ T7114] loop0: detected capacity change from 0 to 512
[  321.566124][ T4271] syz-executor: attempt to access beyond end of device
[  321.566124][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  321.902274][ T7137] tipc: Started in network mode
[  321.932624][ T7137] tipc: Node identity 2621a8f1a959, cluster identity 4711
[  321.939918][ T7137] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.018905][ T7137] tipc: Resetting bearer <eth:syzkaller0>
[  322.114877][ T7136] tipc: Disabling bearer <eth:syzkaller0>
[  322.564246][   T26] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  323.464584][ T7157] comedi comedi0: Minor 2 could not be opened
[  323.572444][   T26] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  324.441446][   T26] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  324.520898][   T26] usb 4-1: config 220 has no interface number 2
[  324.527297][   T26] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  324.588837][   T26] usb 4-1: config 220 interface 0 has no altsetting 0
[  324.598747][   T26] usb 4-1: config 220 interface 76 has no altsetting 0
[  324.613074][   T26] usb 4-1: config 220 interface 1 has no altsetting 0
[  324.668660][   T26] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  324.767626][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.798081][   T26] usb 4-1: Product: syz
[  324.807632][   T26] usb 4-1: Manufacturer: syz
[  324.819426][   T26] usb 4-1: SerialNumber: syz
[  326.404776][   T26] usb 4-1: selecting invalid altsetting 0
[  326.422234][   T26] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  326.428612][   T26] usb 4-1: No valid video chain found.
[  326.459062][   T26] usb 4-1: selecting invalid altsetting 0
[  326.507042][   T26] usbtest: probe of 4-1:220.1 failed with error -22
[  326.559446][   T26] usb 4-1: USB disconnect, device number 4
[  330.045889][ T7217] loop0: detected capacity change from 0 to 512
[  331.930998][ T4355] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  332.111351][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  332.123902][ T4355] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  332.146969][ T4355] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  332.239273][ T4355] usb 4-1: config 220 has no interface number 2
[  332.255497][ T4355] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  332.310257][ T4355] usb 4-1: config 220 interface 0 has no altsetting 0
[  332.321824][ T4355] usb 4-1: config 220 interface 76 has no altsetting 0
[  332.329070][ T4355] usb 4-1: config 220 interface 1 has no altsetting 0
[  332.369222][ T4355] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  332.379514][ T4355] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.391682][ T4355] usb 4-1: Product: syz
[  332.397728][ T4355] usb 4-1: Manufacturer: syz
[  332.402900][ T4355] usb 4-1: SerialNumber: syz
[  333.517697][ T4355] usb 4-1: selecting invalid altsetting 0
[  333.545989][ T4355] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  333.595692][ T4355] usb 4-1: No valid video chain found.
[  333.657159][ T4355] usb 4-1: selecting invalid altsetting 0
[  333.681341][ T4355] usbtest: probe of 4-1:220.1 failed with error -22
[  333.695099][ T7251] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem
[  333.760658][ T4355] usb 4-1: USB disconnect, device number 5
[  333.860694][ T7256] loop4: detected capacity change from 0 to 512
[  335.395202][ T7268] device syzkaller0 entered promiscuous mode
[  335.544663][ T7275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.820'.
[  335.587161][ T7275] device bridge_slave_1 left promiscuous mode
[  335.608614][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.683655][ T7275] device bridge_slave_0 left promiscuous mode
[  335.731206][ T7275] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.156248][ T7284] device syzkaller0 entered promiscuous mode
[  336.294351][ T7288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.825'.
[  336.559494][ T7295] loop3: detected capacity change from 0 to 512
[  336.849046][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  337.923421][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  337.932634][ T7292] comedi comedi2: reset error (fatal)
[  339.038710][ T6711] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  339.237563][ T6711] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  339.249127][ T7314] device syzkaller0 entered promiscuous mode
[  339.286611][ T6711] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  339.327736][ T6711] usb 3-1: config 220 has no interface number 2
[  339.358149][ T6711] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  339.420965][ T6711] usb 3-1: config 220 interface 0 has no altsetting 0
[  339.449217][ T6711] usb 3-1: config 220 interface 76 has no altsetting 0
[  339.469925][ T6711] usb 3-1: config 220 interface 1 has no altsetting 0
[  339.498115][ T6711] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  339.517660][ T6711] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.526368][ T6711] usb 3-1: Product: syz
[  339.553869][ T6711] usb 3-1: Manufacturer: syz
[  339.570827][ T6711] usb 3-1: SerialNumber: syz
[  339.635167][ T6711] usb 3-1: can't set config #220, error -71
[  339.657127][ T6711] usb 3-1: USB disconnect, device number 4
[  339.830487][ T7321] netlink: 12 bytes leftover after parsing attributes in process `syz.1.838'.
[  340.186994][ T7328] binder: 7327:7328 unknown command 1074553619
[  340.220892][ T7328] binder: 7327:7328 ioctl c0306201 200000000540 returned -22
[  340.944933][ T7334] device syzkaller0 entered promiscuous mode
[  341.146329][ T7341] loop0: detected capacity change from 0 to 512
[  341.363483][   T26] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  341.590169][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  342.041615][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  342.091309][ T7343] dlm: plock device version mismatch: kernel (1.2.0), user (1.50528256.7388458)
[  342.222749][   T26] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  342.257701][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  342.287823][   T26] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  342.317737][   T26] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  342.378964][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.419423][   T26] usb 4-1: config 0 descriptor??
[  342.659168][ T6711] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  342.981080][   T26] hdpvr 4-1:0.0: unexpected answer of status request, len -32
[  342.989233][   T26] hdpvr 4-1:0.0: device init failed
[  344.278252][   T26] hdpvr: probe of 4-1:0.0 failed with error -12
[  344.685723][ T6711] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  344.759947][ T6711] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  344.961663][ T6711] usb 1-1: config 220 has no interface number 2
[  345.049706][ T6711] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  345.225602][ T6711] usb 1-1: config 220 interface 0 has no altsetting 0
[  345.339101][ T6711] usb 1-1: config 220 interface 76 has no altsetting 0
[  345.425126][ T6711] usb 1-1: config 220 interface 1 has no altsetting 0
[  346.551313][ T7362] loop1: detected capacity change from 0 to 40427
[  346.584015][ T6711] usb 1-1: string descriptor 0 read error: -71
[  346.590348][ T6711] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  346.602421][ T6711] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.613803][ T6711] usb 1-1: can't set config #220, error -71
[  346.622400][ T6711] usb 1-1: USB disconnect, device number 4
[  346.685120][ T4355] usb 4-1: USB disconnect, device number 6
[  346.743387][ T7362] F2FS-fs (loop1): Found nat_bits in checkpoint
[  346.807455][ T7362] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  347.301180][ T7379] syz.1.851: attempt to access beyond end of device
[  347.301180][ T7379] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  347.964424][   T27] audit: type=1800 audit(1753544368.046:411): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.851" name="file2" dev="loop1" ino=14 res=0 errno=0
[  348.296520][ T7381] libceph: resolve '.
[  348.296520][ T7381] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  348.296520][ T7381] ' (ret=-3): failed
[  348.405294][ T4273] syz-executor: attempt to access beyond end of device
[  348.405294][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  349.730076][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.862'.
[  349.818470][ T7398] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  349.887366][ T7400] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  349.957533][ T7400] bond1 (unregistering): Released all slaves
[  350.006282][ T7404] netlink: 12 bytes leftover after parsing attributes in process `syz.3.865'.
[  350.158638][ T7405] tmpfs: Unknown parameter 'grpquota'
[  350.949121][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  353.219026][ T7434] loop3: detected capacity change from 0 to 40427
[  353.290838][ T4355] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  353.353218][ T7434] F2FS-fs (loop3): Found nat_bits in checkpoint
[  353.398109][ T7434] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  353.432011][ T7444] device syzkaller0 entered promiscuous mode
[  353.480806][ T4355] usb 2-1: Using ep0 maxpacket: 32
[  353.488192][ T4355] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  353.549596][ T4355] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  353.624700][ T4355] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  353.654802][ T4355] usb 2-1: Product: syz
[  353.659046][ T4355] usb 2-1: Manufacturer: syz
[  353.670862][ T4355] usb 2-1: SerialNumber: syz
[  353.694846][ T4355] usb 2-1: config 0 descriptor??
[  353.757756][ T7446] syz.3.873: attempt to access beyond end of device
[  353.757756][ T7446] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  353.850060][ T7450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.877'.
[  354.661444][   T14] usb 2-1: USB disconnect, device number 4
[  354.787104][   T27] audit: type=1800 audit(1753544375.476:412): pid=7446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.873" name="file2" dev="loop3" ino=14 res=0 errno=0
[  354.837818][   T11] kworker/u4:1: attempt to access beyond end of device
[  354.837818][   T11] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  355.230817][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  358.726987][ T7489] tmpfs: Unknown parameter 'grpquota'
[  359.877801][ T7496] device syzkaller0 entered promiscuous mode
[  360.500970][ T7503] loop4: detected capacity change from 0 to 512
[  360.551292][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  362.308022][ T7516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.890'.
[  363.837033][ T7529] netlink: 12 bytes leftover after parsing attributes in process `syz.0.897'.
[  364.373304][ T7534] tmpfs: Unknown parameter 'grpquota'
[  364.888984][ T7540] device syzkaller0 entered promiscuous mode
[  366.452076][ T7552] device syzkaller0 entered promiscuous mode
[  366.639105][ T7557] Cannot find add_set index 0 as target
[  367.348660][ T7561] loop2: detected capacity change from 0 to 40427
[  367.443347][ T7561] F2FS-fs (loop2): Found nat_bits in checkpoint
[  367.515724][ T7561] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  367.795338][ T7572] syz.2.908: attempt to access beyond end of device
[  367.795338][ T7572] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  368.239298][   T27] audit: type=1800 audit(1753544388.516:413): pid=7572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.908" name="file2" dev="loop2" ino=14 res=0 errno=0
[  368.274705][ T4271] syz-executor: attempt to access beyond end of device
[  368.274705][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  369.799010][ T7589] device syzkaller0 entered promiscuous mode
[  370.301229][ T4335] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  370.663128][ T4335] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  370.741495][ T4335] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  370.787048][ T4335] usb 3-1: config 220 has no interface number 2
[  370.816327][ T4335] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  370.889712][ T4335] usb 3-1: config 220 interface 0 has no altsetting 0
[  370.902663][ T4335] usb 3-1: config 220 interface 76 has no altsetting 0
[  370.915626][ T4335] usb 3-1: config 220 interface 1 has no altsetting 0
[  371.019848][ T4335] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  371.029082][ T4335] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.037254][ T4335] usb 3-1: Product: syz
[  371.041506][ T4335] usb 3-1: Manufacturer: syz
[  371.046129][ T4335] usb 3-1: SerialNumber: syz
[  371.285695][ T7609] tmpfs: Unknown parameter 'grpquota'
[  372.009932][ T7608] device syzkaller0 entered promiscuous mode
[  372.622553][ T4335] usb 3-1: selecting invalid altsetting 0
[  372.631407][ T4335] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  372.637907][ T4335] usb 3-1: No valid video chain found.
[  372.730114][ T4335] usb 3-1: selecting invalid altsetting 0
[  372.736699][ T4335] usbtest: probe of 3-1:220.1 failed with error -22
[  372.752130][ T4335] usb 3-1: USB disconnect, device number 5
[  372.963000][ T7617] loop0: detected capacity change from 0 to 40427
[  373.016560][ T7617] F2FS-fs (loop0): Found nat_bits in checkpoint
[  373.058274][ T7617] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  373.325909][ T7628] syz.0.921: attempt to access beyond end of device
[  373.325909][ T7628] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  373.362675][   T27] audit: type=1800 audit(1753544394.036:414): pid=7628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.921" name="file2" dev="loop0" ino=14 res=0 errno=0
[  373.899084][ T4265] syz-executor: attempt to access beyond end of device
[  373.899084][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  376.265607][ T7650] tmpfs: Unknown parameter 'grpquota'
[  377.472706][ T7657] device syzkaller0 entered promiscuous mode
[  377.788350][ T7659] loop4: detected capacity change from 0 to 40427
[  377.822230][ T7659] F2FS-fs (loop4): Found nat_bits in checkpoint
[  377.857079][ T7659] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  378.159181][ T7667] syz.4.934: attempt to access beyond end of device
[  378.159181][ T7667] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  378.182750][   T27] audit: type=1800 audit(1753544398.866:415): pid=7667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.934" name="file2" dev="loop4" ino=14 res=0 errno=0
[  378.593928][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.600290][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  378.671528][ T4281] syz-executor: attempt to access beyond end of device
[  378.671528][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  380.376056][ T7684] loop0: detected capacity change from 0 to 512
[  380.726930][ T7686] loop3: detected capacity change from 0 to 40427
[  381.378408][ T7686] F2FS-fs (loop3): Found nat_bits in checkpoint
[  381.427168][ T7686] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  381.942785][ T7702] syz.3.938: attempt to access beyond end of device
[  381.942785][ T7702] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  382.117432][   T27] audit: type=1800 audit(1753544402.806:416): pid=7702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.938" name="file2" dev="loop3" ino=14 res=0 errno=0
[  382.444315][ T7709] netlink: 24 bytes leftover after parsing attributes in process `syz.1.944'.
[  382.665926][ T7713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.684421][ T7713] tipc: Resetting bearer <eth:syzkaller0>
[  382.725655][ T7710] tipc: Disabling bearer <eth:syzkaller0>
[  382.916099][ T7717] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.951816][ T7717] device syzkaller0 entered promiscuous mode
[  383.197105][ T7719] loop4: detected capacity change from 0 to 40427
[  383.359768][ T7721] loop1: detected capacity change from 0 to 512
[  383.371764][ T7719] F2FS-fs (loop4): Found nat_bits in checkpoint
[  383.381822][ T7717] tipc: Resetting bearer <eth:syzkaller0>
[  383.549128][ T7716] tipc: Resetting bearer <eth:syzkaller0>
[  383.558835][ T7719] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  383.796924][ T5370] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  383.935898][ T7716] tipc: Disabling bearer <eth:syzkaller0>
[  384.510854][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  385.902789][ T7742] device syzkaller0 entered promiscuous mode
[  386.149462][ T7749] device syzkaller0 entered promiscuous mode
[  386.340188][ T4272] syz-executor: attempt to access beyond end of device
[  386.340188][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  386.444653][ T7757] netlink: 24 bytes leftover after parsing attributes in process `syz.0.962'.
[  386.655354][ T7760] loop1: detected capacity change from 0 to 512
[  386.912353][ T7763] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.049361][ T7763] device syzkaller0 entered promiscuous mode
[  387.707689][ T7769] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.765586][ T7763] tipc: Resetting bearer <eth:syzkaller0>
[  387.784605][ T7769] tipc: Resetting bearer <eth:syzkaller0>
[  387.803810][ T7761] tipc: Resetting bearer <eth:syzkaller0>
[  387.832324][ T7761] tipc: Disabling bearer <eth:syzkaller0>
[  387.855465][ T7777] tmpfs: Unknown parameter 'grpquota'
[  388.113410][ T7766] tipc: Disabling bearer <eth:syzkaller0>
[  389.687836][ T7790] device syzkaller0 entered promiscuous mode
[  389.947048][ T7789] loop3: detected capacity change from 0 to 40427
[  390.046067][ T7789] F2FS-fs (loop3): Found nat_bits in checkpoint
[  390.107857][ T7789] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  390.281301][ T7802] loop2: detected capacity change from 0 to 40427
[  390.378131][ T7802] F2FS-fs (loop2): Found nat_bits in checkpoint
[  390.437314][ T7802] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  390.440925][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  390.516334][ T7818] syz.3.972: attempt to access beyond end of device
[  390.516334][ T7818] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  390.769783][ T7825] syz.2.970: attempt to access beyond end of device
[  390.769783][ T7825] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  390.835485][   T27] audit: type=1800 audit(1753544411.516:417): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.970" name="file2" dev="loop2" ino=14 res=0 errno=0
[  391.189679][   T27] audit: type=1800 audit(1753544411.746:418): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.972" name="file2" dev="loop3" ino=14 res=0 errno=0
[  391.356778][ T4271] syz-executor: attempt to access beyond end of device
[  391.356778][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  391.512360][ T7829] loop0: detected capacity change from 0 to 512
[  392.446996][ T7835] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  392.476365][ T7836] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  392.498157][ T7835] device syzkaller0 entered promiscuous mode
[  392.541283][ T7836] tipc: Resetting bearer <eth:syzkaller0>
[  392.673214][ T7833] tipc: Disabling bearer <eth:syzkaller0>
[  392.702332][ T7841] netlink: 24 bytes leftover after parsing attributes in process `syz.2.976'.
[  392.723852][ T7835] tipc: Resetting bearer <eth:syzkaller0>
[  392.763072][ T7834] tipc: Resetting bearer <eth:syzkaller0>
[  392.843712][ T7834] tipc: Disabling bearer <eth:syzkaller0>
[  392.977789][ T7844] netlink: 68 bytes leftover after parsing attributes in process `syz.0.982'.
[  393.064346][ T7844] netlink: 68 bytes leftover after parsing attributes in process `syz.0.982'.
[  394.575270][ T7853] tmpfs: Unknown parameter 'grpquota'
[  395.159889][ T4272] syz-executor: attempt to access beyond end of device
[  395.159889][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  395.390107][ T7859] loop4: detected capacity change from 0 to 40427
[  395.496360][ T7861] device syzkaller0 entered promiscuous mode
[  395.548860][ T7859] F2FS-fs (loop4): Found nat_bits in checkpoint
[  395.609585][ T7859] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  395.797955][ T7871] loop2: detected capacity change from 0 to 512
[  395.964219][ T7874] syz.4.987: attempt to access beyond end of device
[  395.964219][ T7874] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  396.051418][   T27] audit: type=1800 audit(1753544416.706:419): pid=7874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.987" name="file2" dev="loop4" ino=14 res=0 errno=0
[  396.390116][ T7877] netlink: 12 bytes leftover after parsing attributes in process `syz.1.993'.
[  396.536555][ T4281] syz-executor: attempt to access beyond end of device
[  396.536555][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  396.722707][ T7880] device syzkaller0 entered promiscuous mode
[  396.970536][ T7886] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  396.990617][ T7886] device syzkaller0 entered promiscuous mode
[  397.081163][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  397.098826][ T7886] tipc: Resetting bearer <eth:syzkaller0>
[  397.149600][ T7884] tipc: Resetting bearer <eth:syzkaller0>
[  397.233019][ T7884] tipc: Disabling bearer <eth:syzkaller0>
[  397.251666][ T7889] netlink: 68 bytes leftover after parsing attributes in process `syz.0.997'.
[  397.266918][ T7889] netlink: 68 bytes leftover after parsing attributes in process `syz.0.997'.
[  397.389737][ T7892] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  397.421432][ T7892] tipc: Resetting bearer <eth:syzkaller0>
[  397.450060][ T7891] tipc: Disabling bearer <eth:syzkaller0>
[  398.587407][ T7907] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1002'.
[  398.914789][ T7915] device syzkaller0 entered promiscuous mode
[  399.096075][ T7916] loop4: detected capacity change from 0 to 40427
[  399.149395][ T7916] F2FS-fs (loop4): Found nat_bits in checkpoint
[  399.210926][ T7916] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  399.555732][ T7924] syz.4.1006: attempt to access beyond end of device
[  399.555732][ T7924] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  399.616134][   T27] audit: type=1800 audit(1753544420.296:420): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1006" name="file2" dev="loop4" ino=14 res=0 errno=0
[  400.105608][ T4281] syz-executor: attempt to access beyond end of device
[  400.105608][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  400.300086][ T7900] loop0: detected capacity change from 0 to 40427
[  400.339488][ T7929] device syzkaller0 entered promiscuous mode
[  400.353661][ T7900] F2FS-fs (loop0): Found nat_bits in checkpoint
[  400.501642][ T7934] tmpfs: Unknown parameter 'grpquota'
[  400.649098][ T7900] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  400.683457][ T7937] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  400.714054][ T7937] device syzkaller0 entered promiscuous mode
[  400.970872][ T7937] tipc: Resetting bearer <eth:syzkaller0>
[  401.742769][ T7935] tipc: Resetting bearer <eth:syzkaller0>
[  401.842544][ T7935] tipc: Disabling bearer <eth:syzkaller0>
[  402.030885][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  402.110097][ T7951] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  402.141141][ T7948] tipc: Resetting bearer <eth:syzkaller0>
[  402.322700][ T7947] tipc: Disabling bearer <eth:syzkaller0>
[  403.430275][ T7965] device syzkaller0 entered promiscuous mode
[  403.467717][ T7968] loop1: detected capacity change from 0 to 512
[  403.535993][ T4286] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  404.754599][ T7981] loop1: detected capacity change from 0 to 40427
[  404.857007][ T7981] F2FS-fs (loop1): Found nat_bits in checkpoint
[  404.936784][ T7981] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  405.285578][ T7987] syz.1.1022: attempt to access beyond end of device
[  405.285578][ T7987] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  405.430088][   T27] audit: type=1800 audit(1753544426.116:421): pid=7991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1022" name="file2" dev="loop1" ino=14 res=0 errno=0
[  406.219022][ T7996] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1024'.
[  406.228424][ T7996] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1024'.
[  406.596822][ T8000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  406.649747][ T8003] device syzkaller0 entered promiscuous mode
[  406.667314][ T7973] loop0: detected capacity change from 0 to 40427
[  406.676523][ T8002] device syzkaller0 entered promiscuous mode
[  406.807772][ T8000] tipc: Resetting bearer <eth:syzkaller0>
[  406.922270][ T7999] tipc: Resetting bearer <eth:syzkaller0>
[  407.134114][ T7999] tipc: Disabling bearer <eth:syzkaller0>
[  407.160865][ T8010] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  407.550884][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  407.860926][ T8005] tipc: Disabling bearer <eth:syzkaller0>
[  408.358466][ T8024] loop0: detected capacity change from 0 to 512
[  408.426957][ T4286] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  408.602929][ T4273] syz-executor: attempt to access beyond end of device
[  408.602929][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  410.461000][ T8031] syz.2.1034 (8031): drop_caches: 2
[  411.893882][ T8054] loop0: detected capacity change from 0 to 40427
[  412.622831][ T8054] F2FS-fs (loop0): Found nat_bits in checkpoint
[  412.670300][ T8054] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  413.032657][ T8065] syz.0.1040: attempt to access beyond end of device
[  413.032657][ T8065] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  413.093658][   T27] audit: type=1800 audit(1753544433.776:422): pid=8065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1040" name="file2" dev="loop0" ino=14 res=0 errno=0
[  413.454612][ T8069] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  413.499776][ T8069] device syzkaller0 entered promiscuous mode
[  413.595646][ T4265] syz-executor: attempt to access beyond end of device
[  413.595646][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  413.792648][ T8069] tipc: Resetting bearer <eth:syzkaller0>
[  413.880464][ T8067] tipc: Resetting bearer <eth:syzkaller0>
[  414.046613][ T8067] tipc: Disabling bearer <eth:syzkaller0>
[  414.634998][ T6711] tipc: Node number set to 1056373956
[  415.931924][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  416.551787][ T8104] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  416.577025][ T8103] loop4: detected capacity change from 0 to 512
[  416.630256][ T8101] tipc: Disabling bearer <eth:syzkaller0>
[  416.643598][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  417.704653][ T8114] loop4: detected capacity change from 0 to 40427
[  417.787259][ T8114] F2FS-fs (loop4): Found nat_bits in checkpoint
[  417.826241][ T8114] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  418.218886][ T8123] syz.4.1051: attempt to access beyond end of device
[  418.218886][ T8123] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  418.337193][   T27] audit: type=1800 audit(1753544439.026:423): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1051" name="file2" dev="loop4" ino=14 res=0 errno=0
[  419.120287][ T8131] loop2: detected capacity change from 0 to 40427
[  419.148473][ T8131] F2FS-fs (loop2): Found nat_bits in checkpoint
[  419.180861][ T8131] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  419.432271][ T8139] syz.2.1055: attempt to access beyond end of device
[  419.432271][ T8139] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  419.456546][   T27] audit: type=1800 audit(1753544440.146:424): pid=8139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1055" name="file2" dev="loop2" ino=14 res=0 errno=0
[  419.983624][ T4271] syz-executor: attempt to access beyond end of device
[  419.983624][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  420.832568][ T8142] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1057'.
[  420.907731][ T8142] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1057'.
[  421.400805][ T8147] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  421.428711][ T8147] device syzkaller0 entered promiscuous mode
[  422.379291][ T8147] tipc: Resetting bearer <eth:syzkaller0>
[  422.428222][ T8157] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  422.448667][ T8145] tipc: Resetting bearer <eth:syzkaller0>
[  422.501955][ T8145] tipc: Disabling bearer <eth:syzkaller0>
[  422.533714][ T8157] device syzkaller0 entered promiscuous mode
[  422.611007][ T4281] syz-executor: attempt to access beyond end of device
[  422.611007][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  422.814713][ T8163] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  422.922300][ T8160] tipc: Disabling bearer <eth:syzkaller0>
[  423.218976][ T8176] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1069'.
[  423.279253][ T8176] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1069'.
[  423.387921][ T8174] loop1: detected capacity change from 0 to 40427
[  423.548786][ T8174] F2FS-fs (loop1): Found nat_bits in checkpoint
[  423.877713][ T8174] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  424.360068][ T8191] syz.1.1067: attempt to access beyond end of device
[  424.360068][ T8191] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  424.610983][   T27] audit: type=1800 audit(1753544445.106:425): pid=8191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1067" name="file2" dev="loop1" ino=14 res=0 errno=0
[  424.843925][ T4273] syz-executor: attempt to access beyond end of device
[  424.843925][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  425.134576][ T8196] loop4: detected capacity change from 0 to 512
[  425.211295][ T5370] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  427.097961][ T8208] loop4: detected capacity change from 0 to 40427
[  427.162177][ T8209] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  427.181741][ T8209] device syzkaller0 entered promiscuous mode
[  427.213300][ T8208] F2FS-fs (loop4): Found nat_bits in checkpoint
[  427.290669][ T8208] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  427.488263][ T8221] tipc: Resetting bearer <eth:syzkaller0>
[  427.585330][ T8206] tipc: Resetting bearer <eth:syzkaller0>
[  427.659700][ T8206] tipc: Disabling bearer <eth:syzkaller0>
[  427.683503][ T8227] syz.4.1074: attempt to access beyond end of device
[  427.683503][ T8227] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  427.720078][ T8225] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  427.751706][ T8225] device syzkaller0 entered promiscuous mode
[  428.059534][   T27] audit: type=1800 audit(1753544448.746:426): pid=8231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1074" name="file2" dev="loop4" ino=14 res=0 errno=0
[  428.104010][ T8237] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1082'.
[  428.123701][ T8237] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1082'.
[  428.597038][ T8241] loop0: detected capacity change from 0 to 40427
[  428.740255][ T8241] F2FS-fs (loop0): Found nat_bits in checkpoint
[  428.848633][ T8241] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  428.870876][ T8245] loop3: detected capacity change from 0 to 512
[  429.525434][ T8253] syz.0.1084: attempt to access beyond end of device
[  429.525434][ T8253] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  429.700725][   T27] audit: type=1800 audit(1753544450.386:427): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1084" name="file2" dev="loop0" ino=14 res=0 errno=0
[  429.922930][ T4265] syz-executor: attempt to access beyond end of device
[  429.922930][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  430.141055][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  430.304433][ T8262] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1090'.
[  431.378965][ T8268] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  431.398583][ T8268] device syzkaller0 entered promiscuous mode
[  431.619786][ T8268] tipc: Resetting bearer <eth:syzkaller0>
[  431.651969][ T8267] tipc: Resetting bearer <eth:syzkaller0>
[  431.759628][ T8267] tipc: Disabling bearer <eth:syzkaller0>
[  431.789364][ T8278] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  431.799278][ T8278] device syzkaller0 entered promiscuous mode
[  431.846475][ T8280] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1096'.
[  431.873516][ T8280] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1096'.
[  431.892714][ T8277] device syzkaller0 entered promiscuous mode
[  431.970188][ T8285] loop3: detected capacity change from 0 to 512
[  432.036443][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  432.037100][ T4281] syz-executor: attempt to access beyond end of device
[  432.037100][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  432.362289][ T8288] loop2: detected capacity change from 0 to 40427
[  432.547611][ T8288] F2FS-fs (loop2): Found nat_bits in checkpoint
[  432.864098][ T8288] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  433.211616][ T8297] syz.2.1098: attempt to access beyond end of device
[  433.211616][ T8297] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  433.275518][   T27] audit: type=1800 audit(1753544453.956:428): pid=8297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1098" name="file2" dev="loop2" ino=14 res=0 errno=0
[  433.743332][ T4271] syz-executor: attempt to access beyond end of device
[  433.743332][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  433.831480][ T8302] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1104'.
[  435.804120][ T8321] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  435.815193][ T8321] device syzkaller0 entered promiscuous mode
[  435.891998][ T8326] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1109'.
[  435.930892][ T8321] tipc: Resetting bearer <eth:syzkaller0>
[  435.937417][ T8326] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1109'.
[  435.984377][ T8320] tipc: Resetting bearer <eth:syzkaller0>
[  436.008859][ T8330] loop0: detected capacity change from 0 to 512
[  436.071643][ T8320] tipc: Disabling bearer <eth:syzkaller0>
[  436.105965][ T5370] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  436.228109][ T8333] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  436.317233][ T8335] device syzkaller0 entered promiscuous mode
[  437.072624][ T8340] device syzkaller0 entered promiscuous mode
[  437.340968][ T8344] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1115'.
[  437.420918][ T6251] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  437.554659][ T8346] loop2: detected capacity change from 0 to 40427
[  437.607955][ T6251] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  437.642811][ T6251] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  437.667374][ T8346] F2FS-fs (loop2): Found nat_bits in checkpoint
[  437.723063][ T6251] usb 4-1: config 220 has no interface number 2
[  437.729431][ T6251] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  437.793992][ T6251] usb 4-1: config 220 interface 0 has no altsetting 0
[  437.815017][ T8346] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  437.875969][ T6251] usb 4-1: config 220 interface 76 has no altsetting 0
[  437.890778][ T6251] usb 4-1: config 220 interface 1 has no altsetting 0
[  438.546597][ T8365] syz.2.1114: attempt to access beyond end of device
[  438.546597][ T8365] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  438.585404][   T27] audit: type=1800 audit(1753544459.266:429): pid=8365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1114" name="file2" dev="loop2" ino=14 res=0 errno=0
[  439.112394][ T4271] syz-executor: attempt to access beyond end of device
[  439.112394][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  439.130168][ T8369] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1123'.
[  439.139710][ T6251] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  439.144137][ T8369] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1123'.
[  439.153266][ T6251] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.287242][ T6251] usb 4-1: Product: syz
[  439.293014][ T6251] usb 4-1: Manufacturer: syz
[  439.297701][ T6251] usb 4-1: SerialNumber: syz
[  439.356736][ T8373] loop0: detected capacity change from 0 to 512
[  440.411400][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.422457][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  441.118676][ T6251] usb 4-1: selecting invalid altsetting 0
[  441.145232][ T6251] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  441.159328][ T6251] usb 4-1: No valid video chain found.
[  441.191430][ T6251] usb 4-1: selecting invalid altsetting 0
[  441.203674][ T6251] usbtest: probe of 4-1:220.1 failed with error -22
[  441.223679][ T6251] usb 4-1: USB disconnect, device number 7
[  441.298388][ T8390] device syzkaller0 entered promiscuous mode
[  441.417087][ T8392] device gtp0 entered promiscuous mode
[  441.932723][ T8399] loop1: detected capacity change from 0 to 40427
[  441.992505][ T8399] F2FS-fs (loop1): Found nat_bits in checkpoint
[  442.051749][ T8399] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  442.706407][ T8415] syz.1.1134: attempt to access beyond end of device
[  442.706407][ T8415] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  442.787679][   T27] audit: type=1800 audit(1753544463.466:430): pid=8415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1134" name="file2" dev="loop1" ino=14 res=0 errno=0
[  443.354291][ T4273] syz-executor: attempt to access beyond end of device
[  443.354291][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  443.387822][ T8419] loop0: detected capacity change from 0 to 512
[  444.390915][ T4285] Bluetooth: hci0: command 0x0401 tx timeout
[  444.855807][ T6711] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  444.968763][ T8433] device syzkaller0 entered promiscuous mode
[  445.042793][ T6711] usb 5-1: config 0 interface 0 altsetting 185 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.063125][ T6711] usb 5-1: config 0 interface 0 has no altsetting 0
[  445.069836][ T6711] usb 5-1: New USB device found, idVendor=05ac, idProduct=027a, bcdDevice= 0.00
[  445.099619][ T6711] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.118905][ T6711] usb 5-1: config 0 descriptor??
[  445.368293][ T6711] usbhid 5-1:0.0: can't add hid device: -71
[  445.378229][ T6711] usbhid: probe of 5-1:0.0 failed with error -71
[  445.423921][ T6711] usb 5-1: USB disconnect, device number 4
[  445.512356][ T8446] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.520015][ T8446] device syzkaller0 entered promiscuous mode
[  445.553885][ T8446] tipc: Resetting bearer <eth:syzkaller0>
[  445.565255][ T8445] tipc: Resetting bearer <eth:syzkaller0>
[  445.594732][   T22] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  445.610478][ T8445] tipc: Disabling bearer <eth:syzkaller0>
[  445.782627][   T22] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  445.800828][   T22] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  445.844505][   T22] usb 1-1: config 220 has no interface number 2
[  445.861669][   T22] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  445.894707][   T22] usb 1-1: config 220 interface 0 has no altsetting 0
[  445.901972][   T22] usb 1-1: config 220 interface 76 has no altsetting 0
[  445.905172][ T8453] tmpfs: Unknown parameter 'grpquota'
[  445.909107][   T22] usb 1-1: config 220 interface 1 has no altsetting 0
[  445.928146][ T8452] loop1: detected capacity change from 0 to 512
[  445.946641][   T22] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  445.979215][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.126075][   T22] usb 1-1: Product: syz
[  446.130939][   T22] usb 1-1: Manufacturer: syz
[  446.135583][   T22] usb 1-1: SerialNumber: syz
[  447.662010][   T22] usb 1-1: selecting invalid altsetting 0
[  447.668820][   T22] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  447.675778][   T22] usb 1-1: No valid video chain found.
[  447.854644][   T22] usb 1-1: selecting invalid altsetting 0
[  447.861028][   T22] usbtest: probe of 1-1:220.1 failed with error -22
[  447.869627][   T22] usb 1-1: USB disconnect, device number 5
[  449.710994][ T8475] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1159'.
[  449.811310][ T8475] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1159'.
[  451.310868][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  451.651339][ T8502] device gtp0 entered promiscuous mode
[  452.420764][    T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  452.652559][    T7] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  452.680863][    T7] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  452.726570][    T7] usb 2-1: config 220 has no interface number 2
[  452.800497][    T7] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  452.870740][    T7] usb 2-1: config 220 interface 0 has no altsetting 0
[  452.903632][    T7] usb 2-1: config 220 interface 76 has no altsetting 0
[  452.935934][    T7] usb 2-1: config 220 interface 1 has no altsetting 0
[  452.959381][ T8510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1172'.
[  452.977888][    T7] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  453.018870][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.055842][    T7] usb 2-1: Product: syz
[  453.070351][    T7] usb 2-1: Manufacturer: syz
[  453.088324][    T7] usb 2-1: SerialNumber: syz
[  453.309714][ T8514] loop0: detected capacity change from 0 to 40427
[  453.373480][ T8514] F2FS-fs (loop0): Found nat_bits in checkpoint
[  453.422498][ T8514] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  453.776239][ T8531] syz.0.1174: attempt to access beyond end of device
[  453.776239][ T8531] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  454.240753][   T27] audit: type=1800 audit(1753544474.496:431): pid=8531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1174" name="file2" dev="loop0" ino=14 res=0 errno=0
[  454.263717][ T4280] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  454.426697][ T4265] syz-executor: attempt to access beyond end of device
[  454.426697][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  454.662903][ T8535] tmpfs: Unknown parameter 'grpquota'
[  454.777790][ T8537] device gtp0 entered promiscuous mode
[  454.978283][    T7] usb 2-1: selecting invalid altsetting 0
[  455.022699][    T7] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  455.057887][    T7] usb 2-1: No valid video chain found.
[  455.102854][    T7] usb 2-1: selecting invalid altsetting 0
[  455.109282][    T7] usbtest: probe of 2-1:220.1 failed with error -22
[  455.140603][    T7] usb 2-1: USB disconnect, device number 5
[  456.893874][ T8551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1183'.
[  456.913183][ T8551] device bridge_slave_1 left promiscuous mode
[  456.938138][ T8551] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.121868][ T8551] device bridge_slave_0 left promiscuous mode
[  457.156867][ T8551] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.237797][ T8565] loop3: detected capacity change from 0 to 40427
[  458.322543][ T8565] F2FS-fs (loop3): Found nat_bits in checkpoint
[  458.406118][ T8565] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  458.445699][ T8574] device gtp0 entered promiscuous mode
[  458.712029][ T8579] syz.3.1190: attempt to access beyond end of device
[  458.712029][ T8579] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  458.740642][   T27] audit: type=1800 audit(1753544479.426:432): pid=8579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1190" name="file2" dev="loop3" ino=14 res=0 errno=0
[  459.162386][ T4272] syz-executor: attempt to access beyond end of device
[  459.162386][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  460.530053][ T4285] Bluetooth: hci5: command 0x1003 tx timeout
[  460.531425][ T4280] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  460.541120][ T6251] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  460.805086][ T6251] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  460.823807][ T6251] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  460.865048][ T6251] usb 3-1: config 220 has no interface number 2
[  460.889384][ T6251] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  460.933390][ T6251] usb 3-1: config 220 interface 0 has no altsetting 0
[  460.942147][ T6251] usb 3-1: config 220 interface 76 has no altsetting 0
[  460.962040][ T6251] usb 3-1: config 220 interface 1 has no altsetting 0
[  461.065947][ T6251] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  461.160785][ T6189] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  461.854050][ T6251] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.889965][ T6251] usb 3-1: Product: syz
[  461.928436][ T6251] usb 3-1: Manufacturer: syz
[  462.004383][ T6251] usb 3-1: SerialNumber: syz
[  462.026031][ T6189] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  462.035257][ T6189] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.050782][ T6189] usb 4-1: Product: syz
[  462.055254][ T6189] usb 4-1: Manufacturer: syz
[  462.062147][ T6189] usb 4-1: SerialNumber: syz
[  462.098098][ T6189] usb 4-1: config 0 descriptor??
[  462.112877][ T6189] ch341 4-1:0.0: ch341-uart converter detected
[  462.301380][ T6251] usb 3-1: selecting invalid altsetting 0
[  462.321587][ T6251] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  462.328012][ T6251] usb 3-1: No valid video chain found.
[  462.576747][ T6251] usb 3-1: selecting invalid altsetting 0
[  462.605333][ T6251] usbtest: probe of 3-1:220.1 failed with error -22
[  462.616399][ T8612] device gtp0 entered promiscuous mode
[  462.640472][ T6251] usb 3-1: USB disconnect, device number 6
[  463.072222][ T4267] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  463.396579][ T4327] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  463.407177][ T4267] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  463.420823][ T4267] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  463.432372][ T4267] usb 5-1: config 220 has no interface number 2
[  463.439116][ T6189] usb 4-1: ch341-uart converter now attached to ttyUSB0
[  463.446863][ T4267] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  463.598427][ T4267] usb 5-1: config 220 interface 0 has no altsetting 0
[  463.622210][ T4327] usb 3-1: Using ep0 maxpacket: 16
[  464.191005][ T4267] usb 5-1: config 220 interface 76 has no altsetting 0
[  464.198222][ T4267] usb 5-1: config 220 interface 1 has no altsetting 0
[  464.209077][ T4327] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  464.215202][ T6251] usb 4-1: USB disconnect, device number 8
[  464.231371][ T4267] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  464.249124][ T4267] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.258265][ T4267] usb 5-1: Product: syz
[  464.259956][ T4327] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  464.283419][ T6251] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  464.290804][ T4267] usb 5-1: Manufacturer: syz
[  464.304825][ T6251] ch341 4-1:0.0: device disconnected
[  464.306053][ T4267] usb 5-1: SerialNumber: syz
[  464.316344][ T4327] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.326064][ T4327] usb 3-1: Product: syz
[  464.335217][ T4327] usb 3-1: Manufacturer: syz
[  464.341662][ T4327] usb 3-1: SerialNumber: syz
[  464.350192][ T4327] usb 3-1: config 0 descriptor??
[  464.366329][ T4327] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  464.376909][ T4327] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  464.585767][ T4267] usb 5-1: selecting invalid altsetting 0
[  464.965364][ T4327] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  465.421870][ T4267] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  465.428288][ T4267] usb 5-1: No valid video chain found.
[  465.447950][ T4267] usb 5-1: selecting invalid altsetting 0
[  465.454106][ T4267] usbtest: probe of 5-1:220.1 failed with error -22
[  465.472713][ T4267] usb 5-1: USB disconnect, device number 5
[  465.680263][ T4327] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  465.699479][ T4327] em28xx 3-1:0.0: board has no eeprom
[  465.860783][ T4327] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  465.880877][ T4327] em28xx 3-1:0.0: dvb set to bulk mode.
[  465.889178][ T4267] em28xx 3-1:0.0: Binding DVB extension
[  465.927500][ T4327] usb 3-1: USB disconnect, device number 7
[  465.948296][ T4327] em28xx 3-1:0.0: Disconnecting em28xx
[  465.980858][   T26] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  466.217436][   T26] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  466.877702][   T26] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  466.888846][   T26] usb 4-1: config 220 has no interface number 2
[  466.899345][ T4267] em28xx 3-1:0.0: Registering input extension
[  466.906953][ T4327] em28xx 3-1:0.0: Closing input extension
[  466.914640][   T26] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  466.935144][   T26] usb 4-1: config 220 interface 0 has no altsetting 0
[  467.315782][   T26] usb 4-1: config 220 interface 76 has no altsetting 0
[  467.522116][ T4327] em28xx 3-1:0.0: Freeing device
[  467.534511][   T26] usb 4-1: config 220 interface 1 has no altsetting 0
[  467.596211][   T26] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  467.633422][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.669726][ T8668] device syzkaller0 entered promiscuous mode
[  467.692206][   T26] usb 4-1: Product: syz
[  467.696446][   T26] usb 4-1: Manufacturer: syz
[  467.714337][   T26] usb 4-1: SerialNumber: syz
[  468.838884][   T26] usb 4-1: selecting invalid altsetting 0
[  468.875616][   T26] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  468.923114][   T26] usb 4-1: No valid video chain found.
[  469.454719][   T26] usb 4-1: selecting invalid altsetting 0
[  469.460752][   T26] usbtest: probe of 4-1:220.1 failed with error -22
[  469.473146][   T26] usb 4-1: USB disconnect, device number 9
[  469.738673][ T8687] device syzkaller0 entered promiscuous mode
[  471.680530][ T8709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1240'.
[  477.122844][ T8748] device syzkaller0 entered promiscuous mode
[  478.375678][ T8773] device syzkaller0 entered promiscuous mode
[  479.723582][ T8786] netlink: 8210 bytes leftover after parsing attributes in process `syz.4.1265'.
[  482.087725][ T8789] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1266'.
[  484.836224][ T8819] fuse: Unknown parameter '0x0000000000000003'
[  486.264951][ T8826] lo speed is unknown, defaulting to 1000
[  487.417060][ T4703] Bluetooth: hci5: Frame reassembly failed (-90)
[  488.364785][ T8844] device syzkaller0 entered promiscuous mode
[  488.403415][ T8846] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  488.432752][ T8846] device syzkaller0 entered promiscuous mode
[  488.680278][ T8846] tipc: Resetting bearer <eth:syzkaller0>
[  488.725730][ T8845] tipc: Resetting bearer <eth:syzkaller0>
[  489.310879][ T4285] Bluetooth: hci5: command 0x1003 tx timeout
[  489.318472][ T4280] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  489.674833][ T8845] tipc: Disabling bearer <eth:syzkaller0>
[  490.320018][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  490.406518][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  491.118027][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  491.161737][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  491.225009][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  491.260475][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  491.337439][ T8854] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  492.815439][ T8858] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  492.907223][ T8858] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  492.965265][ T8858] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  493.070721][ T8879] Cannot find add_set index 0 as target
[  493.361042][   T26] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  493.679070][   T26] usb 3-1: Using ep0 maxpacket: 8
[  493.686245][   T26] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  493.696554][   T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  493.706010][   T26] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[  493.716788][   T26] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  493.730745][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.023199][   T26] hub 3-1:1.0: bad descriptor, ignoring hub
[  494.029263][   T26] hub: probe of 3-1:1.0 failed with error -5
[  494.122998][   T26] cdc_wdm 3-1:1.0: skipping garbage
[  494.150322][   T26] cdc_wdm 3-1:1.0: skipping garbage
[  494.179808][   T26] cdc_wdm: probe of 3-1:1.0 failed with error -22
[  494.365282][   T26] usb 3-1: USB disconnect, device number 8
[  496.168598][ T8912] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1301'.
[  496.181218][ T4312] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  496.294613][ T8918] tmpfs: Unknown parameter 'grpquota'
[  497.090765][ T4312] usb 5-1: Using ep0 maxpacket: 8
[  497.157513][ T4312] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  497.400629][ T4312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.546450][ T4312] usb 5-1: Product: syz
[  497.585519][ T4312] usb 5-1: Manufacturer: syz
[  497.590203][ T4312] usb 5-1: SerialNumber: syz
[  497.597263][ T8922] device syzkaller0 entered promiscuous mode
[  497.616258][ T4312] usb 5-1: config 0 descriptor??
[  497.760881][ T6251] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  497.844056][ T4312] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  497.940888][ T6251] usb 2-1: Using ep0 maxpacket: 32
[  497.952696][ T6251] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  497.973903][ T6251] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  497.983105][ T6251] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  497.992801][ T6251] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  498.003127][ T6251] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  498.013797][ T6251] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  498.027919][ T6251] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  498.050803][ T6251] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.084632][ T6251] usb 2-1: config 0 descriptor??
[  498.485783][ T6251] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  499.023906][ T6251] usb 2-1: USB disconnect, device number 6
[  499.118836][ T6251] usblp0: removed
[  499.379609][ T4312] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  499.570230][ T4312] usb 5-1: USB disconnect, device number 6
[  499.621423][ T6251] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  499.799987][ T8945] device syzkaller0 entered promiscuous mode
[  500.988443][ T8947] process 'syz.2.1312' launched './file0' with NULL argv: empty string added
[  501.473228][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.479715][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  501.865338][ T8962] tmpfs: Unknown parameter 'grpquota'
[  502.814250][ T8969] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1319'.
[  503.384900][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.397373][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.409311][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.423003][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.442726][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.454273][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.467863][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.479917][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.492986][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  503.504824][ T8980] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  504.707515][ T8996] binder: Binderfs stats mode cannot be changed during a remount
[  505.136425][ T9005] device ip6erspan0 entered promiscuous mode
[  508.533512][ T9035] device syzkaller0 entered promiscuous mode
[  508.974413][ T9038] loop2: detected capacity change from 0 to 40427
[  509.362420][ T9038] F2FS-fs (loop2): Found nat_bits in checkpoint
[  509.459276][ T9038] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  509.909828][ T9056] syz.2.1337: attempt to access beyond end of device
[  509.909828][ T9056] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  510.050906][   T27] audit: type=1800 audit(1753544530.656:433): pid=9056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1337" name="file2" dev="loop2" ino=14 res=0 errno=0
[  510.398049][ T4271] syz-executor: attempt to access beyond end of device
[  510.398049][ T4271] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  510.405390][ T9063] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  510.422524][ T9063] device syzkaller0 entered promiscuous mode
[  515.571550][ T9091] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1349'.
[  515.891206][ T9099] tmpfs: Unknown parameter 'grpquota'
[  515.945567][ T9100] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1349'.
[  518.062486][ T9165] device syzkaller0 entered promiscuous mode
[  520.364256][ T9182] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  520.532569][ T9184] device syzkaller0 entered promiscuous mode
[  522.918340][ T9205] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1362'.
[  524.282296][ T9215] device syzkaller0 entered promiscuous mode
[  524.550798][ T4342] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  524.740780][ T4342] usb 2-1: Using ep0 maxpacket: 16
[  524.750439][ T4342] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  524.765455][ T4342] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.774070][ T4342] usb 2-1: Product: syz
[  524.778360][ T4342] usb 2-1: Manufacturer: syz
[  524.790501][ T4342] usb 2-1: SerialNumber: syz
[  524.828670][ T4342] usb 2-1: config 0 descriptor??
[  524.840371][ T4342] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  524.858117][ T4342] usb 2-1: Detected FT232H
[  524.940803][   T14] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  525.749752][ T4342] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  525.820751][   T14] usb 5-1: Using ep0 maxpacket: 32
[  525.828433][   T14] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  525.848854][   T14] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  525.888299][   T14] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  525.906601][   T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  525.923490][   T14] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  525.935458][   T14] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  525.950537][   T14] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  525.964548][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.988698][   T14] usb 5-1: config 0 descriptor??
[  526.212602][   T14] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  526.226622][ T4342] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  526.270991][   T14] usb 5-1: USB disconnect, device number 7
[  526.314446][   T14] usblp0: removed
[  526.361576][ T9232] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  526.372191][ T9232] device syzkaller0 entered promiscuous mode
[  526.386548][ T6189] usb 2-1: USB disconnect, device number 8
[  526.458866][ T6189] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  526.478952][ T6189] ftdi_sio 2-1:0.0: device disconnected
[  526.616175][ T9234] netlink: 568 bytes leftover after parsing attributes in process `syz.0.1374'.
[  526.880018][ T9239] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  526.887245][   T14] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  527.028242][ T9240] device syzkaller0 entered promiscuous mode
[  527.212765][   T14] usb 5-1: Using ep0 maxpacket: 32
[  527.254130][   T14] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  527.261444][ T9239] tipc: Resetting bearer <eth:syzkaller0>
[  527.280739][   T14] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  527.290854][   T14] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  527.317771][   T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  527.331536][   T14] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  527.342809][   T14] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  527.361296][   T14] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  527.371702][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.872268][   T14] usb 5-1: config 0 descriptor??
[  527.892504][   T14] usb 5-1: can't set config #0, error -71
[  527.898482][ T9236] tipc: Resetting bearer <eth:syzkaller0>
[  527.927186][   T14] usb 5-1: USB disconnect, device number 8
[  528.013977][ T9236] tipc: Disabling bearer <eth:syzkaller0>
[  528.090935][ T9246] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1377'.
[  529.516620][ T9260] loop1: detected capacity change from 0 to 40427
[  529.840895][   T14] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  529.913416][ T9260] F2FS-fs (loop1): Found nat_bits in checkpoint
[  530.084574][ T9260] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  530.173086][   T14] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  530.303812][ T5370] block nbd3: shutting down sockets
[  530.312306][   T14] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  530.407232][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.420540][ T9270] syz.1.1381: attempt to access beyond end of device
[  530.420540][ T9270] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  530.469357][   T14] usb 1-1: config 0 descriptor??
[  530.492022][   T14] pwc: Askey VC010 type 2 USB webcam detected.
[  530.566744][   T27] audit: type=1800 audit(1753544551.256:434): pid=9270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1381" name="file2" dev="loop1" ino=14 res=0 errno=0
[  530.892362][ T9275] autofs4:pid:9275:autofs_fill_super: called with bogus options
[  531.851969][ T4273] syz-executor: attempt to access beyond end of device
[  531.851969][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  532.235696][ T9278] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  532.248295][ T9278] device syzkaller0 entered promiscuous mode
[  533.135100][   T14] pwc: recv_control_msg error -71 req 02 val 2b00
[  533.193251][   T14] pwc: recv_control_msg error -71 req 02 val 2700
[  533.200181][   T14] pwc: recv_control_msg error -71 req 02 val 2c00
[  533.220871][   T14] pwc: recv_control_msg error -71 req 04 val 1000
[  533.229727][   T14] pwc: recv_control_msg error -71 req 04 val 1300
[  533.332760][   T14] pwc: recv_control_msg error -71 req 04 val 1400
[  533.340107][   T14] pwc: recv_control_msg error -71 req 02 val 2000
[  533.371642][   T14] pwc: recv_control_msg error -71 req 02 val 2100
[  533.410961][   T14] pwc: recv_control_msg error -71 req 04 val 1500
[  533.423639][   T14] pwc: recv_control_msg error -71 req 02 val 2500
[  533.446875][   T14] pwc: recv_control_msg error -71 req 02 val 2400
[  533.491045][   T14] pwc: recv_control_msg error -71 req 02 val 2600
[  533.499089][   T14] pwc: recv_control_msg error -71 req 02 val 2900
[  533.512272][   T14] pwc: recv_control_msg error -71 req 02 val 2800
[  533.534094][   T14] pwc: recv_control_msg error -71 req 04 val 1100
[  533.549519][   T14] pwc: recv_control_msg error -71 req 04 val 1200
[  533.687368][   T14] pwc: Registered as video103.
[  533.725185][   T14] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input11
[  534.016861][ T9302] sd 0:0:1:0: PR command failed: 1026
[  534.022554][ T9302] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  534.029400][ T9302] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  534.970070][   T14] usb 1-1: USB disconnect, device number 6
[  535.752616][ T9319] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  535.761808][ T9319] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  537.604441][ T9333] hfs: can't find a HFS filesystem on dev nullb0
[  539.237803][ T9364] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  539.463003][ T9363] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  539.472369][ T9363] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  539.481411][ T9363] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  539.490172][ T9363] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  540.783115][ T9357] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  540.792842][ T9357] F2FS-fs (loop0): Unable to read 1th superblock
[  540.799348][ T9357] I/O error, dev loop0, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  540.808633][ T9357] F2FS-fs (loop0): Unable to read 2th superblock
[  541.137804][ T9375] loop3: detected capacity change from 0 to 40427
[  541.193354][ T9375] F2FS-fs (loop3): Found nat_bits in checkpoint
[  541.240770][ T9375] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  541.524282][ T4285] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  541.603982][ T9388] syz.3.1409: attempt to access beyond end of device
[  541.603982][ T9388] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  541.667699][   T27] audit: type=1800 audit(1753544562.346:435): pid=9388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1409" name="file2" dev="loop3" ino=14 res=0 errno=0
[  541.695668][ T4285] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  541.706386][ T4285] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  541.719607][ T4285] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  541.731894][ T4285] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  541.741754][ T4285] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  542.134027][ T4272] syz-executor: attempt to access beyond end of device
[  542.134027][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  542.250444][ T9384] lo speed is unknown, defaulting to 1000
[  542.380761][ T6711] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  542.511577][ T9153] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.570817][ T6711] usb 1-1: Using ep0 maxpacket: 8
[  542.581171][ T6711] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  542.621122][ T6711] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0
[  542.739309][ T6711] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  543.233696][ T6711] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  543.774105][ T6711] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.804928][ T6711] usb 1-1: Product: syz
[  543.818325][ T6711] usb 1-1: Manufacturer: syz
[  543.831042][ T6711] usb 1-1: SerialNumber: syz
[  543.872190][ T4285] Bluetooth: hci3: command 0x0409 tx timeout
[  543.911978][ T9382] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  543.961958][ T9153] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  544.130585][ T6711] usblp 1-1:1.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  544.140241][ T9153] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  544.543828][ T6711] usb 1-1: USB disconnect, device number 7
[  544.597219][ T6711] usblp0: removed
[  544.708198][ T9384] chnl_net:caif_netlink_parms(): no params data found
[  544.969813][ T9153] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  545.786341][ T9420] xt_TPROXY: Can be used only with -p tcp or -p udp
[  545.950861][ T4285] Bluetooth: hci3: command 0x041b tx timeout
[  546.040234][ T9436] loop0: detected capacity change from 0 to 512
[  546.159897][ T4286] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  546.188572][ T9384] bridge0: port 1(bridge_slave_0) entered blocking state
[  546.213378][ T9384] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.256107][ T9440] input: syz0 as /devices/virtual/input/input12
[  546.264706][ T9384] device bridge_slave_0 entered promiscuous mode
[  546.402640][ T9384] bridge0: port 2(bridge_slave_1) entered blocking state
[  546.410090][ T9384] bridge0: port 2(bridge_slave_1) entered disabled state
[  546.975499][ T9384] device bridge_slave_1 entered promiscuous mode
[  547.505718][ T9384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  547.572350][ T9465] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1424'.
[  548.339905][ T4285] Bluetooth: hci3: command 0x040f tx timeout
[  548.416459][ T9384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.481624][ T9452] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1423'.
[  548.550212][ T9450] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1423'.
[  548.582692][ T9153] tipc: Left network mode
[  548.653100][ T9470] loop6: detected capacity change from 0 to 524287999
[  549.089283][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 95 prio class 2
[  549.129424][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  549.138806][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  549.157096][    C0] I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  549.168553][    C0] I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  549.178516][    C0] Buffer I/O error on dev loop6, logical block 65535968, async page read
[  549.252994][ T9384] team0: Port device team_slave_0 added
[  549.638124][ T9384] team0: Port device team_slave_1 added
[  549.971556][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.979276][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.007423][ T9384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.351073][ T4285] Bluetooth: hci3: command 0x0419 tx timeout
[  550.894198][ T9481] program syz.3.1429 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  550.995677][ T9481] program syz.3.1429 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  551.007979][ T9481] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  551.905625][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.924549][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  552.002380][ T9384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  552.042533][ T4285] Bluetooth: hci4: Malformed HCI Event
[  552.386975][ T9384] device hsr_slave_0 entered promiscuous mode
[  552.954923][ T9384] device hsr_slave_1 entered promiscuous mode
[  552.999377][ T9384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  553.020294][ T9384] Cannot create hsr debugfs directory
[  553.404761][ T9505] I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  553.414766][ T9505] qnx4: unable to read the superblock
[  554.066394][ T9514] tmpfs: Unknown parameter 'grpquota'
[  557.771912][ T9384] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  557.867687][ T9384] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  559.014165][ T9560] CIFS: iocharset name too long
[  559.020697][ T4285] Bluetooth: hci0: command 0x0c20 tx timeout
[  559.053121][ T9384] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  559.654538][ T9153] device hsr_slave_0 left promiscuous mode
[  559.747067][ T9153] device hsr_slave_1 left promiscuous mode
[  559.768259][ T9153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  559.786447][ T9153] batman_adv: batadv0: Removing interface: batadv_slave_0
[  559.836421][ T9153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  559.866227][ T9153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  559.987610][ T9153] device veth1_macvtap left promiscuous mode
[  560.004825][ T9153] device veth0_macvtap left promiscuous mode
[  560.024907][ T9153] device veth1_vlan left promiscuous mode
[  560.041303][ T9153] device veth0_vlan left promiscuous mode
[  561.581987][ T9592] tmpfs: Unknown parameter 'grpquota'
[  562.214676][ T9153] team0 (unregistering): Port device team_slave_1 removed
[  562.794978][ T9153] team0 (unregistering): Port device team_slave_0 removed
[  562.924303][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  562.930741][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  563.002292][ T9153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  563.056361][ T9153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  563.552126][ T9153] bond0 (unregistering): Released all slaves
[  563.586564][ T9384] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  564.246716][ T9620] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1460'.
[  564.591960][ T9384] 8021q: adding VLAN 0 to HW filter on device bond0
[  565.097072][ T9384] 8021q: adding VLAN 0 to HW filter on device team0
[  565.161309][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  565.169401][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  565.765551][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  565.796283][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  565.806191][ T4537] bridge0: port 1(bridge_slave_0) entered blocking state
[  565.813409][ T4537] bridge0: port 1(bridge_slave_0) entered forwarding state
[  565.838800][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  565.849470][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  565.858853][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  565.875224][ T4537] bridge0: port 2(bridge_slave_1) entered blocking state
[  565.882450][ T4537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  565.911357][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  565.933360][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  565.987620][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  566.017039][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  566.482387][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  566.631641][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  566.711212][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  567.280548][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  567.432187][ T9384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  567.544859][ T9384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  567.662128][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  567.781538][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  567.871372][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  571.301505][ T5798] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  571.309097][ T5798] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  571.359334][ T9384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  572.002648][ T9712] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  572.011641][ T9712] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  572.020417][ T9712] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  572.029463][ T9712] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  573.106830][ T9726] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  573.114256][ T9726] device syzkaller0 entered promiscuous mode
[  573.181265][ T9727] netlink: 420 bytes leftover after parsing attributes in process `syz.1.1473'.
[  573.238113][ T9725] tipc: Resetting bearer <eth:syzkaller0>
[  573.332093][ T9725] tipc: Disabling bearer <eth:syzkaller0>
[  574.670928][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  574.691676][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  574.797670][ T9384] device veth0_vlan entered promiscuous mode
[  574.878270][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  574.908654][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  574.972552][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  575.041753][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  575.075500][ T9384] device veth1_vlan entered promiscuous mode
[  575.245425][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  575.260588][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  575.311586][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  575.321062][ T4327] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  575.361662][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  575.396332][ T9384] device veth0_macvtap entered promiscuous mode
[  575.419438][ T9384] device veth1_macvtap entered promiscuous mode
[  575.467684][ T9774] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  575.515651][ T4327] usb 1-1: Using ep0 maxpacket: 8
[  575.523029][ T4327] usb 1-1: config index 0 descriptor too short (expected 5924, got 36)
[  575.530160][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.560773][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.572554][ T4327] usb 1-1: config 250 has an invalid interface number: 228 but max is -1
[  575.589671][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.606572][ T4327] usb 1-1: config 250 has 1 interface, different from the descriptor's value: 0
[  575.606588][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.625819][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.646621][ T4327] usb 1-1: config 250 has no interface number 0
[  575.657788][ T4327] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  575.669826][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.676773][ T4327] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  575.706861][ T4327] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  575.717560][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.724027][ T4327] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  575.745359][ T4327] usb 1-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  575.746032][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.788479][ T4327] usb 1-1: config 250 interface 228 has no altsetting 0
[  575.804795][ T4327] usb 1-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  575.814311][ T4327] usb 1-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  575.823692][ T4327] usb 1-1: Product: syz
[  575.828208][ T4327] usb 1-1: SerialNumber: syz
[  575.854866][ T4327] hub 1-1:250.228: bad descriptor, ignoring hub
[  575.859338][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.886767][ T9776] device syzkaller0 entered promiscuous mode
[  575.919333][ T4327] hub: probe of 1-1:250.228 failed with error -5
[  575.938522][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  575.952522][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  575.971517][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  576.001962][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  576.022628][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.061390][ T4327] usblp 1-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  576.071985][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.082715][ T9784] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  576.082788][ T9784] qnx4: unable to read the superblock
[  576.150971][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.164866][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.180126][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.192351][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.218371][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.229158][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.256653][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  576.278833][ T9773] tipc: Resetting bearer <eth:syzkaller0>
[  576.344441][ T9773] tipc: Disabling bearer <eth:syzkaller0>
[  576.358812][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  576.370576][ T9135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  576.413034][ T9384] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  576.423986][ T4327] usb 1-1: USB disconnect, device number 8
[  576.441600][ T9384] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  576.450375][ T9384] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  576.452647][ T4327] usblp0: removed
[  576.540939][ T9384] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.688709][ T9801] I/O error, dev loop4, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  577.328187][ T4722] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.370405][ T4722] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.503035][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  577.547993][ T4435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.611183][ T4435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.671676][ T5236] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  579.614239][ T9838] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  579.631235][ T9838] device syzkaller0 entered promiscuous mode
[  579.709692][    T7] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  580.253683][ T9837] tipc: Resetting bearer <eth:syzkaller0>
[  580.382632][    T7] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  580.477439][    T7] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  580.674775][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.714288][    T7] usb 4-1: config 0 descriptor??
[  581.518131][    T7] pwc: Askey VC010 type 2 USB webcam detected.
[  581.702808][ T9837] tipc: Disabling bearer <eth:syzkaller0>
[  583.921237][    T7] pwc: send_video_command error -71
[  583.926624][    T7] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  584.011282][    T7] Philips webcam: probe of 4-1:0.0 failed with error -71
[  584.054821][    T7] usb 4-1: USB disconnect, device number 10
[  584.347155][ T9894] loop3: detected capacity change from 0 to 40427
[  584.795157][ T9894] F2FS-fs (loop3): Found nat_bits in checkpoint
[  584.899266][ T9894] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  585.219590][ T9909] syz.3.1523: attempt to access beyond end of device
[  585.219590][ T9909] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  585.318478][ T9911] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  585.326895][ T9911] device syzkaller0 entered promiscuous mode
[  585.351280][ T9911] tipc: Resetting bearer <eth:syzkaller0>
[  585.367093][   T27] audit: type=1800 audit(1753544606.056:436): pid=9909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1523" name="file2" dev="loop3" ino=14 res=0 errno=0
[  585.403047][ T9910] tipc: Resetting bearer <eth:syzkaller0>
[  585.441632][ T9910] tipc: Disabling bearer <eth:syzkaller0>
[  585.460711][   T26] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  585.670753][   T26] usb 1-1: Using ep0 maxpacket: 8
[  585.678640][   T26] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  585.766426][   T26] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  585.815262][ T9925] netlink: 'syz.4.1529': attribute type 6 has an invalid length.
[  585.832609][ T9917] ceph: No mds server is up or the cluster is laggy
[  585.854019][   T26] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  585.904892][   T26] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  585.989780][   T26] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  586.040924][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.653406][   T26] usb 1-1: GET_CAPABILITIES returned 0
[  586.659200][   T26] usbtmc 1-1:16.0: can't read capabilities
[  586.887699][   T26] usb 1-1: USB disconnect, device number 9
[  588.641032][ T4327] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  588.855478][ T4327] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  588.867012][ T4327] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  588.876946][ T4327] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.913395][ T4327] usb 2-1: config 0 descriptor??
[  588.941811][ T4327] pwc: Askey VC010 type 2 USB webcam detected.
[  589.477424][ T4272] syz-executor: attempt to access beyond end of device
[  589.477424][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  590.612964][ T4327] pwc: send_video_command error -71
[  590.618741][ T4327] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  590.627472][ T4327] Philips webcam: probe of 2-1:0.0 failed with error -71
[  590.638474][ T4327] usb 2-1: USB disconnect, device number 9
[  590.737793][ T9977] tipc: Enabled bearer <eth:macsec0>, priority 27
[  590.758251][ T9977] lo speed is unknown, defaulting to 1000
[  591.530647][ T9979] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1545'.
[  592.670759][   T22] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  592.890798][   T22] usb 5-1: Using ep0 maxpacket: 16
[  592.899941][   T22] usb 5-1: config 6 has an invalid interface number: 28 but max is 3
[  592.955213][   T22] usb 5-1: config 6 has an invalid interface number: 4 but max is 3
[  592.990758][   T22] usb 5-1: config 6 has an invalid interface number: 86 but max is 3
[  593.000895][   T22] usb 5-1: config 6 has an invalid interface number: 191 but max is 3
[  593.009218][   T22] usb 5-1: config 6 has no interface number 0
[  593.023534][   T22] usb 5-1: config 6 has no interface number 1
[  593.030420][   T22] usb 5-1: config 6 has no interface number 2
[  593.038367][   T22] usb 5-1: config 6 has no interface number 3
[  593.048203][   T22] usb 5-1: config 6 interface 28 altsetting 0 endpoint 0x2 has invalid maxpacket 1576, setting to 64
[  593.061155][   T22] usb 5-1: config 6 interface 4 altsetting 5 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  593.106098][   T22] usb 5-1: config 6 interface 86 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  593.137527][   T22] usb 5-1: config 6 interface 86 altsetting 9 has an invalid endpoint with address 0x80, skipping
[  593.177867][   T22] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xD has an invalid bInterval 255, changing to 7
[  593.219480][ T9996] 9pnet_fd: Insufficient options for proto=fd
[  593.230706][   T22] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xD has invalid wMaxPacketSize 0
[  593.308326][   T22] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xE has invalid wMaxPacketSize 0
[  593.354301][   T22] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  593.385858][   T22] usb 5-1: config 6 interface 86 altsetting 9 has an invalid endpoint with address 0x0, skipping
[  593.495755][   T22] usb 5-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  593.542038][   T22] usb 5-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[  593.574367][   T22] usb 5-1: config 6 interface 4 has no altsetting 0
[  593.689525][   T22] usb 5-1: config 6 interface 86 has no altsetting 0
[  593.850105][   T22] usb 5-1: config 6 interface 191 has no altsetting 0
[  594.011783][   T22] usb 5-1: New USB device found, idVendor=9022, idProduct=d630, bcdDevice=97.a9
[  594.021042][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.029814][   T22] usb 5-1: Product: syz
[  594.090810][   T22] usb 5-1: Manufacturer: syz
[  594.096035][   T22] usb 5-1: SerialNumber: syz
[  594.335446][   T22] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  594.597408][T10015] loop0: detected capacity change from 0 to 40427
[  594.682497][   T22] usb 5-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  594.701030][T10015] F2FS-fs (loop0): Found nat_bits in checkpoint
[  594.707448][   T22] usb 5-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  594.767578][T10015] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  596.376132][T10026] syz.0.1552: attempt to access beyond end of device
[  596.376132][T10026] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  596.513179][   T27] audit: type=1800 audit(1753544617.206:437): pid=10026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1552" name="file2" dev="loop0" ino=14 res=0 errno=0
[  597.231606][T10058] tmpfs: Unknown parameter 'grpquota'
[  598.252636][T10060] loop3: detected capacity change from 0 to 40427
[  598.345671][T10060] F2FS-fs (loop3): Found nat_bits in checkpoint
[  598.426936][T10060] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  598.754308][T10075] syz.3.1561: attempt to access beyond end of device
[  598.754308][T10075] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  599.204107][   T27] audit: type=1800 audit(1753544619.466:438): pid=10075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1561" name="file2" dev="loop3" ino=14 res=0 errno=0
[  599.291316][ T4272] syz-executor: attempt to access beyond end of device
[  599.291316][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  599.919169][T10083] netlink: 8210 bytes leftover after parsing attributes in process `syz.1.1566'.
[  599.968031][T10085] netlink: 8210 bytes leftover after parsing attributes in process `syz.1.1566'.
[  600.257509][T10091] x_tables: ip_tables: osf match: only valid for protocol 6
[  600.266729][T10091] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  601.131574][ T4265] syz-executor: attempt to access beyond end of device
[  601.131574][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  603.642214][T10113] tmpfs: Unknown parameter 'grpquota'
[  605.278511][T10125] loop3: detected capacity change from 0 to 40427
[  605.457111][T10125] F2FS-fs (loop3): Found nat_bits in checkpoint
[  605.516224][T10125] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  605.915710][T10135] syz.3.1575: attempt to access beyond end of device
[  605.915710][T10135] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  606.069103][   T27] audit: type=1800 audit(1753544626.736:439): pid=10135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1575" name="file2" dev="loop3" ino=14 res=0 errno=0
[  606.648273][ T4272] syz-executor: attempt to access beyond end of device
[  606.648273][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  610.199723][T10162] fuse: Bad value for 'fd'
[  616.619719][T10220] lo speed is unknown, defaulting to 1000
[  616.626193][T10220] lo speed is unknown, defaulting to 1000
[  616.632720][T10220] lo speed is unknown, defaulting to 1000
[  616.646258][T10220] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  617.348633][T10220] lo speed is unknown, defaulting to 1000
[  617.355114][T10220] lo speed is unknown, defaulting to 1000
[  617.361636][T10220] lo speed is unknown, defaulting to 1000
[  617.368006][T10220] lo speed is unknown, defaulting to 1000
[  617.374577][T10220] lo speed is unknown, defaulting to 1000
[  618.854375][T10243] tmpfs: Unknown parameter 'grpquota'
[  620.840709][ T6189] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  622.668769][ T6189] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  623.114633][ T6189] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  623.202588][ T6189] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.281265][ T6189] usb 4-1: config 0 descriptor??
[  623.324653][ T6189] pwc: Askey VC010 type 2 USB webcam detected.
[  623.669945][T10271] autofs4:pid:10271:autofs_fill_super: called with bogus options
[  624.825134][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.835709][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  626.232598][ T6189] pwc: send_video_command error -71
[  626.237901][ T6189] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  626.749897][ T6189] Philips webcam: probe of 4-1:0.0 failed with error -71
[  626.792289][ T6189] usb 4-1: USB disconnect, device number 11
[  627.052530][T10292] loop1: detected capacity change from 0 to 40427
[  627.130652][T10292] F2FS-fs (loop1): Found nat_bits in checkpoint
[  627.176393][T10292] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  627.543492][T10307] syz.1.1614: attempt to access beyond end of device
[  627.543492][T10307] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  628.600553][   T27] audit: type=1800 audit(1753544649.286:440): pid=10307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1614" name="file2" dev="loop1" ino=14 res=0 errno=0
[  634.318680][ T4273] syz-executor: attempt to access beyond end of device
[  634.318680][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  636.016445][T10386] 9pnet_fd: Insufficient options for proto=fd
[  638.368530][T10413] loop4: detected capacity change from 0 to 40427
[  638.726418][T10413] F2FS-fs (loop4): Found nat_bits in checkpoint
[  638.822049][T10413] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  640.771909][T10442] syz.4.1641: attempt to access beyond end of device
[  640.771909][T10442] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  640.794791][T10443] tipc: Started in network mode
[  640.799726][T10443] tipc: Node identity 92c70a88fe7d, cluster identity 4711
[  640.857277][   T27] audit: type=1800 audit(1753544661.546:441): pid=10442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1641" name="file2" dev="loop4" ino=14 res=0 errno=0
[  640.860482][T10443] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  640.974079][T10450] device syzkaller0 entered promiscuous mode
[  641.090249][T10434] ptrace attach of "./syz-executor exec"[4272] was attempted by " ��      ��      �      ��      ��      ��      ��              ��      ��      ��                 ����                                                                                                                                                      8                      G\x0b      \x09              
  �                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
[  641.110705][T10014] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  641.149404][T10450] tipc: Resetting bearer <eth:syzkaller0>
[  641.396989][T10438] tipc: Resetting bearer <eth:syzkaller0>
[  641.804428][T10014] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  641.824477][T10014] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  641.850790][T10014] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.923889][T10014] usb 2-1: config 0 descriptor??
[  641.933190][T10014] pwc: Askey VC010 type 2 USB webcam detected.
[  641.943737][ T6251] tipc: Node number set to 1824131720
[  642.021949][T10438] tipc: Disabling bearer <eth:syzkaller0>
[  642.336855][T10447] autofs4:pid:10447:autofs_fill_super: called with bogus options
[  642.451072][T10462] fuse: Bad value for 'fd'
[  643.185784][ T4285] Bluetooth: hci0: unexpected subevent 0x0e length: 30 > 15
[  643.302135][T10444] [U] ^C
[  643.514629][T10468] loop5: detected capacity change from 0 to 40427
[  643.668505][T10468] F2FS-fs (loop5): Found nat_bits in checkpoint
[  643.720876][T10468] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  644.816388][   T27] audit: type=1800 audit(1753544664.716:442): pid=10482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1650" name="file2" dev="loop5" ino=10 res=0 errno=0
[  644.839754][T10014] pwc: send_video_command error -71
[  644.845140][T10014] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  644.909587][ T4281] syz-executor: attempt to access beyond end of device
[  644.909587][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  644.924083][ T9384] syz-executor: attempt to access beyond end of device
[  644.924083][ T9384] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  644.955184][T10014] Philips webcam: probe of 2-1:0.0 failed with error -71
[  645.012471][T10014] usb 2-1: USB disconnect, device number 10
[  647.204060][T10505] 9pnet_fd: Insufficient options for proto=fd
[  647.873015][T10516] fuse: Bad value for 'fd'
[  648.974186][T10527] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  648.983137][T10527] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  648.992035][T10527] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  649.000963][T10527] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  649.160025][T10527] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  649.181075][T10527] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.190555][T10527] F2FS-fs (loop1): Unable to read 1th superblock
[  649.198226][T10527] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.210046][T10527] F2FS-fs (loop1): Unable to read 2th superblock
[  649.900402][T10535] loop5: detected capacity change from 0 to 40427
[  650.184212][T10536] loop3: detected capacity change from 0 to 40427
[  650.238979][T10535] F2FS-fs (loop5): Found nat_bits in checkpoint
[  650.314380][T10535] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  650.486260][T10536] F2FS-fs (loop3): Found nat_bits in checkpoint
[  651.020142][   T27] audit: type=1800 audit(1753544671.316:443): pid=10551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1662" name="file2" dev="loop5" ino=10 res=0 errno=0
[  651.066432][ T9384] syz-executor: attempt to access beyond end of device
[  651.066432][ T9384] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  651.105696][T10536] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  651.458213][T10554] syz.3.1663: attempt to access beyond end of device
[  651.458213][T10554] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  651.660914][   T27] audit: type=1800 audit(1753544672.336:444): pid=10554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1663" name="file2" dev="loop3" ino=14 res=0 errno=0
[  652.355247][T10565] I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  652.364708][T10565] qnx4: unable to read the superblock
[  652.855486][T10569] Driver unsupported XDP return value 0 on prog  (id 313) dev N/A, expect packet loss!
[  653.373336][T10576] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1669'.
[  655.307268][   T22] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  655.379565][T10597] fuse: Bad value for 'fd'
[  655.392741][   T22] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  655.406687][   T22] usb 5-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  655.487863][   T22] usb 5-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  656.302343][T10599] loop0: detected capacity change from 0 to 40427
[  656.363175][T10599] F2FS-fs (loop0): Found nat_bits in checkpoint
[  656.401108][T10599] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  657.196863][   T27] audit: type=1800 audit(1753544677.466:445): pid=10613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1675" name="file2" dev="loop0" ino=10 res=0 errno=0
[  657.261347][ T4265] syz-executor: attempt to access beyond end of device
[  657.261347][ T4265] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  657.939164][ T4272] syz-executor: attempt to access beyond end of device
[  657.939164][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  659.022381][T10627] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1681'.
[  659.102216][T10626] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1681'.
[  659.348410][T10634] I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  659.357659][T10634] qnx4: unable to read the superblock
[  659.615242][T10640] tmpfs: Unknown parameter 'grpquota'
[  662.877624][T10662] fuse: Bad value for 'fd'
[  663.109412][T10661] loop1: detected capacity change from 0 to 40427
[  663.272665][T10661] F2FS-fs (loop1): Found nat_bits in checkpoint
[  663.322757][T10661] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  666.434878][   T27] audit: type=1800 audit(1753544686.856:446): pid=10683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1689" name="file2" dev="loop1" ino=10 res=0 errno=0
[  666.801635][ T4273] syz-executor: attempt to access beyond end of device
[  666.801635][ T4273] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  668.511380][ T4280] Bluetooth: hci3: command 0x0406 tx timeout
[  669.707438][T10716] bad cache= option: no%e
[  669.707438][T10716] 
[  669.714408][T10716] CIFS: VFS: bad cache= option: no%e
[  672.548293][T10730] I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  672.558507][T10730] qnx4: unable to read the superblock
[  672.697402][T10739] fuse: Bad value for 'fd'
[  673.440261][T10740] loop4: detected capacity change from 0 to 40427
[  673.527485][T10740] F2FS-fs (loop4): Found nat_bits in checkpoint
[  673.679091][T10740] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  674.713747][T10754] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  674.864111][T10756] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  674.876883][T10754] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  675.084101][T10754] F2FS-fs (loop3): Unable to read 1th superblock
[  675.106925][T10754] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  675.116993][T10754] F2FS-fs (loop3): Unable to read 2th superblock
[  675.423032][T10756] tipc: Resetting bearer <eth:syzkaller0>
[  676.213818][T10767] libceph: resolve '.
[  676.213818][T10767] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  676.213818][T10767] ' (ret=-3): failed
[  676.273021][T10765] syz.4.1708: attempt to access beyond end of device
[  676.273021][T10765] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  676.729086][T10755] tipc: Disabling bearer <eth:syzkaller0>
[  677.540876][   T27] audit: type=1800 audit(1753544698.226:447): pid=10765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1708" name="file2" dev="loop4" ino=14 res=0 errno=0
[  677.812794][T10780] loop3: detected capacity change from 0 to 40427
[  677.928216][T10780] F2FS-fs (loop3): Found nat_bits in checkpoint
[  678.164937][T10780] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  678.590807][   T27] audit: type=1800 audit(1753544699.276:448): pid=10793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1716" name="file2" dev="loop3" ino=10 res=0 errno=0
[  679.292568][ T4272] syz-executor: attempt to access beyond end of device
[  679.292568][ T4272] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  680.012189][T10803] I/O error, dev loop5, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  680.021541][T10803] qnx4: unable to read the superblock
[  682.832344][ T4342] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  682.909806][ T4342] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  685.111240][ T4281] syz-executor: attempt to access beyond end of device
[  685.111240][ T4281] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  685.170405][T10836] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  685.201467][T10836] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  685.211028][T10836] F2FS-fs (loop0): Unable to read 1th superblock
[  685.218542][T10836] I/O error, dev loop0, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  685.228029][T10836] F2FS-fs (loop0): Unable to read 2th superblock
[  685.627480][T10848] loop1: detected capacity change from 0 to 40427
[  685.698202][T10848] F2FS-fs (loop1): Found nat_bits in checkpoint
[  685.735069][T10848] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  685.831067][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  685.837475][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  686.002115][T10857] syz.1.1732: attempt to access beyond end of device
[  686.002115][T10857] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  686.542494][ T4273] syz-executor: attempt to access beyond end of device
[  686.542494][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  686.802838][T10860] I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  686.812171][T10860] qnx4: unable to read the superblock
[  686.955147][T10865] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1736'.
[  687.026728][T10865] netlink: zone id is out of range
[  687.061933][T10865] netlink: del zone limit has 4 unknown bytes
[  688.100362][T10889] loop1: detected capacity change from 0 to 40427
[  688.361904][T10889] F2FS-fs (loop1): Found nat_bits in checkpoint
[  688.630704][T10889] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  689.042051][T10905] syz.1.1742: attempt to access beyond end of device
[  689.042051][T10905] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  690.173088][   T27] audit: type=1800 audit(1753544710.866:449): pid=10905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1742" name="file2" dev="loop1" ino=14 res=0 errno=0
[  690.984004][T10924] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  691.007123][T10892] loop3: detected capacity change from 0 to 40427
[  691.078505][T10924] qnx4: unable to read the superblock
[  691.084191][T10892] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  691.407348][T10933] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1751'.
[  691.453895][T10933] netlink: zone id is out of range
[  691.492693][T10933] netlink: del zone limit has 4 unknown bytes
[  694.657993][ T4273] syz-executor: attempt to access beyond end of device
[  694.657993][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  695.342543][T10969] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  695.394863][T10969] qnx4: unable to read the superblock
[  695.488214][T10978] I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  695.510683][T10978] qnx4: unable to read the superblock
[  696.347936][T10993] loop3: detected capacity change from 0 to 40427
[  696.362370][T10995] loop1: detected capacity change from 0 to 40427
[  696.479357][T10999] binder: 10998:10999 unknown command 1074553619
[  696.532508][T11005] binder: 10998:11005 unknown command 1074553620
[  696.538924][T11005] binder: 10998:11005 ioctl c0306201 200000000640 returned -22
[  696.550764][T10999] binder: 10998:10999 ioctl c0306201 200000000040 returned -22
[  696.567090][T10993] F2FS-fs (loop3): Found nat_bits in checkpoint
[  696.567112][T10995] F2FS-fs (loop1): Found nat_bits in checkpoint
[  696.631986][T10995] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  696.669362][T10993] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  696.990079][T11012] syz.1.1760: attempt to access beyond end of device
[  696.990079][T11012] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  697.264010][ T4273] syz-executor: attempt to access beyond end of device
[  697.264010][ T4273] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  697.842682][T10993] syz.3.1771: attempt to access beyond end of device
[  697.842682][T10993] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  697.868607][   T27] audit: type=1800 audit(1753544718.556:450): pid=10993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1771" name="file2" dev="loop3" ino=14 res=0 errno=0
[  700.815446][T11036] input: syz1 as /devices/virtual/input/input13
[  700.968083][ T4272] syz-executor: attempt to access beyond end of device
[  700.968083][ T4272] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  707.743714][T11104] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  708.480619][T11104] device syzkaller0 entered promiscuous mode
[  708.665580][T11104] tipc: Resetting bearer <eth:syzkaller0>
[  708.716938][T11103] tipc: Resetting bearer <eth:syzkaller0>
[  708.916650][T11103] tipc: Disabling bearer <eth:syzkaller0>
[  711.860979][ T4736] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  711.868586][T11167] fuse: Bad value for 'fd'
[  712.259093][ T4736] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  712.432670][ T4736] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  712.524063][ T4736] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.555649][ T4736] usb 6-1: config 0 descriptor??
[  712.604014][ T4736] pwc: Askey VC010 type 2 USB webcam detected.
[  712.646486][T11170] tmpfs: Unknown parameter 'grpquota'
[  713.572648][T11161] autofs4:pid:11161:autofs_fill_super: called with bogus options
[  714.253227][T11185] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  714.263099][T11185] device syzkaller0 entered promiscuous mode
[  714.293852][T11185] tipc: Resetting bearer <eth:syzkaller0>
[  714.303608][T11184] tipc: Resetting bearer <eth:syzkaller0>
[  714.340233][T11184] tipc: Disabling bearer <eth:syzkaller0>
[  715.514391][ T4736] pwc: send_video_command error -71
[  715.519668][ T4736] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  715.571017][ T4736] Philips webcam: probe of 6-1:0.0 failed with error -71
[  715.664366][ T4736] usb 6-1: USB disconnect, device number 2
[  716.340771][T11201] loop0: detected capacity change from 0 to 40427
[  716.512265][   T22] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  716.983157][   T22] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  717.001235][   T22] usb 5-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  717.009771][   T22] usb 5-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  717.054107][T11201] F2FS-fs (loop0): Found nat_bits in checkpoint
[  717.179108][T11201] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  717.385511][T11210] I/O error, dev loop5, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  717.406806][T11210] qnx4: unable to read the superblock
[  717.958792][T11219] fuse: Bad value for 'fd'
[  718.342652][T11216] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  718.423492][T11216] qnx4: unable to read the superblock
[  718.536992][T11220] syz.0.1822: attempt to access beyond end of device
[  718.536992][T11220] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  718.574259][   T27] audit: type=1800 audit(1753544739.266:451): pid=11220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1822" name="file2" dev="loop0" ino=14 res=0 errno=0
[  718.662022][T11223] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  718.727416][T11223] device syzkaller0 entered promiscuous mode
[  718.806198][T11223] tipc: Resetting bearer <eth:syzkaller0>
[  718.870303][T11222] tipc: Resetting bearer <eth:syzkaller0>
[  718.966776][T11222] tipc: Disabling bearer <eth:syzkaller0>
[  719.230865][ T4326] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  719.412445][ T4326] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  719.456626][ T4326] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  719.476278][ T4326] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.510893][ T4326] usb 6-1: config 0 descriptor??
[  719.533418][ T4326] pwc: Askey VC010 type 2 USB webcam detected.
[  719.894089][T11230] autofs4:pid:11230:autofs_fill_super: called with bogus options
[  720.089745][ T4265] syz-executor: attempt to access beyond end of device
[  720.089745][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  720.550144][T11255] fuse: Bad value for 'fd'
[  721.203853][T11258] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  721.213068][T11258] qnx4: unable to read the superblock
[  721.833547][T11271] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  721.862094][T11271] device syzkaller0 entered promiscuous mode
[  721.987365][T11271] tipc: Resetting bearer <eth:syzkaller0>
[  721.989232][T11276] I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  722.002910][ T4326] pwc: send_video_command error -71
[  722.010867][ T4326] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  722.019045][ T4326] Philips webcam: probe of 6-1:0.0 failed with error -71
[  722.044588][T11276] qnx4: unable to read the superblock
[  722.062201][ T4326] usb 6-1: USB disconnect, device number 3
[  722.171083][   T14] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  722.206601][T11269] tipc: Resetting bearer <eth:syzkaller0>
[  722.438593][T11269] tipc: Disabling bearer <eth:syzkaller0>
[  722.471118][   T14] usb 4-1: Using ep0 maxpacket: 8
[  722.479357][   T14] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  722.525108][   T14] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0
[  722.556517][   T14] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  722.586789][   T14] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  722.638296][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  722.667111][   T14] usb 4-1: Product: syz
[  722.687340][   T14] usb 4-1: Manufacturer: syz
[  722.718136][   T14] usb 4-1: SerialNumber: syz
[  722.831062][T11274] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  722.843706][T11278] loop0: detected capacity change from 0 to 40427
[  722.910290][T11278] F2FS-fs (loop0): Found nat_bits in checkpoint
[  722.985582][T11285] fuse: Bad value for 'fd'
[  723.062094][T11278] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  723.079565][   T14] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  723.306068][   T14] usb 4-1: USB disconnect, device number 12
[  723.518371][   T14] usblp0: removed
[  723.815399][T11292] syz.0.1849: attempt to access beyond end of device
[  723.815399][T11292] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  724.202574][   T27] audit: type=1800 audit(1753544744.896:452): pid=11292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1849" name="file2" dev="loop0" ino=14 res=0 errno=0
[  725.460018][T11308] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  725.474618][T11308] qnx4: unable to read the superblock
[  726.527121][T11317] I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  726.560984][T11317] qnx4: unable to read the superblock
[  727.981476][T11324] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  727.991269][T11324] F2FS-fs (loop3): Unable to read 1th superblock
[  727.998652][T11324] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  728.015116][T11324] F2FS-fs (loop3): Unable to read 2th superblock
[  728.667830][T11330] fuse: Bad value for 'fd'
[  729.868566][ T4265] syz-executor: attempt to access beyond end of device
[  729.868566][ T4265] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  733.436643][T11364] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  733.444249][T11364] device syzkaller0 entered promiscuous mode
[  734.446583][T11364] tipc: Resetting bearer <eth:syzkaller0>
[  734.531731][T11363] tipc: Resetting bearer <eth:syzkaller0>
[  734.661628][T11363] tipc: Disabling bearer <eth:syzkaller0>
[  737.720281][ T4312] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  738.870869][T11415] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  738.896177][T11415] F2FS-fs (loop3): Unable to read 1th superblock
[  738.921038][T11415] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  738.995552][T11422] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1894'.
[  739.824731][T11415] F2FS-fs (loop3): Unable to read 2th superblock
[  740.312265][T11441] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  740.341445][T11441] device syzkaller0 entered promiscuous mode
[  740.427107][T11441] tipc: Resetting bearer <eth:syzkaller0>
[  740.492628][T11439] tipc: Resetting bearer <eth:syzkaller0>
[  740.571844][T11439] tipc: Disabling bearer <eth:syzkaller0>
[  744.922355][   T28] INFO: task udevd:4286 blocked for more than 143 seconds.
[  745.105825][   T28]       Not tainted 6.1.147-syzkaller #0
[  745.113302][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  745.125629][   T28] task:udevd           state:D stack:22624 pid:4286  ppid:3638   flags:0x00004002
[  745.149588][   T28] Call Trace:
[  745.153433][   T28]  <TASK>
[  745.156627][   T28]  __schedule+0x10ec/0x40b0
[  745.161520][   T28]  ? release_firmware_map_entry+0x18a/0x18a
[  745.176436][   T28]  ? __mutex_trylock_common+0x80/0x250
[  745.191181][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  745.214552][   T28]  schedule+0xb9/0x180
[  745.225901][   T28]  schedule_preempt_disabled+0xf/0x20
[  745.238291][   T28]  __mutex_lock+0x555/0xaf0
[  745.249557][   T28]  ? __mutex_lock+0x3a5/0xaf0
[  745.259688][   T28]  ? uevent_show+0x16c/0x320
[  745.269967][   T28]  ? mutex_lock_nested+0x10/0x10
[  745.323019][   T28]  uevent_show+0x16c/0x320
[  745.329648][   T28]  dev_attr_show+0x50/0xb0
[  745.334589][   T28]  sysfs_kf_seq_show+0x349/0x4b0
[  745.339988][   T28]  ? device_get_ownership+0xa0/0xa0
[  745.348483][   T28]  seq_read_iter+0x49b/0xd50
[  745.367130][   T28]  ? common_file_perm+0x171/0x1c0
[  745.448129][   T28]  vfs_read+0x434/0x920
[  745.467354][   T28]  ? do_raw_spin_unlock+0x11d/0x230
[  745.519526][   T28]  ? kernel_read+0x1e0/0x1e0
[  745.558167][   T28]  ? __x64_sys_newfstat+0x171/0x1c0
[  745.592924][   T28]  ? __fdget_pos+0x2b5/0x360
[  745.615584][   T28]  ksys_read+0x143/0x240
[  745.636975][   T28]  ? vfs_write+0x960/0x960
[  745.666462][   T28]  ? lockdep_hardirqs_on+0x94/0x140
[  745.685099][   T28]  do_syscall_64+0x4c/0xa0
[  745.697467][   T28]  ? clear_bhb_loop+0x60/0xb0
[  745.708118][   T28]  ? clear_bhb_loop+0x60/0xb0
[  745.720878][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.767947][   T28] RIP: 0033:0x7f0e3e6a7407
[  745.788190][   T28] RSP: 002b:00007ffc56cd5310 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  745.807887][   T28] RAX: ffffffffffffffda RBX: 00007f0e3ed7c880 RCX: 00007f0e3e6a7407
[  745.817110][   T28] RDX: 0000000000001000 RSI: 000055aa1b875d30 RDI: 0000000000000008
[  745.841223][   T28] RBP: 00007f0e3e7efff0 R08: 0000000000000000 R09: 0000000000000000
[  745.850395][   T28] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000a
[  745.980189][   T28] R13: 00007f0e3e7efea0 R14: 0000000000000000 R15: 000055aa1b86bf30
[  746.012589][   T28]  </TASK>
[  746.026639][   T28] 
[  746.026639][   T28] Showing all locks held in the system:
[  746.041819][   T28] 1 lock held by rcu_tasks_kthre/12:
[  746.047709][   T28]  #0: ffffffff8cb2b7b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[  746.104176][   T28] 1 lock held by rcu_tasks_trace/13:
[  746.117892][   T28]  #0: ffffffff8cb2bfd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[  746.142646][   T28] 6 locks held by kworker/1:0/22:
[  746.154909][   T28]  #0: ffff888144286538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160
[  746.173264][   T28]  #1: ffffc900001c7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160
[  746.184999][   T28]  #2: ffff8880282f4190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1a7/0x54e0
[  746.194843][   T28]  #3: ffff88807d535190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x85/0x460
[  746.204403][   T28]  #4: ffff88807ec0a118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x85/0x460
[  746.214027][   T28]  #5: ffffffff8c9d79b0 (umhelper_sem){++++}-{3:3}, at: usermodehelper_read_trylock+0xec/0x2a0
[  746.224729][   T28] 1 lock held by khungtaskd/28:
[  746.229698][   T28]  #0: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  746.239942][   T28] 2 locks held by kworker/u4:3/51:
[  746.245210][   T28]  #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160
[  746.256433][   T28]  #1: ffff8880b8e27848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x398/0x6d0
[  746.267998][   T28] 2 locks held by getty/4031:
[  746.272793][   T28]  #0: ffff888030e76098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  746.283328][   T28]  #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380
[  746.293716][   T28] 4 locks held by udevd/4286:
[  746.298430][   T28]  #0: ffff88802fc0d790 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xad/0xd50
[  746.307322][   T28]  #1: ffff88802833f488 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x51/0x3b0
[  746.316675][   T28]  #2: ffff88805656ee88 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x71/0x3b0
[  746.326226][   T28]  #3: ffff88807d535190 (&dev->mutex){....}-{3:3}, at: uevent_show+0x16c/0x320
[  746.335319][   T28] 
[  746.337665][   T28] =============================================
[  746.337665][   T28] 
[  746.346133][   T28] NMI backtrace for cpu 1
[  746.350493][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.147-syzkaller #0
[  746.358409][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  746.368486][   T28] Call Trace:
[  746.371792][   T28]  <TASK>
[  746.374741][   T28]  dump_stack_lvl+0x168/0x22e
[  746.379430][   T28]  ? show_regs_print_info+0x12/0x12
[  746.384647][   T28]  ? load_image+0x3b0/0x3b0
[  746.389202][   T28]  ? vprintk_emit+0x571/0x680
[  746.394011][   T28]  ? printk_sprint+0x460/0x460
[  746.398804][   T28]  nmi_cpu_backtrace+0x3f4/0x470
[  746.403761][   T28]  ? nmi_trigger_cpumask_backtrace+0x450/0x450
[  746.409927][   T28]  ? _printk+0xcc/0x110
[  746.414101][   T28]  ? load_image+0x3b0/0x3b0
[  746.418622][   T28]  ? load_image+0x3b0/0x3b0
[  746.423143][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  746.429220][   T28]  nmi_trigger_cpumask_backtrace+0x1d4/0x450
[  746.435210][   T28]  watchdog+0xeee/0xf30
[  746.439381][   T28]  ? watchdog+0x1ed/0xf30
[  746.443728][   T28]  kthread+0x29d/0x330
[  746.447821][   T28]  ? hungtask_pm_notify+0x40/0x40
[  746.452944][   T28]  ? kthread_blkcg+0xd0/0xd0
[  746.457567][   T28]  ret_from_fork+0x1f/0x30
[  746.462006][   T28]  </TASK>
[  746.465832][   T28] Sending NMI from CPU 1 to CPUs 0:
[  746.471303][    C0] NMI backtrace for cpu 0
[  746.471315][    C0] CPU: 0 PID: 3620 Comm: syslogd Not tainted 6.1.147-syzkaller #0
[  746.471330][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  746.471339][    C0] RIP: 0010:switch_mm_irqs_off+0x7ae/0xb10
[  746.471366][    C0] Code: 8d b7 a8 05 00 00 4c 89 f7 be 04 00 00 00 e8 a9 90 97 00 4c 89 f0 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 9b 01 00 00 41 83 3e 00 <74> 0e e8 5b 99 c7 ff bf 00 01 00 00 31 f6 eb 07 be 00 01 00 00 31
[  746.471386][    C0] RSP: 0018:ffffc90003187560 EFLAGS: 00000046
[  746.471400][    C0] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff81395447
[  746.471412][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807dfd1c28
[  746.471422][    C0] RBP: ffffc90003187630 R08: dffffc0000000000 R09: ffffed100fbfa386
[  746.471434][    C0] R10: ffffed100fbfa386 R11: 1ffff1100fbfa385 R12: dffffc0000000000
[  746.471446][    C0] R13: 0000000000000000 R14: ffff88807dfd1c28 R15: ffff88807dfd1680
[  746.471457][    C0] FS:  00007faaf5818c80(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  746.471472][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  746.471483][    C0] CR2: 00007fbd88183178 CR3: 0000000031642000 CR4: 00000000003506f0
[  746.471497][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  746.471506][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  746.471516][    C0] Call Trace:
[  746.471521][    C0]  <TASK>
[  746.471530][    C0]  ? switch_mm+0x120/0x120
[  746.471550][    C0]  ? psi_task_switch+0x398/0x6d0
[  746.471579][    C0]  __schedule+0xe99/0x40b0
[  746.471607][    C0]  ? release_firmware_map_entry+0x18a/0x18a
[  746.471624][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  746.471647][    C0]  ? lock_chain_count+0x20/0x20
[  746.471671][    C0]  schedule+0xb9/0x180
[  746.471686][    C0]  schedule_timeout+0x97/0x280
[  746.471713][    C0]  ? console_conditional_schedule+0x40/0x40
[  746.471733][    C0]  ? __unix_dgram_recvmsg+0x225/0xd70
[  746.471758][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  746.471779][    C0]  ? prepare_to_wait_exclusive+0x7e/0x220
[  746.471804][    C0]  __skb_wait_for_more_packets+0x39a/0x580
[  746.471833][    C0]  ? skb_gso_transport_seglen+0x4d0/0x4d0
[  746.471858][    C0]  ? __skb_wait_for_more_packets+0x580/0x580
[  746.471884][    C0]  ? sock_load_diag_module+0x130/0x130
[  746.471905][    C0]  __unix_dgram_recvmsg+0x282/0xd70
[  746.471928][    C0]  ? aa_file_perm+0x117/0xec0
[  746.471957][    C0]  ? unix_unhash+0x10/0x10
[  746.471980][    C0]  ? aa_af_perm+0x2b0/0x2b0
[  746.471997][    C0]  ? aa_file_perm+0x3ef/0xec0
[  746.472020][    C0]  ? rcu_is_watching+0x11/0xa0
[  746.472044][    C0]  ? bpf_lsm_socket_recvmsg+0x5/0x10
[  746.472059][    C0]  ? security_socket_recvmsg+0x85/0xb0
[  746.472080][    C0]  ? unix_dgram_recvmsg+0xa9/0xd0
[  746.472106][    C0]  sock_read_iter+0x2bf/0x370
[  746.472146][    C0]  ? kernel_sock_ip_overhead+0x590/0x590
[  746.472174][    C0]  ? common_file_perm+0x171/0x1c0
[  746.472199][    C0]  ? fsnotify_perm+0x248/0x550
[  746.472231][    C0]  vfs_read+0x434/0x920
[  746.472255][    C0]  ? kernel_read+0x1e0/0x1e0
[  746.472277][    C0]  ? __rseq_handle_notify_resume+0x392/0x1220
[  746.472300][    C0]  ? __fdget_pos+0x1d4/0x360
[  746.472322][    C0]  ksys_read+0x143/0x240
[  746.472343][    C0]  ? vfs_write+0x960/0x960
[  746.472366][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  746.472388][    C0]  do_syscall_64+0x4c/0xa0
[  746.472402][    C0]  ? clear_bhb_loop+0x60/0xb0
[  746.472417][    C0]  ? clear_bhb_loop+0x60/0xb0
[  746.472432][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  746.472456][    C0] RIP: 0033:0x7faaf5968407
[  746.472468][    C0] Code: Unable to access opcode bytes at 0x7faaf59683dd.
[  746.472475][    C0] RSP: 002b:00007ffc7721f430 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  746.472491][    C0] RAX: ffffffffffffffda RBX: 00007faaf5818c80 RCX: 00007faaf5968407
[  746.472502][    C0] RDX: 00000000000000ff RSI: 0000562918553950 RDI: 0000000000000000
[  746.472512][    C0] RBP: 0000562918553910 R08: 0000000000000000 R09: 0000000000000000
[  746.472521][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 000056291855399a
[  746.472549][    C0] R13: 0000000000000000 R14: 0000562918553950 R15: 00005628f40add98
[  746.472568][    C0]  </TASK>
[  746.480509][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  746.890137][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.147-syzkaller #0
[  746.898029][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  746.908088][   T28] Call Trace:
[  746.911369][   T28]  <TASK>
[  746.914305][   T28]  dump_stack_lvl+0x168/0x22e
[  746.918994][   T28]  ? memcpy+0x3c/0x60
[  746.923004][   T28]  ? show_regs_print_info+0x12/0x12
[  746.928269][   T28]  ? load_image+0x3b0/0x3b0
[  746.932809][   T28]  panic+0x2c9/0x710
[  746.936717][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  746.942359][   T28]  ? bpf_jit_dump+0xd0/0xd0
[  746.946870][   T28]  ? __irq_work_queue_local+0x12c/0x190
[  746.952432][   T28]  ? nmi_trigger_cpumask_backtrace+0x35b/0x450
[  746.958611][   T28]  ? nmi_trigger_cpumask_backtrace+0x360/0x450
[  746.964772][   T28]  watchdog+0xf2d/0xf30
[  746.968938][   T28]  ? watchdog+0x1ed/0xf30
[  746.973296][   T28]  kthread+0x29d/0x330
[  746.977398][   T28]  ? hungtask_pm_notify+0x40/0x40
[  746.982439][   T28]  ? kthread_blkcg+0xd0/0xd0
[  746.987037][   T28]  ret_from_fork+0x1f/0x30
[  746.991479][   T28]  </TASK>
[  746.994881][   T28] Kernel Offset: disabled
[  746.999213][   T28] Rebooting in 86400 seconds..