last executing test programs:

5m0.739700659s ago: executing program 4 (id=5):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@test_dummy_encryption_v1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@noload}, {@quota}]}, 0x83, 0x440, &(0x7f0000000d80)="$eJzs28tvG8UfAPDvrpP219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7W9ie3YSRzsuODPR9pkZnesma93xzuzYwcwsEazP0nE/oj4NSJGqtnGAqPVf3dWlqb/XFmaTqJcfuOPpFLu9srSdF40f92+PDMUkX6SxNEW9S5cvXZxqlSavVLLjy9eend84eq1Z+YuTV2YvTB7efLs2dOnJp47M/lsV+LM4rp95IP5Y4dfeevGa9Pnbrz949dJHn9THF0yutHBx8vlLlfXXwfq0slQHxtCRwrVbhrDlf4/EoVYO3kj8fLHfW0c0FPlcrl8X/vDy2XgPyyJfrcA6I/8Rp/Nf/Nth4Yed4VbL1QnQFncd2pb9chQpLUyw03z224ajYhzy399kW3R8BzCJBoA6I1vs/HP063Gf2nUPxf6f20NpRgR90TEwYg4ExGHIuLeiErZ+yPigQ7rb14kWT/+TG9uK7AtysZ/z9fWthrHf/noL4qFWu5AJf7h5PxcafZk7T05EcO7s/zEBnV899Ivn7U7Vj/+y7as/nwsGJXn8+nNod2Nr5mZWpz6Z1GvufVRxJGhVvEnqyPQJCIOR8SRbdYx9+RXx9od2yz+DXVhiFz+MuKJ6vlfjqb4c8nG65Pj/4vS7Mnx/KpY76efr7/erv6O4u/BlCA7/3tbXv+r8ReT+vXahc7ruP7bp23nlJvH3/r635W82bDv/anFxSsTEbuSV6uNrt8/2VRucq18Fv+J4637/8FYeyeORkR2ET8YEQ9FxMO1tj8SEY9GxPEN4v/hxcfeadhR6CT+3srin+no/K8ldkXzntaJwsXvv2motNhJ/Nn5P11Jnajt2crn31batb2rGQAAAP590ojYH0k6tppO07Gx6nf4D8XetDS/sPjU+fn3Ls9UfyNQjOE0f9I1Uvc8dKI2rc/zk035U7Xnxp8X9lTyY9PzpZl+Bw8Dbl+b/p/5vdDv1gE956tmMLj0fxhc2+v/xa63A9h57v8wuFr0/z39aAew81rd/z/sQzuAndfU/y37wQAx/4fBpf/D4NL/YSAt7InNfyQvIbEuEeld0QyJHiX6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHX8HAAD//2zb5vM=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)

4m59.550467636s ago: executing program 4 (id=13):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x4800, &(0x7f0000000100)=ANY=[], 0x1, 0x6bb, &(0x7f00000018c0)="$eJzs3c1vXFfdB/DvHY8dT9ombpq0eR5VqtVIgIhI7FgpmA0BIWSkCqGyYG0lTmNlkhbHRW6FqMPrtov+Ad1kg1ghsWITqbBgA7vukJeVkNh0g1kNujN3XjJ+m+bF45TPJ7pzzj3nnnN/93fvnbfImgD/s5bOp34/RZbOv75Rrm/dW2hu3Vu41a0nOZZkM6knqSUp/t1qtT5OriRFb5piqNzhw9XFNz75bOvTzlq9Wtrb1/YbN6TabnOoebPbNptkoiofwQPzXX3k+Ype5FeSnKtKGLvJJK3WZFo9P/nrs72esvNkp2zsNnr68AIFnpii87pZvhjXBttnkuPVjV6+D+i+8tbGEuQIjo243fA7CAAAAHjajPIZ+OR2trNRnDiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALYbP/+/9FtdS69dkU3d//n6raUtWPllc+3+b3n1QcAAAAAAAAAHCIXtnOdjZyorveKtr/5/9qe+V0+/GZvJM7WclaLmQjy1nPetYyn2RmYKKpjeX19bX5EUZe2nXkpQMCPVaVjcdz3AAAAAAAAADwBfOLLPX//x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6CIpnoFCnuDjTPpFZPMp1kqmzYTP7erT/N7o87AAAAADgEJ7eznY2c6K63ipxO8mL7O4DpvJPbWc9q1tPMSq61vxfofOqvbd1baG7dW7hVLjvn/fa/HlidPiCM9ozpfPew+57Ptrdo5HpW2y0XcjVvpZlrqbVHls5W8XRnHYrrbhlT8a3KiAm6VpXlkX9QlTu8P+Jk+xv+MqWx/xcsM+2MTPYyMlfFVmbj+e6Z2f0MDZ2dgwzvaT61XmCnh/Y0FPBD5fx4VZbH85u9cj4Ww5m4NHD1vbh/zpMv//H3P56r6kfnkEYzUZWt9mNjZyYWBjLx0iiZuNG8ffPG9Tvnn7ZM7DDXzsSZ3vpSvpcf5Xxm88OsZTU/zXLWs5LZfLddW65OfjFwe++RqSudYnK33S71E9fN+1R1hU5UrZ8nplfbY09kNT/IW7mWlbzW/ncp8/l6LudyFgfO8Jn9z3D7rq89cNf3XwFaz+2axnNfqSrl095vq3JXe3Y8KWVenx/I6+Bz7ky7b7Cln6VTB2epTMsDz41/2j+U+v9XlXIfvxw49+M3nIn5gUy8sF8muhfynebtm2s3lt8ebXenPhgY/usj9ZRaXi+nypOV7gnqXx1l3wvdvqF8lX2ne321HX1nen2dO3Vzzzt1qnoPt3OmS+2+l3btW2j3nR3o2+391sHv5gAYs+NfPT7V+Gfjb42PGr9q3Gi8Pv2dY9849vJUJv88+c363MSXai8Xf8hH+Xn/8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDw7rz73s3lZnNlbajSarXe36Or2TqZ7NH1cJXanmGUlfoBoe6oZPYfz5QDui2t9Lq6P2f2GIM/qPJ/zyajj6p+gSedlvrjzfMYK/9ptVpVS7HHNr/7y85EPTdS6qZGvzYOqExXV3jlSKSuqtQPeadjekICDs3F9VtvX7zz7ntfW721/ObKmyu3Fy9fXpxbvPzawsXrq82Vuc7juKMEnoT+i/64IwEAAAAAAAAAAABGNdrfA+SR/pxg3McIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN2Wzqd+P0Xm5y7Mletb9xaa5dKt97esJ6klKX6WFB8nV9JZMjMwXbHXfj5cXXzjk8+2Pu3PVS75/tUDxo1ms1oym2SiU959XPNdrcp9FfsdQtE7wjJh57qJg3H7bwAAAP//EOj9JQ==")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')

4m58.302892742s ago: executing program 4 (id=20):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000c00)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d69736f383835392d312c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dddf2bd6c2c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030332c63726561746f723d85f194712c626172726965722c6e6f6465636f6d706f73652c756d61736b3d30303030303030303030303030303030303030303231372c6465636f6d706f73652c666f7263652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c637265683661746f723d010000002c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',nobarrier,subj_role=nls,obj_role=!-+,appraise_type=imasig,\x00'], 0x3, 0x6e4, &(0x7f0000000340)="$eJzs3UtoHOcdAPD/rFarXRccOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdnZ1Wg1+5CtV9LfT8zMN99rvvnPzsw+EBPA/62lmag+jSSWZt7cTNd3tufbE9vzU3lxOyJqEVGJqHYWkaxGWjrR6+LbaWaeTgZt58OVxbc//2rni85aNZ+y+pVh7UrUDmdt5VM085E1S1tODujxk/7NH+jvzsD+xpX09vB2RFzPlxF/ea5e4bntHbLVK/v4P9l8WPOjnLfAOZUU7+gF0xEXIqIekd31I786VE53dMdv66wHAAAAAEfVOHqTF3ZjNzbj4kkMBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL6p8uf/J/lU6aabkXSf/1/L8yJPn0OjH4T42VRn+fTkBwMAAAAAAAAAJ+7V3diNzbjYXd9Lst/8Xyv8xv+teC/WYznW4kZsRis2YiPWYi4ipgsd1TZbGxtrc1nLiMtDWt6KT0ta3ho8xtvHvM8AAAAAAAAAcM7VR5Q/mDyc9/tY2v/9HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoMkYqKzyKbL3fR0VKoRUY+IWlpvK+LTbvprIinLfHr64wAAAIDnUj+4mtTHaPPC+7Ebm3Gxu76XZJ/5r2afl+vxXqzGRqzERrRjOe7mn6HTT/2Vne359s72/MN0OtzvT7880tCzHqPz3UP5ll/OajTiXqxkOTfiTiSxl6nkvby8sz2fLh+Wj+uDdEzJT3JDRjNRSN9NZ9c+ydJ/PvgtQvVIu/iMKgNLprPSyV5EZvOxpS0udSNQHomRR6c6dEtzUel983N5+JbKY/7B8K1f6KtV+s3NmeiPxK2o9I7Q1eGRiPjuPz7+9f326oP799Znzs8ulXp/ZI3+SMwXInHtGxSJ0WazSFzprS/FL+JXMRNfTr0Va7ESv4lWbMRys1veyl/P6Xx6eKQ+u1Bce2vUSNJzstm7fpWNqRkHxhTN+HmWasVr2TG9GCuRxKOIWI43sr9bMde7Guwf4StjnPWVMa60Bde/ly16YYrG4Lp/G6/L45LG9VIhrsVr7nRWVszZj9KLpVHq3uvGvx8VVL+TJ9Ie/jD0/nDa+iMxV4jES4NeL52Q/nUvna+3Vx+s3W+9O+b2Xs+X6Xn0p3N1l0iP8ItRz3fuUjZPsnNqNit7qXeHPRivWv6LS0flUNmVXrvOmfrLeBR3D5ypP4yFWIjFrPbVrPbkoTtWWnat19PBa3halr7TqvZ+2Cm+33oU7c77IQDOtwvfv1Br/Lfx78ZHjT827jferP9s6kdTr9Ri8l+TP67OTrxeeSX5e3wUv9v//A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy79cdPHrTa7eW18kSlvCgZ3qrV3us+SKy8ThzKSfJH5YwYT5pI1h8/2RtRpz8RfTlT+fDGbH6Sie7TGkdXbp7gMJKt/uNVH30suk95ynOG7UVyKOBp42cec3fL+zmT5+BQ9ieax9dh9wVbPImO/OptHDxenaKJiCg9ZYabOIaLD3Cmbm48fPfm+uMnP1h52Hpn+Z3l1cmFhcXZxYU35m/eW2kvz3bmhQan8vBb4DQU30701CLi1dFthzyoFQAAAAAAAAAAADhBp/G/EGe9jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDX29JMVJ9GEnOzN2bT9Z3t+XY6ddP7NasRUYmI5LcRyT8jbkdniulCd8mg7Xy4svj251/tfLHfV7VbvxKxNbDdeLbyKZoRMZEvj6u/O6P7q+0np0qKk15k0oBd7wYOztr/AgAA//94PumP")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009e000040"])

4m56.953206855s ago: executing program 32 (id=20):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000c00)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d69736f383835392d312c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dddf2bd6c2c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030332c63726561746f723d85f194712c626172726965722c6e6f6465636f6d706f73652c756d61736b3d30303030303030303030303030303030303030303231372c6465636f6d706f73652c666f7263652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c637265683661746f723d010000002c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',nobarrier,subj_role=nls,obj_role=!-+,appraise_type=imasig,\x00'], 0x3, 0x6e4, &(0x7f0000000340)="$eJzs3UtoHOcdAPD/rFarXRccOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdnZ1Wg1+5CtV9LfT8zMN99rvvnPzsw+EBPA/62lmag+jSSWZt7cTNd3tufbE9vzU3lxOyJqEVGJqHYWkaxGWjrR6+LbaWaeTgZt58OVxbc//2rni85aNZ+y+pVh7UrUDmdt5VM085E1S1tODujxk/7NH+jvzsD+xpX09vB2RFzPlxF/ea5e4bntHbLVK/v4P9l8WPOjnLfAOZUU7+gF0xEXIqIekd31I786VE53dMdv66wHAAAAAEfVOHqTF3ZjNzbj4kkMBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL6p8uf/J/lU6aabkXSf/1/L8yJPn0OjH4T42VRn+fTkBwMAAAAAAAAAJ+7V3diNzbjYXd9Lst/8Xyv8xv+teC/WYznW4kZsRis2YiPWYi4ipgsd1TZbGxtrc1nLiMtDWt6KT0ta3ho8xtvHvM8AAAAAAAAAcM7VR5Q/mDyc9/tY2v/9HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoMkYqKzyKbL3fR0VKoRUY+IWlpvK+LTbvprIinLfHr64wAAAIDnUj+4mtTHaPPC+7Ebm3Gxu76XZJ/5r2afl+vxXqzGRqzERrRjOe7mn6HTT/2Vne359s72/MN0OtzvT7880tCzHqPz3UP5ll/OajTiXqxkOTfiTiSxl6nkvby8sz2fLh+Wj+uDdEzJT3JDRjNRSN9NZ9c+ydJ/PvgtQvVIu/iMKgNLprPSyV5EZvOxpS0udSNQHomRR6c6dEtzUel983N5+JbKY/7B8K1f6KtV+s3NmeiPxK2o9I7Q1eGRiPjuPz7+9f326oP799Znzs8ulXp/ZI3+SMwXInHtGxSJ0WazSFzprS/FL+JXMRNfTr0Va7ESv4lWbMRys1veyl/P6Xx6eKQ+u1Bce2vUSNJzstm7fpWNqRkHxhTN+HmWasVr2TG9GCuRxKOIWI43sr9bMde7Guwf4StjnPWVMa60Bde/ly16YYrG4Lp/G6/L45LG9VIhrsVr7nRWVszZj9KLpVHq3uvGvx8VVL+TJ9Ie/jD0/nDa+iMxV4jES4NeL52Q/nUvna+3Vx+s3W+9O+b2Xs+X6Xn0p3N1l0iP8ItRz3fuUjZPsnNqNit7qXeHPRivWv6LS0flUNmVXrvOmfrLeBR3D5ypP4yFWIjFrPbVrPbkoTtWWnat19PBa3halr7TqvZ+2Cm+33oU7c77IQDOtwvfv1Br/Lfx78ZHjT827jferP9s6kdTr9Ri8l+TP67OTrxeeSX5e3wUv9v//A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy79cdPHrTa7eW18kSlvCgZ3qrV3us+SKy8ThzKSfJH5YwYT5pI1h8/2RtRpz8RfTlT+fDGbH6Sie7TGkdXbp7gMJKt/uNVH30suk95ynOG7UVyKOBp42cec3fL+zmT5+BQ9ieax9dh9wVbPImO/OptHDxenaKJiCg9ZYabOIaLD3Cmbm48fPfm+uMnP1h52Hpn+Z3l1cmFhcXZxYU35m/eW2kvz3bmhQan8vBb4DQU30701CLi1dFthzyoFQAAAAAAAAAAADhBp/G/EGe9jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDX29JMVJ9GEnOzN2bT9Z3t+XY6ddP7NasRUYmI5LcRyT8jbkdniulCd8mg7Xy4svj251/tfLHfV7VbvxKxNbDdeLbyKZoRMZEvj6u/O6P7q+0np0qKk15k0oBd7wYOztr/AgAA//94PumP")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009e000040"])

4m29.236102369s ago: executing program 0 (id=96):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0xc2}}}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)

4m28.452101114s ago: executing program 0 (id=100):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000000)=0xff31, 0xc0000)
r1 = syz_open_dev$vbi(&(0x7f0000002100), 0x1, 0x2)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
fchmod(r2, 0x183)
sched_setaffinity(r3, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x1f4, 0xfffffffffffffce6, 0x0, &(0x7f0000000100)="ff412f66b0833efc792e968781", 0x0, 0x6, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff80fe}, 0x50)
socket$packet(0x11, 0x2, 0x300)

4m27.404320975s ago: executing program 0 (id=105):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0xa, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}]}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xffffffffffffff5c}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x800)

4m26.313446882s ago: executing program 0 (id=113):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@test_dummy_encryption_v1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@noload}, {@quota}]}, 0x83, 0x440, &(0x7f0000000d80)="$eJzs28tvG8UfAPDvrpP219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7W9ie3YSRzsuODPR9pkZnesma93xzuzYwcwsEazP0nE/oj4NSJGqtnGAqPVf3dWlqb/XFmaTqJcfuOPpFLu9srSdF40f92+PDMUkX6SxNEW9S5cvXZxqlSavVLLjy9eend84eq1Z+YuTV2YvTB7efLs2dOnJp47M/lsV+LM4rp95IP5Y4dfeevGa9Pnbrz949dJHn9THF0yutHBx8vlLlfXXwfq0slQHxtCRwrVbhrDlf4/EoVYO3kj8fLHfW0c0FPlcrl8X/vDy2XgPyyJfrcA6I/8Rp/Nf/Nth4Yed4VbL1QnQFncd2pb9chQpLUyw03z224ajYhzy399kW3R8BzCJBoA6I1vs/HP063Gf2nUPxf6f20NpRgR90TEwYg4ExGHIuLeiErZ+yPigQ7rb14kWT/+TG9uK7AtysZ/z9fWthrHf/noL4qFWu5AJf7h5PxcafZk7T05EcO7s/zEBnV899Ivn7U7Vj/+y7as/nwsGJXn8+nNod2Nr5mZWpz6Z1GvufVRxJGhVvEnqyPQJCIOR8SRbdYx9+RXx9od2yz+DXVhiFz+MuKJ6vlfjqb4c8nG65Pj/4vS7Mnx/KpY76efr7/erv6O4u/BlCA7/3tbXv+r8ReT+vXahc7ruP7bp23nlJvH3/r635W82bDv/anFxSsTEbuSV6uNrt8/2VRucq18Fv+J4637/8FYeyeORkR2ET8YEQ9FxMO1tj8SEY9GxPEN4v/hxcfeadhR6CT+3srin+no/K8ldkXzntaJwsXvv2motNhJ/Nn5P11Jnajt2crn31batb2rGQAAAP590ojYH0k6tppO07Gx6nf4D8XetDS/sPjU+fn3Ls9UfyNQjOE0f9I1Uvc8dKI2rc/zk035U7Xnxp8X9lTyY9PzpZl+Bw8Dbl+b/p/5vdDv1gE956tmMLj0fxhc2+v/xa63A9h57v8wuFr0/z39aAew81rd/z/sQzuAndfU/y37wQAx/4fBpf/D4NL/YSAt7InNfyQvIbEuEeld0QyJHiX6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHX8HAAD//2zb5vM=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)

4m25.297498216s ago: executing program 0 (id=116):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/cpu_byteorder', 0x0, 0x0)
finit_module(r0, 0x0, 0x2)

4m22.846064651s ago: executing program 0 (id=123):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0xa, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}]}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xffffffffffffff5c}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x800)

4m21.970812588s ago: executing program 33 (id=123):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0xa, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}]}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xffffffffffffff5c}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x800)

4m4.148637437s ago: executing program 3 (id=193):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x1, @loopback={0x3f}, 0x4}, 0x1c, 0x0}}], 0x1, 0x4040845)

4m3.989482233s ago: executing program 3 (id=195):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x34)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m3.823548973s ago: executing program 3 (id=198):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@delchain={0x34, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@delchain={0x38, 0x2c, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {0xfff2, 0xffff}, {0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8041}, 0x4010)

4m3.426818057s ago: executing program 3 (id=200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

4m3.04646748s ago: executing program 3 (id=202):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x808c10, &(0x7f0000000000)=ANY=[], 0x3, 0x1cf, &(0x7f0000000280)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCmD4G7XVrmBnOnPTU1Vomy8zA2KAtX3FLe92aU35gMbnUHiM3ycXsDMwMoalHFhVXVmUn5uSknmBgZahgZGFgOH2CgeW6/TWVZglOhz/yHA5Jmg46TEd8PLKYocazsWUqnD3zQX4dm8YRhkcrmDfWeeY11hWmTs1Ly0uqyqrKmsfAtHFmY2dj48qJdVFpfqsYW1JcNjV1MjI5bFET2MxsqD7JRnvCu/ZVD5McWHs4oKYyXzJeWCR1akXVzAlflGYzGn5nuMNTtkJCQ8NJ4oqERYMJw5E62wZXhopbrAwMDGkKYYxJamxibVvOzAlh5mdzW6DQknyCKfQox9KZEhYHhKpO/pzKzsCQ6DZj21MHtjM8h4/zrCnoEzQ6LsHgtFDwvwxDxa3khIaGMo21TEttF3wp0vgr4bXa2CmDwd2eaRksQFkaQORKKE8WrCcheYWHjqamUUpyQsMmhYQktwJDZYatezhXCzQwIEWbCgMDw3ZGWNxCwDV4/IyCUTAKRsEoGAWjYBSMglEwCkbBKBgJABAAAP//B4mJ5A==")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x1000002, 0x0)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r6, &(0x7f0000000740), 0x0, 0x0)
r7 = signalfd(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(r7, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0x8, 0x800)
r8 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x3}, @IFLA_BR_MCAST_QUERY_USE_IFADDR={0x5, 0x18, 0x1}, @IFLA_BR_MCAST_QUERIER_INTVL={0xc}]}}}]}, 0x54}}, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b)

4m1.403281371s ago: executing program 3 (id=205):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240), 0x1, 0x517, &(0x7f00000002c0)="$eJzs3c9vI1cdAPDveNeOk02btPQACNqlLSxotU7ibaOqElBOgFAlRI8gbUPijaI4cRQ7pQl7SM8cQaISJzjyB3DuiTsXBDcu5YDEjwjUIHEwmvEk6yZ2425+OIk/H2k0782b+PveZuc9z3PGL4CRdTsidiOiFBFvR8RUfjzJt3ijs6XnfbT3aHF/79FiEu32W/9MsvL0WHT9TOpW/prliPjBtyN+nByP29zeWV2o12ubeX6mtbYx09zeubeytrBcW66tV6vzc/Ozr91/tXpmbX1hrZSnvvjhH3a/9tO0WpP5ke52nKVO04uHcVI3I+J75xFsCG7k7SkNcvJ3fn7+FeJTKUTEsxHxYnb9T8WN7Ld5oh5XNABwVbTbU9Ge6s4DANddIZsDSwqVfC5gMgqFSqUzh/dcTBTqjWbr7sPG1vpSZ65sOoqFhyv12mw+VzgdxSTNz2Xpx/nqkfz9iHgmIn4xNp7lK4uN+tIw3/gAwAi7dWT8/89YZ/wHAK658rArAABcOOM/AIyeQcb/gR4LAACuDPf/ADB6OuP/+LCrAQBcIPf/ADB6jP8AMFK+/+ab6dbez7//eumd7a3Vxjv3lmrN1cra1mJlsbG5UVluNJbrta8P8Hr1RmNj7pXYenf6GxvN1kxze+fBWmNrvfUg+17vB7Xi4zcbSedbwgGAi/bMCx/8OYmI3dfHsy261nIoDrVmwHkrdKUt6gGj5cYgJw20uBNw1XisF0bXKe7xTQ/ANXHSvX+51wNC/m4IrrQ7nzP/D6Oqa/7faA4jZqD5f+BaMv8Po6vdTgZd8z8GPREAuNzM8QN9Pv9/Nt//Nv9w4EdLR894/zxrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJfbwfq/lXwt8MkoFCqViKciYjqKycOVem02Ip6OiD+NFcfS/NyQ6wwAnFbhb0m+/tedqZcnP1b0/K3DZCkifvKrt3757kKrtfnHiFLyr7GD46338+PVi689AHBM6eiBg3E623fdyH+092jxYLvICv79WxFR7sTf3yvF/mH8m3Ez25ejGBET/07yfEfSNXdxGrvvRcRne7U/iclsDqSz8unR+Gnspy40fuFj8QtZWWef/lt85gzqAqPmg7T/eaPX9VeI29m+9/Vfznqo08v7v/SlFvezPvBx/IP+70af/u92tKcGivHK77/bSY0fL3sv4vM3Iw5i73f1Pwfxkz7xXx6wjX/5wvMv9itr/zriTvSO3x1rprW2MdPc3rm3srawXFuurVer83Pzs6/df7U6k81Rz/QfDf7x+t2n+5Wl7Z/oE798Qvu/PGD7f/O/t3/4pU+I/9WXesUvxHOfED8dE78yYPyFid+V+5Wl8Zf6tP+k3//dAeN/+NedY8uGAwDD09zeWV2o12ubEhKXP5H+l70E1eiZ+Oan/6niE8UqRe+in73UuaaPFLXbT9Scfj3GWcy6AZfB4UUfEf8ddmUAAAAAAAAAAAAAAICeLuLpqGG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOvr/wEAAP//+rzLnQ==")
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b00000000000"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

3m47.135700171s ago: executing program 5 (id=248):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3m46.842280977s ago: executing program 5 (id=250):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000000)=0xff31, 0xc0000)
r1 = syz_open_dev$vbi(&(0x7f0000002100), 0x1, 0x2)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x1f4, 0xfffffffffffffce6, 0x0, &(0x7f0000000100)="ff412f66b0833efc792e968781", 0x0, 0x6, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff80fe}, 0x50)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)

3m45.968011461s ago: executing program 34 (id=205):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240), 0x1, 0x517, &(0x7f00000002c0)="$eJzs3c9vI1cdAPDveNeOk02btPQACNqlLSxotU7ibaOqElBOgFAlRI8gbUPijaI4cRQ7pQl7SM8cQaISJzjyB3DuiTsXBDcu5YDEjwjUIHEwmvEk6yZ2425+OIk/H2k0782b+PveZuc9z3PGL4CRdTsidiOiFBFvR8RUfjzJt3ijs6XnfbT3aHF/79FiEu32W/9MsvL0WHT9TOpW/prliPjBtyN+nByP29zeWV2o12ubeX6mtbYx09zeubeytrBcW66tV6vzc/Ozr91/tXpmbX1hrZSnvvjhH3a/9tO0WpP5ke52nKVO04uHcVI3I+J75xFsCG7k7SkNcvJ3fn7+FeJTKUTEsxHxYnb9T8WN7Ld5oh5XNABwVbTbU9Ge6s4DANddIZsDSwqVfC5gMgqFSqUzh/dcTBTqjWbr7sPG1vpSZ65sOoqFhyv12mw+VzgdxSTNz2Xpx/nqkfz9iHgmIn4xNp7lK4uN+tIw3/gAwAi7dWT8/89YZ/wHAK658rArAABcOOM/AIyeQcb/gR4LAACuDPf/ADB6OuP/+LCrAQBcIPf/ADB6jP8AMFK+/+ab6dbez7//eumd7a3Vxjv3lmrN1cra1mJlsbG5UVluNJbrta8P8Hr1RmNj7pXYenf6GxvN1kxze+fBWmNrvfUg+17vB7Xi4zcbSedbwgGAi/bMCx/8OYmI3dfHsy261nIoDrVmwHkrdKUt6gGj5cYgJw20uBNw1XisF0bXKe7xTQ/ANXHSvX+51wNC/m4IrrQ7nzP/D6Oqa/7faA4jZqD5f+BaMv8Po6vdTgZd8z8GPREAuNzM8QN9Pv9/Nt//Nv9w4EdLR894/zxrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJfbwfq/lXwt8MkoFCqViKciYjqKycOVem02Ip6OiD+NFcfS/NyQ6wwAnFbhb0m+/tedqZcnP1b0/K3DZCkifvKrt3757kKrtfnHiFLyr7GD46338+PVi689AHBM6eiBg3E623fdyH+092jxYLvICv79WxFR7sTf3yvF/mH8m3Ez25ejGBET/07yfEfSNXdxGrvvRcRne7U/iclsDqSz8unR+Gnspy40fuFj8QtZWWef/lt85gzqAqPmg7T/eaPX9VeI29m+9/Vfznqo08v7v/SlFvezPvBx/IP+70af/u92tKcGivHK77/bSY0fL3sv4vM3Iw5i73f1Pwfxkz7xXx6wjX/5wvMv9itr/zriTvSO3x1rprW2MdPc3rm3srawXFuurVer83Pzs6/df7U6k81Rz/QfDf7x+t2n+5Wl7Z/oE798Qvu/PGD7f/O/t3/4pU+I/9WXesUvxHOfED8dE78yYPyFid+V+5Wl8Zf6tP+k3//dAeN/+NedY8uGAwDD09zeWV2o12ubEhKXP5H+l70E1eiZ+Oan/6niE8UqRe+in73UuaaPFLXbT9Scfj3GWcy6AZfB4UUfEf8ddmUAAAAAAAAAAAAAAICeLuLpqGG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOvr/wEAAP//+rzLnQ==")
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b00000000000"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

3m45.800001446s ago: executing program 5 (id=255):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/keys\x00', 0x0, 0x0)
lseek(r0, 0xbf5e, 0x1)

3m45.491265966s ago: executing program 5 (id=256):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x8004, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

3m43.800647245s ago: executing program 5 (id=260):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

3m41.06405754s ago: executing program 5 (id=272):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
fallocate(r0, 0x10, 0x1000001, 0x6)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x17c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000580)={0x2710, 0x5, 0x10000, 0x2000, &(0x7f0000781000/0x2000)=nil})
fallocate(r3, 0x10, 0x6e3, 0x10001)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r4, 0x0, 0x0)
write$FUSE_INIT(r4, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0x6})

3m40.438596004s ago: executing program 35 (id=272):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
fallocate(r0, 0x10, 0x1000001, 0x6)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x17c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000580)={0x2710, 0x5, 0x10000, 0x2000, &(0x7f0000781000/0x2000)=nil})
fallocate(r3, 0x10, 0x6e3, 0x10001)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r4, 0x0, 0x0)
write$FUSE_INIT(r4, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0x6})

2m4.796341721s ago: executing program 7 (id=636):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000300)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r3, &(0x7f0000000200)='7', 0x1}])

2m3.480631105s ago: executing program 7 (id=640):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x6a)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000140)={0x44, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x62, 0x0, &(0x7f00000002c0)="b5e77c81b6e828b5872a0947c086caceb066c44384e89e21871af5034880b980b3bc19886803949dc733c9bca4bb6294bf4305936b5ff31f2a9c0f5a262bea038ec5a93ccf6a099e7e4f73c906dfbff3236bdad2283955b18bc2dd913a993cf35acb"})
finit_module(0xffffffffffffffff, &(0x7f0000000100)='nombcache', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r5 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000200)='gid', &(0x7f0000000580)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071128c000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x2a, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m2.212622231s ago: executing program 7 (id=641):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000000301030200000000000000000a00fffe0c0019800800"], 0x30}, 0x1, 0x0, 0x0, 0x8004}, 0x24000800)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r3 = gettid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@jqfmt_vfsv0}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@data_err_abort}]}, 0x1, 0x58c, &(0x7f0000000bc0)="$eJzs3c1rHOUfAPDvM7tJ89LfL6kIWnswULAFNWnSiqKCrdabB18KngRjkpbSbRuaCLZWbKH+B/oHCN68iMciUtSLV2+CV0GKRWou3iKzmU23zW5emk1Hnc8HJjvPPLN5ntnku8/Ms88zG0BljeU/soi9ETGfIkba8upRZI6t7Pfn7cszS7cvz6RYXn7rjxSp2NbaPxWPw8WTByLip+9SPFRbW+7CxUtnphuNuQtFemLx7PzEwsVLT58+O31q7tTcuanJZyefOXJ46sihLjV/oW+rx/rD+PH6tZOv7Ptq5os9H3/z5fUUR2N3kdd+HL0yFmOrr0m7/HV9rteFlaTWPJ6Bu7alemnVYYtqxf9jHkyPxEjU4s4fbyQ+eaPUygE7ajlFLAMVlcQ/VFTrPCC//m0t3c8WXn5AZyXAg3Dr2EoHQKtvb2k1/usrfYMx0OwbGFpK0d6tkyKiW8/cVuRlzD+RRvIldqgfDujsytWIeLRT+5+asTla9O0OLWV3xX8WEa8Xj/n2N++z/LF70uIfHpztxP+7bfH/3n2WL/4BAAAAAACgd24ci4inOn3+l62O/4kO43+GI+JoD8rf+PO/7GYPigE6uHUs4sWIWFoz/i9r7TJaK1L/a44H6EsnTzfmDkXE/yPiYPTtytOT65Qxtu/HrnN128f/5UtefmssYFGPm/Vddz9ndnpxejvHDKy4dTXisXqn+E+r7X/q0P7n7wfzmyxj+fhL33fL2zj+gZ2y/HnEgY7t/507V6T1788x0TwfmGidFaz14TvXv+5WvviH8uTt/9D68T+a2u/Xs7D2d2x0I56Pfv9lG/Hf+fy/P51o3lWov9j2wfTi4oXJiP702trtUxtUECqiFQ+teMnj/+D+ztf/653/D0bElU2WeeLbV691y9tm+z+4yf2ADvL4n91S+7/1lf1vf/ZXt/I31/4fabbpB4st+v9gfZsN0LLrCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RllE7I6Uja+uZ9n4eMRwRDwcQ1nj/MLikyfPv39uNs9rfv9/1vqm35GVdGp9//9oW3rqnvThiNgTEZ/WBpvp8ZnzjdmyDx4AAAAAAAAAAAAAAAAAAAD+IYa7zP/P/VYru3bAjquXXQGgNOIfqkv8Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAP5T9jx+4+cUEVeeH2wuuf4ir6/UmgE7LSu7AkBp3OIHqsvQH6gu1/hA2iB/4L6fCQAAAAAAAAAAAAD0yoG95v9DVZn/D9Vl/j9Ul/n/UF2u8YGezv//dWj7FQIAAAAAAAAAAAAA1li4eOnMdKMxd8GKFStWVlfKfmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa/g4AAP//Ytr6vw==")
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="240028bd7000fedbdf253f00000008000300", @ANYRES32=r6, @ANYBLOB="0c009900000000000400000014005e8008000300ff11241816"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x2c000004)
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x12}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r3}, &(0x7f0000000100)=<r7=>0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
timer_settime(r7, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_settime(r7, 0x1, &(0x7f0000000200)={{0x0, 0x3938700}, {0x0, 0x989680}}, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r0, 0x0)
r8 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x200000}, &(0x7f0000000240), &(0x7f0000000280))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000380)=[{&(0x7f0000000440)=""/4087, 0xffb}], 0x2a)

1m54.953823337s ago: executing program 7 (id=659):
syz_mount_image$exfat(&(0x7f00000003c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000003680)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
chdir(&(0x7f0000000200)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x4, &(0x7f0000000140))
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r1, 0xd010)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
mknod(&(0x7f0000000040)='./bus\x00', 0x1000, 0x828d)
setxattr$trusted_overlay_opaque(&(0x7f0000000700)='./bus\x00', &(0x7f0000000740), 0x0, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c5cc67808200400000000000000006700000000009ba197fce47ddfdd753abd950100002a00fff7ffffffffffff6b42cfd67658000200", "b732673618400a000000000000000000000000000000f0fff7fffff2ff00", [0x4, 0x4]})
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)

1m50.986831589s ago: executing program 7 (id=670):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x44)

1m49.436069389s ago: executing program 7 (id=674):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x6f6e, &(0x7f0000000100)={0x0, 0x48c2, 0x4000, 0x2, 0xb}, 0x0, &(0x7f00000006c0))
io_uring_register$IORING_REGISTER_FILES2(r1, 0xd, 0x0, 0x0)
r2 = syz_open_dev$evdev(0x0, 0x2, 0x8000)
ioctl$EVIOCGPHYS(r2, 0x80404507, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
msgsnd(0x0, 0x0, 0x401, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x4)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, 0x3)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$bt_rfcomm(r5, &(0x7f00000001c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xa)
r7 = memfd_create(&(0x7f0000000280)='y\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1X\x9a\xd6\x1e\xc6\xae\x1c[)@\xaa\x05\x00\x00\x00\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x0f+\x15l\xa6\xe0\'K\x04\x87\x0f\x004\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xd8F\x83\xd9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\xcc#\x98\xb9\xad\xaf\t\x17\x8e\xc6\xc3PCA\x17\x04sC\xdaW\x1b\xb6\xb3\xba\xce\xca\xf4\x80\xaf\xaf2T\xba\x0fg\x95\x85\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W?\x00VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\x9d\xa8\x9eo\xebF(\x87L\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x9a$\xdd\x0f\xe4}\xe1\xe1$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;lh\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0eu\x8d\x00', 0x2)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r7, 0x1, 0x7ffffffff9000000, 0x2000})
close_range(r3, 0xffffffffffffffff, 0x2)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x80, 0x7fffffff, 0x312, 0xfffffffc, 0x1})

1m48.47160798s ago: executing program 36 (id=674):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x6f6e, &(0x7f0000000100)={0x0, 0x48c2, 0x4000, 0x2, 0xb}, 0x0, &(0x7f00000006c0))
io_uring_register$IORING_REGISTER_FILES2(r1, 0xd, 0x0, 0x0)
r2 = syz_open_dev$evdev(0x0, 0x2, 0x8000)
ioctl$EVIOCGPHYS(r2, 0x80404507, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
msgsnd(0x0, 0x0, 0x401, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x4)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, 0x3)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$bt_rfcomm(r5, &(0x7f00000001c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xa)
r7 = memfd_create(&(0x7f0000000280)='y\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1X\x9a\xd6\x1e\xc6\xae\x1c[)@\xaa\x05\x00\x00\x00\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x0f+\x15l\xa6\xe0\'K\x04\x87\x0f\x004\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xd8F\x83\xd9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\xcc#\x98\xb9\xad\xaf\t\x17\x8e\xc6\xc3PCA\x17\x04sC\xdaW\x1b\xb6\xb3\xba\xce\xca\xf4\x80\xaf\xaf2T\xba\x0fg\x95\x85\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W?\x00VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\x9d\xa8\x9eo\xebF(\x87L\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x9a$\xdd\x0f\xe4}\xe1\xe1$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;lh\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0eu\x8d\x00', 0x2)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r7, 0x1, 0x7ffffffff9000000, 0x2000})
close_range(r3, 0xffffffffffffffff, 0x2)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x80, 0x7fffffff, 0x312, 0xfffffffc, 0x1})

25.106826174s ago: executing program 9 (id=886):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r3, &(0x7f0000000740), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fanotify_init(0x8, 0x800)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c0"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x8c, 0x24, 0x100, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0x4}, {0xffff, 0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x10, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0xff, 0x0, 0xd, 0x3], 0x0, [0x7f, 0x4, 0x2, 0x0, 0x8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x106], [0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0xfffe]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d387c9201200000000000000080000000000600", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)

21.652283356s ago: executing program 9 (id=890):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, &(0x7f0000000280))
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000180)=<r2=>0x0)
syz_open_procfs(r2, &(0x7f0000000300)='net/netlink\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x9c}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

20.046946972s ago: executing program 9 (id=894):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(0x0)
r4 = syz_io_uring_setup(0x3a24, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, &(0x7f0000000400)="929a775c663f947979b88bafdc67bc877fb216e145578909651d9cb9d620520428cd9d4fd17b0e80ba61e01fe45464ff3114cd5aa2ceacb015276b5f20cf", 0x3e, 0x40002020})
io_uring_enter(r4, 0x3517, 0x173d, 0x42, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
socket$inet6(0xa, 0x2, 0x0)
r7 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r7, &(0x7f0000000380)=[{&(0x7f0000000040)=""/11, 0xb}], 0x1)

18.269029323s ago: executing program 1 (id=898):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(0x0)
r4 = syz_io_uring_setup(0x3a24, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, &(0x7f0000000400)="929a775c663f947979b88bafdc67bc877fb216e145578909651d9cb9d620520428cd9d4fd17b0e80ba61e01fe45464ff3114cd5aa2ceacb015276b5f20cf", 0x3e, 0x40002020})
io_uring_enter(r4, 0x3517, 0x173d, 0x42, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
socket$inet6(0xa, 0x2, 0x0)
r7 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$apparmor_exec(r7, &(0x7f0000000440)=ANY=[@ANYBLOB="737461636b203a007e1c2d901405008f51686a1b04e567ccd50b2dc767809e2f197b5315feba4faee17a2cde2d8f4b4e866793e4feae2f90d85e0514e7a963283044375bcc42e1599905aeba00c4083184d608b0f09a98853bff5571393aafa283347d02b9b1857f78e6278c893827656ade3b2b0a31d415f951ac77cf539a90f32ded6b74ed100700f19499e13f10dac7ed5b000000000000000000000000000000007a5f4b20a1ecda0c5d67abc882ae845e019b03"], 0xb3)
readv(r7, &(0x7f0000000380)=[{&(0x7f0000000040)=""/11, 0xb}], 0x1)

13.142441714s ago: executing program 8 (id=905):
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = io_uring_setup(0x1892, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000280)=""/239, 0xef)

12.130908283s ago: executing program 9 (id=908):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002900)='./file0\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6f0, &(0x7f0000004540)="$eJzs3c1rHOcZAPBnVquN1g2OnNiNKSkVNqQBga0PlFa9VC2luDSUkB5yFrYci6zlICtFKaVV2tKeCj3kD0gLuvVQCr27uJde0lsOhaJjoNCLKdTksmVm39kP7awsyfZKpr+fGc87837Ms8++M6NdadkA/m9dm436vcji2uwb2/n23u5ia2938blU3YqIvFyLqHdWkW1EZPcjVvL6rG+JvvWQj9aX3/r0wd5nna16Wor2Ewf1q1DRdictMZPGm6nsOXnYQ+yk8OL5iLie1oMahx1roGGetMtpDSeuPWTnKN2Pct4Cp0x5d8o6980h0xFnImIq/RwQ6epQG1+ET8eRrnIAAADwjPrkzklHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+e9P3/WVpqaR0zkZXf/98o96XyKbRy6Jb3nmocAAAAAAAAADAeX3kYD2M7zpbb7az4nf+lYuN8fN6O+EK8H3djLTbjSmzHamzFVmzGfERM9w3U2F7d2tqc7/bMVfdcqOy5kP66AAAAAAAAAAA4jp9Hs/f7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA2yiInOqljOp3VMR63eaxKxE/H3iGicaLBHk1XtvDf+OAAAAOCxTB2jzwsP42Fsx9lyu50Vr/m/WLxenor3YyO2Yj22ohVrcSO9hs5f9df2dhdbe7uLt/Ml3x4c91v/PlIYjTTCRLHVPfI/vv/f19KRLxYtmnEz1os9V+J6lre+EbXOsS9HXCzj6Yurz4d5TNk3k0NGVk9pzR/5b0e9i/BEHP6tiGZZKN6SKTMyl2LLs3Guk4GseKMmYn8mDnp2vtcduGu6GHWye6T5qHXf+Tlf5rpeOdqxcn4mrfPH86unmvOj6maiFkUmFsrZl58zB8++iK/++Q9v32ptvHvr5t3Z0/OQHmFixP79c2KxLxMvP9OZqJ7Io80VmbjQ3b4W340fxmzMxJuxWVuPH8VqbMVatFP9aprP+f/TB2dqZWDrzUdF0kjPS+c5GxlT9GKaie8UpdW4VPQ9G+uRxZ24EWvxevFvIeYbX4ulWIrlvmf4wsi4i8dWnPW1/Wd9+Uz/pTL4y6+lm0h+dft17yrXzUGzotOo2fmkdK79eV7P9eW1M+sfdFud6zsP5vqy9GKZncnKwY9zbax/KRXyY/xi+L57gqZTJvITqLxLlNG91MlEvbgXDc/z37XzftHaaLdvrb43YvydfduvpnU+rXa//KjWpeqn4snK58uLMZWuJIOzI697qXuV6atr9+Zyp27wjpv3u1DUZVl5pv4g7hQToHumRnmmNtLPcMMjLRR1L1fWLRZ1F/vqmnFzMsqft+JOtOLGGPIHwHH87e1ucTrONJr/an7S/Lj5y+at5htT337u68+90ojJv05+oz438WrtlexP8XH8tPf6HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL67H/z43dVWa21zsDCVCrXhqspCM/bvGTXyiEKWvtDnaL1Ob2EqIgb2FN9zNPYwmvvDGCq0fxYx9vyUXyJY3eY3eaE+NKOqCisDe/44POCHR4wwO/i8GEOhFuM96ERUT4ATvCgBY3F16/Z7V+9+8M8X1m+vvrP2ztrG5NLS8tzy0uuLV2+ut9bmOv+fdJTA09C76Z90JAAAAAAAAAAAAMBhVX0w4NLzj/rQyKE+49H3l4WNk36YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDPs2mzU70UW83NX5vLtvd3FVr6U5V7LekTUahHZTyKy+xEr0Vlium+4LH5/P9oVx/loffmtTx/sfdYbq95pH1FL69EOro2InbTETERMpPVjGBjv+mOPl/2nfAx5wj5vt9srjxcfPBn/CwAA//9C5fIZ")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000440)=@newtaction={0xac, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x98, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x516, 0xe4, 0x20000000, 0x7fc00, 0x2}, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xac}}, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket(0x1d, 0x2, 0x6)
bind$inet(r6, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10)
r7 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18)
ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f00000000c0))

12.11524224s ago: executing program 2 (id=909):
socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
unshare(0x400)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffc, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad}, 0x0, 0x0)

12.045432177s ago: executing program 1 (id=911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

11.91622054s ago: executing program 2 (id=913):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x18, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000, @void, @value}, 0x94)
recvfrom$inet6(r5, &(0x7f0000000000)=""/42, 0x2a, 0x0, 0x0, 0x0)

11.915805506s ago: executing program 8 (id=914):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee9, 0x12, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000005800)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000640)=""/194, 0xc2}, {&(0x7f0000000740)=""/210, 0xd2}], 0x2, &(0x7f0000000880)=""/194, 0xc2}, 0x80000000}, {{&(0x7f0000000980)=@xdp, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a00)=""/98, 0x62}, {&(0x7f0000000a80)=""/42, 0x2a}], 0x2}, 0x4}, {{&(0x7f0000000b00)=@xdp, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000b80)=""/203, 0xcb}, {&(0x7f0000000c80)=""/6, 0x6}, {&(0x7f0000000cc0)=""/154, 0x9a}, {&(0x7f0000000d80)=""/22, 0x16}, {&(0x7f0000000dc0)=""/244, 0xf4}], 0x5, &(0x7f0000000f40)=""/161, 0xa1}, 0x4}, {{&(0x7f0000001000)=@ll, 0x80, &(0x7f00000011c0)=[{&(0x7f0000001080)=""/82, 0x52}, {&(0x7f0000001100)=""/26, 0x1a}, {&(0x7f0000001140)=""/51, 0x33}, {&(0x7f0000001180)=""/44, 0x2c}], 0x4, &(0x7f0000001200)=""/214, 0xd6}, 0x3}, {{&(0x7f0000001300)=@xdp, 0x80, &(0x7f0000001540)=[{&(0x7f0000001380)=""/111, 0x6f}, {&(0x7f0000001400)=""/27, 0x1b}, {&(0x7f0000001440)=""/177, 0xb1}, {&(0x7f0000001500)=""/4, 0x4}], 0x4, &(0x7f0000001580)}, 0x5}, {{&(0x7f00000015c0)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000001640)=""/251, 0xfb}, {&(0x7f0000001740)=""/150, 0x96}, {&(0x7f0000001800)=""/228, 0xe4}], 0x3, &(0x7f0000001940)=""/222, 0xde}, 0x37}, {{&(0x7f0000001a40)=@nfc, 0x80, &(0x7f0000001ec0)=[{&(0x7f0000001ac0)=""/7, 0x7}, {&(0x7f0000001b00)=""/70, 0x46}, {&(0x7f0000001b80)=""/178, 0xb2}, {&(0x7f0000001c40)=""/9, 0x9}, {&(0x7f0000001c80)=""/249, 0xf9}, {&(0x7f0000001d80)=""/27, 0x1b}, {&(0x7f0000001dc0)=""/73, 0x49}, {&(0x7f0000001e40)=""/102, 0x66}], 0x8, &(0x7f0000001f40)=""/189, 0xbd}, 0x10000}, {{&(0x7f0000002000)=@l2tp={0x2, 0x0, @initdev}, 0x80, &(0x7f00000043c0)=[{&(0x7f0000002080)=""/78, 0x4e}, {&(0x7f0000002100)=""/34, 0x22}, {&(0x7f0000002140)=""/4096, 0x1000}, {&(0x7f0000003140)=""/193, 0xc1}, {&(0x7f0000003240)=""/157, 0x9d}, {&(0x7f0000003300)=""/60, 0x3c}, {&(0x7f0000003340)=""/85, 0x55}, {&(0x7f00000033c0)=""/4096, 0x1000}], 0x8, &(0x7f0000004440)}, 0xda}, {{0x0, 0x0, &(0x7f0000004500)=[{&(0x7f0000004480)=""/116, 0x74}], 0x1, &(0x7f0000001580)=""/46, 0x2e}, 0x85e}, {{&(0x7f0000004580)=@alg, 0x80, &(0x7f0000005740)=[{&(0x7f0000004600)=""/4096, 0x1000}, {&(0x7f0000005600)=""/47, 0x2f}, {&(0x7f0000005640)=""/229, 0xe5}], 0x3, &(0x7f0000005780)=""/79, 0x4f}, 0x2}], 0xa, 0x40010143, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc0485661, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x8000000000000001, <r3=>r1, 0x80000})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r4=>0x0})
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xbc, 0xbc, 0x6, [@func_proto={0x0, 0x9, 0x0, 0xd, 0x0, [{0xf, 0x3}, {0xd}, {0x4, 0x4}, {0xf, 0x4}, {0xa, 0x4}, {0xd, 0x4}, {0x5}, {0x4, 0x5}, {0x6, 0x4}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x52, 0x0, 0x2b, 0x3}, @const={0x3, 0x0, 0x0, 0xa, 0x9}, @enum64={0xf, 0x3, 0x0, 0x13, 0x1, 0x3, [{0x805, 0xffffffff, 0xaf}, {0x1, 0x7fffffff, 0x9}, {0x9, 0x9, 0x1}]}, @restrict={0x10}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x2a, 0x0, 0x4c, 0x2}]}, {0x0, [0x27, 0x30, 0x2e, 0x2e]}}, &(0x7f0000000400)=""/237, 0xda, 0xed, 0x0, 0x1, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x9, 0x6, 0x3, 0x42000, r3, 0x2, '\x00', r4, r5, 0x2, 0x4, 0x1, 0xffffffffffffffff, @void, @value, @void, @value}, 0x50)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
socket(0x1e, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x20000000008)
waitid(0x1, r0, &(0x7f0000000500), 0x40000000, &(0x7f0000000580))
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x7d)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae8000000000a01010000000000000000050000000900010073797a3000000000ba000600e9eec003775c64e64f439fc0b5fb34bcd039590bba579a25436e11f718b64e3e01796b9e930a3d8eefa0bccf8429a311f3ce5ec5a0a7bb9e08c60e03cbcdd726725fb9b1bd1000cf2a77ab6ab91f2294632773ea59b8de2361cdd8045c5fdb81611e843cb814e4cfe672542287ebd3b2ed48dca1a08690b05bb9bbbcc05551bd05e4c6e0625fcae04323e0f29dbad3c57456d2ca020462188e1236ebe6da1442c71ab0a8ebfaacef2710111417370a0f8cd19c5f9e1a00000900010073797a300000000014010000030a01030000000000000000050000000900010073797a30000000000800054000000000af000c008451bef8928cf9ec5c3c0fca5cedf6b9ae811484cd4abbaec9eba3118a64f7b105ab0e5c8e377ddaf98490703415da6a50c72a1434c93ef4daa32cd2b643c4ab99e8adc29f67b58cd27b71b30213e6acd60b8fa2190c3fd64f382e41b97f4b12379ce9470cbfdb02cc2a2d8e0e7aec144e2df705b37b99cafc9b141b0f3176897eba9802e14cc423ecff994b4ff320f5786bd4fba343449446d922b94ac3f8621197db4c2dc061e9278f5a000900030073797a32000000000b00070066696c746572000024000480080002406b10a6210800014000000004080002404e73b858080001400000000014000000020a030000000000000000000500000014000000110001"], 0x238}}, 0x0)
close(r7)

11.897411573s ago: executing program 1 (id=915):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r3, &(0x7f0000000740), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fanotify_init(0x8, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c0"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x8c, 0x24, 0x100, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0x4}, {0xffff, 0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x10, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0xff, 0x0, 0xd, 0x3], 0x0, [0x7f, 0x4, 0x2, 0x0, 0x8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x106], [0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0xfffe]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d387c9201200000000000000080000000000600", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)

10.159214028s ago: executing program 2 (id=916):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000000)=0xff31, 0xc0000)
r1 = syz_open_dev$vbi(&(0x7f0000002100), 0x1, 0x2)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
fchmod(r2, 0x183)
sched_setaffinity(r3, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x1f4, 0xfffffffffffffce6, 0x0, &(0x7f0000000100)="ff412f66b0833efc792e968781", 0x0, 0x6, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff80fe}, 0x50)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$phonet_pipe(0x23, 0x5, 0x2)

10.036321581s ago: executing program 9 (id=917):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, &(0x7f0000000280))
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000180)=<r2=>0x0)
syz_open_procfs(r2, &(0x7f0000000300)='net/netlink\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x9c}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

9.93053769s ago: executing program 8 (id=918):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80842, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c010000", @ANYRES16=r4, @ANYBLOB="671d00000000ffdbe325460000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f0001000000000000000c009000fcff7b00000000000e0001006e037464657673696d0000000f0002006e657464657673696d30000008008e00020000000c008f0005000000000000000c0090000500000000000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000cb598fa41040ccb829b071f008f0002000000000000000c0090000f000000000000000e0001006e657464657673696d0000000f0002006e657464657673696d30110008008e00020000000c008f00ffffff28d1000000000000000900000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0009557035000000001000000c00900007000000000000088c94e246545cb6349f788b5907e677553247f32ae54980f76056bdf3a59a2e"], 0x14c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4000810)
fcntl$getownex(r2, 0x10, &(0x7f0000000180))
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000841, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)

7.170662133s ago: executing program 1 (id=919):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x400dc05)

7.168297364s ago: executing program 2 (id=920):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000240), 0x57, 0x200002)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x8080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x100, 0xb, 0x3d5, 0x0, r3})
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x500, 0x40420f00}}}, 0x90)

5.314178151s ago: executing program 8 (id=921):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0xa0}}, 0xa0}}, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(0x0, 0x0)
syz_pidfd_open(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x14, 0x20, 0x301, 0x0, 0x0, {0x1}}, 0x14}}, 0x0)

4.628514187s ago: executing program 6 (id=923):
socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
unshare(0x400)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffc, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad}, 0x0, 0x0)

4.628062474s ago: executing program 1 (id=924):
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = io_uring_setup(0x1892, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000280)=""/239, 0xef)

3.776862483s ago: executing program 6 (id=925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.774751673s ago: executing program 2 (id=926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x18, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000, @void, @value}, 0x94)
recvfrom$inet6(r5, &(0x7f0000000000)=""/42, 0x2a, 0x0, 0x0, 0x0)

3.774222732s ago: executing program 8 (id=927):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002900)='./file0\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6f0, &(0x7f0000004540)="$eJzs3c1rHOcZAPBnVquN1g2OnNiNKSkVNqQBga0PlFa9VC2luDSUkB5yFrYci6zlICtFKaVV2tKeCj3kD0gLuvVQCr27uJde0lsOhaJjoNCLKdTksmVm39kP7awsyfZKpr+fGc87837Ms8++M6NdadkA/m9dm436vcji2uwb2/n23u5ia2938blU3YqIvFyLqHdWkW1EZPcjVvL6rG+JvvWQj9aX3/r0wd5nna16Wor2Ewf1q1DRdictMZPGm6nsOXnYQ+yk8OL5iLie1oMahx1roGGetMtpDSeuPWTnKN2Pct4Cp0x5d8o6980h0xFnImIq/RwQ6epQG1+ET8eRrnIAAADwjPrkzklHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+e9P3/WVpqaR0zkZXf/98o96XyKbRy6Jb3nmocAAAAAAAAADAeX3kYD2M7zpbb7az4nf+lYuN8fN6O+EK8H3djLTbjSmzHamzFVmzGfERM9w3U2F7d2tqc7/bMVfdcqOy5kP66AAAAAAAAAAA4jp9Hs/f7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA2yiInOqljOp3VMR63eaxKxE/H3iGicaLBHk1XtvDf+OAAAAOCxTB2jzwsP42Fsx9lyu50Vr/m/WLxenor3YyO2Yj22ohVrcSO9hs5f9df2dhdbe7uLt/Ml3x4c91v/PlIYjTTCRLHVPfI/vv/f19KRLxYtmnEz1os9V+J6lre+EbXOsS9HXCzj6Yurz4d5TNk3k0NGVk9pzR/5b0e9i/BEHP6tiGZZKN6SKTMyl2LLs3Guk4GseKMmYn8mDnp2vtcduGu6GHWye6T5qHXf+Tlf5rpeOdqxcn4mrfPH86unmvOj6maiFkUmFsrZl58zB8++iK/++Q9v32ptvHvr5t3Z0/OQHmFixP79c2KxLxMvP9OZqJ7Io80VmbjQ3b4W340fxmzMxJuxWVuPH8VqbMVatFP9aprP+f/TB2dqZWDrzUdF0kjPS+c5GxlT9GKaie8UpdW4VPQ9G+uRxZ24EWvxevFvIeYbX4ulWIrlvmf4wsi4i8dWnPW1/Wd9+Uz/pTL4y6+lm0h+dft17yrXzUGzotOo2fmkdK79eV7P9eW1M+sfdFud6zsP5vqy9GKZncnKwY9zbax/KRXyY/xi+L57gqZTJvITqLxLlNG91MlEvbgXDc/z37XzftHaaLdvrb43YvydfduvpnU+rXa//KjWpeqn4snK58uLMZWuJIOzI697qXuV6atr9+Zyp27wjpv3u1DUZVl5pv4g7hQToHumRnmmNtLPcMMjLRR1L1fWLRZ1F/vqmnFzMsqft+JOtOLGGPIHwHH87e1ucTrONJr/an7S/Lj5y+at5htT337u68+90ojJv05+oz438WrtlexP8XH8tPf6HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL67H/z43dVWa21zsDCVCrXhqspCM/bvGTXyiEKWvtDnaL1Ob2EqIgb2FN9zNPYwmvvDGCq0fxYx9vyUXyJY3eY3eaE+NKOqCisDe/44POCHR4wwO/i8GEOhFuM96ERUT4ATvCgBY3F16/Z7V+9+8M8X1m+vvrP2ztrG5NLS8tzy0uuLV2+ut9bmOv+fdJTA09C76Z90JAAAAAAAAAAAAMBhVX0w4NLzj/rQyKE+49H3l4WNk36YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDPs2mzU70UW83NX5vLtvd3FVr6U5V7LekTUahHZTyKy+xEr0Vlium+4LH5/P9oVx/loffmtTx/sfdYbq95pH1FL69EOro2InbTETERMpPVjGBjv+mOPl/2nfAx5wj5vt9srjxcfPBn/CwAA//9C5fIZ")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000440)=@newtaction={0xac, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x98, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x516, 0xe4, 0x20000000, 0x7fc00, 0x2}, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xac}}, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket(0x1d, 0x2, 0x6)
bind$inet(r6, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10)
r7 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18)
ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f00000000c0))

3.728196223s ago: executing program 9 (id=928):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(0x0)
r4 = syz_io_uring_setup(0x3a24, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, &(0x7f0000000400)="929a775c663f947979b88bafdc67bc877fb216e145578909651d9cb9d620520428cd9d4fd17b0e80ba61e01fe45464ff3114cd5aa2ceacb015276b5f20cf", 0x3e, 0x40002020})
io_uring_enter(r4, 0x3517, 0x173d, 0x42, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
socket$inet6(0xa, 0x2, 0x0)
r7 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r7, &(0x7f0000000380)=[{&(0x7f0000000040)=""/11, 0xb}], 0x1)

3.608095807s ago: executing program 6 (id=929):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xb423, 0x0, 0x5, 0x199}, &(0x7f0000000340)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r0, 0x0, 0x0, 0x0, 0x80800})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000540)=0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(0xffffffffffffffff, 0x40045702, &(0x7f0000000000))
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="8250000001000000280012800b0001006272696467650000180002800a459b02943eabaf06aabae64aae6f5c00140001"], 0x48}}, 0x0)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={r3, 0xca4, 0x80000001, 0xfffffffd}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000100000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

1.454691231s ago: executing program 8 (id=930):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r3, &(0x7f0000000740), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fanotify_init(0x8, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c0"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x8c, 0x24, 0x100, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0x4}, {0xffff, 0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x10, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0xff, 0x0, 0xd, 0x3], 0x0, [0x7f, 0x4, 0x2, 0x0, 0x8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x106], [0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0xfffe]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d387c9201200000000000000080000000000600", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)

1.449182624s ago: executing program 6 (id=931):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee9, 0x12, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000005800)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000640)=""/194, 0xc2}, {&(0x7f0000000740)=""/210, 0xd2}], 0x2, &(0x7f0000000880)=""/194, 0xc2}, 0x80000000}, {{&(0x7f0000000980)=@xdp, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a00)=""/98, 0x62}, {&(0x7f0000000a80)=""/42, 0x2a}], 0x2}, 0x4}, {{&(0x7f0000000b00)=@xdp, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000b80)=""/203, 0xcb}, {&(0x7f0000000c80)=""/6, 0x6}, {&(0x7f0000000cc0)=""/154, 0x9a}, {&(0x7f0000000d80)=""/22, 0x16}, {&(0x7f0000000dc0)=""/244, 0xf4}], 0x5, &(0x7f0000000f40)=""/161, 0xa1}, 0x4}, {{&(0x7f0000001000)=@ll, 0x80, &(0x7f00000011c0)=[{&(0x7f0000001080)=""/82, 0x52}, {&(0x7f0000001100)=""/26, 0x1a}, {&(0x7f0000001140)=""/51, 0x33}, {&(0x7f0000001180)=""/44, 0x2c}], 0x4, &(0x7f0000001200)=""/214, 0xd6}, 0x3}, {{&(0x7f0000001300)=@xdp, 0x80, &(0x7f0000001540)=[{&(0x7f0000001380)=""/111, 0x6f}, {&(0x7f0000001400)=""/27, 0x1b}, {&(0x7f0000001440)=""/177, 0xb1}, {&(0x7f0000001500)=""/4, 0x4}], 0x4, &(0x7f0000001580)}, 0x5}, {{&(0x7f00000015c0)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000001640)=""/251, 0xfb}, {&(0x7f0000001740)=""/150, 0x96}, {&(0x7f0000001800)=""/228, 0xe4}], 0x3, &(0x7f0000001940)=""/222, 0xde}, 0x37}, {{&(0x7f0000001a40)=@nfc, 0x80, &(0x7f0000001ec0)=[{&(0x7f0000001ac0)=""/7, 0x7}, {&(0x7f0000001b00)=""/70, 0x46}, {&(0x7f0000001b80)=""/178, 0xb2}, {&(0x7f0000001c40)=""/9, 0x9}, {&(0x7f0000001c80)=""/249, 0xf9}, {&(0x7f0000001d80)=""/27, 0x1b}, {&(0x7f0000001dc0)=""/73, 0x49}, {&(0x7f0000001e40)=""/102, 0x66}], 0x8, &(0x7f0000001f40)=""/189, 0xbd}, 0x10000}, {{&(0x7f0000002000)=@l2tp={0x2, 0x0, @initdev}, 0x80, &(0x7f00000043c0)=[{&(0x7f0000002080)=""/78, 0x4e}, {&(0x7f0000002100)=""/34, 0x22}, {&(0x7f0000002140)=""/4096, 0x1000}, {&(0x7f0000003140)=""/193, 0xc1}, {&(0x7f0000003240)=""/157, 0x9d}, {&(0x7f0000003300)=""/60, 0x3c}, {&(0x7f0000003340)=""/85, 0x55}, {&(0x7f00000033c0)=""/4096, 0x1000}], 0x8, &(0x7f0000004440)}, 0xda}, {{0x0, 0x0, &(0x7f0000004500)=[{&(0x7f0000004480)=""/116, 0x74}], 0x1, &(0x7f0000001580)=""/46, 0x2e}, 0x85e}, {{&(0x7f0000004580)=@alg, 0x80, &(0x7f0000005740)=[{&(0x7f0000004600)=""/4096, 0x1000}, {&(0x7f0000005600)=""/47, 0x2f}, {&(0x7f0000005640)=""/229, 0xe5}], 0x3, &(0x7f0000005780)=""/79, 0x4f}, 0x2}], 0xa, 0x40010143, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc0485661, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x8000000000000001, <r3=>r1, 0x80000})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r4=>0x0})
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xbc, 0xbc, 0x6, [@func_proto={0x0, 0x9, 0x0, 0xd, 0x0, [{0xf, 0x3}, {0xd}, {0x4, 0x4}, {0xf, 0x4}, {0xa, 0x4}, {0xd, 0x4}, {0x5}, {0x4, 0x5}, {0x6, 0x4}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x52, 0x0, 0x2b, 0x3}, @const={0x3, 0x0, 0x0, 0xa, 0x9}, @enum64={0xf, 0x3, 0x0, 0x13, 0x1, 0x3, [{0x805, 0xffffffff, 0xaf}, {0x1, 0x7fffffff, 0x9}, {0x9, 0x9, 0x1}]}, @restrict={0x10}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x2a, 0x0, 0x4c, 0x2}]}, {0x0, [0x27, 0x30, 0x2e, 0x2e]}}, &(0x7f0000000400)=""/237, 0xda, 0xed, 0x0, 0x1, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x9, 0x6, 0x3, 0x42000, r3, 0x2, '\x00', r4, r5, 0x2, 0x4, 0x1, 0xffffffffffffffff, @void, @value, @void, @value}, 0x50)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
socket(0x1e, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x20000000008)
waitid(0x1, r0, &(0x7f0000000500), 0x40000000, &(0x7f0000000580))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae8000000000a01010000000000000000050000000900010073797a3000000000ba000600e9eec003775c64e64f439fc0b5fb34bcd039590bba579a25436e11f718b64e3e01796b9e930a3d8eefa0bccf8429a311f3ce5ec5a0a7bb9e08c60e03cbcdd726725fb9b1bd1000cf2a77ab6ab91f2294632773ea59b8de2361cdd8045c5fdb81611e843cb814e4cfe672542287ebd3b2ed48dca1a08690b05bb9bbbcc05551bd05e4c6e0625fcae04323e0f29dbad3c57456d2ca020462188e1236ebe6da1442c71ab0a8ebfaacef2710111417370a0f8cd19c5f9e1a00000900010073797a300000000014010000030a01030000000000000000050000000900010073797a30000000000800054000000000af000c008451bef8928cf9ec5c3c0fca5cedf6b9ae811484cd4abbaec9eba3118a64f7b105ab0e5c8e377ddaf98490703415da6a50c72a1434c93ef4daa32cd2b643c4ab99e8adc29f67b58cd27b71b30213e6acd60b8fa2190c3fd64f382e41b97f4b12379ce9470cbfdb02cc2a2d8e0e7aec144e2df705b37b99cafc9b141b0f3176897eba9802e14cc423ecff994b4ff320f5786bd4fba343449446d922b94ac3f8621197db4c2dc061e9278f5a000900030073797a32000000000b00070066696c746572000024000480080002406b10a6210800014000000004080002404e73b858080001400000000014000000020a030000000000000000000500000014000000110001"], 0x238}}, 0x0)
close(r8)

1.229396946s ago: executing program 2 (id=932):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(0x0)
r4 = syz_io_uring_setup(0x3a24, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, &(0x7f0000000400)="929a775c663f947979b88bafdc67bc877fb216e145578909651d9cb9d620520428cd9d4fd17b0e80ba61e01fe45464ff3114cd5aa2ceacb015276b5f20cf", 0x3e, 0x40002020})
io_uring_enter(r4, 0x3517, 0x173d, 0x42, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
socket$inet6(0xa, 0x2, 0x0)
write$apparmor_exec(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="737461636b203a007e1c2d901405008f51686a1b04e567ccd50b2dc767809e2f197b5315feba4faee17a2cde2d8f4b4e866793e4feae2f90d85e0514e7a963283044375bcc42e1599905aeba00c4083184d608b0f09a98853bff5571393aafa283347d02b9b1857f78e6278c893827656ade3b2b0a31d415f951ac77cf539a90f32ded6b74ed100700f19499e13f10dac7ed5b000000000000000000000000000000007a5f4b20a1ecda0c5d67abc882ae845e019b03"], 0xb3)
readv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000040)=""/11, 0xb}], 0x1)

1.120166057s ago: executing program 1 (id=933):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000240), 0x57, 0x200002)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x8080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x100, 0xb, 0x3d5, 0x0, r3})
r4 = io_uring_setup(0x2c49, &(0x7f0000000400))
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000180), 0x0)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x500, 0x40420f00}}}, 0x90)

1.011187904s ago: executing program 6 (id=934):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_TTY(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x3ec, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x10}, 0x1, 0x0, 0x0, 0x4080}, 0x20048810)

0s ago: executing program 6 (id=935):
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
unshare(0x400)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffc, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

][ T5835] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /24/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  120.887968][    T9] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  120.909556][ T5835] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  120.950691][ T5835] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /24/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  120.993016][ T5835] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  121.050686][ T5835] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /24/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  121.085603][ T5835] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  121.120197][    T9] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  121.139842][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  121.176320][ T5835] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /24/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  121.198435][   T48] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  121.218759][    T9] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.255707][ T6491] loop3: detected capacity change from 0 to 8
[  121.258167][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  121.288032][ T5835] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  121.309426][ T6491] SQUASHFS error: zlib decompression failed, data probably corrupt
[  121.318296][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  121.348271][ T6491] SQUASHFS error: Failed to read block 0x9b: -5
[  121.352811][    T9] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  121.362326][   T48] usb 6-1: config 8 has an invalid interface number: 102 but max is 0
[  121.371179][ T5835] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /24/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  121.392827][   T48] usb 6-1: config 8 has no interface number 0
[  121.392869][   T48] usb 6-1: config 8 interface 102 has no altsetting 0
[  121.393537][ T6491] SQUASHFS error: Unable to read metadata cache entry [99]
[  121.428380][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  121.434845][   T48] usb 6-1: New USB device found, idVendor=0b95, idProduct=2790, bcdDevice=e5.4e
[  121.448789][    T9] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.448820][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  121.448840][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  121.472652][    T9] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  121.490234][ T6491] SQUASHFS error: Unable to read inode 0x127
[  121.496570][ T5835] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  121.536834][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  121.580900][    T9] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.587082][   T48] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.603690][   T48] usb 6-1: Product: syz
[  121.607892][   T48] usb 6-1: Manufacturer: syz
[  121.613451][   T48] usb 6-1: SerialNumber: syz
[  121.759710][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  121.783244][    T9] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  122.324643][   T48] usb 6-1: USB disconnect, device number 3
[  122.406136][    T9] usb 2-1: string descriptor 0 read error: -22
[  122.412722][    T9] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  122.421854][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.446118][    T9] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  122.703154][ T6501] loop3: detected capacity change from 0 to 4096
[  122.749059][ T6501] EXT4-fs (loop3): Test dummy encryption mode enabled
[  122.769594][ T6501] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  122.789023][ T6501] System zones: 0-5
[  122.830501][ T6501] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.076224][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.229428][ T6514] hub 1-0:1.0: USB hub found
[  123.243652][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.259478][ T6514] hub 1-0:1.0: 1 port detected
[  123.451147][   T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.585829][ T6512] loop5: detected capacity change from 0 to 4096
[  123.671511][ T6512] EXT4-fs (loop5): Test dummy encryption mode enabled
[  123.703020][ T6512] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  123.729933][   T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.751870][ T5956] usb 2-1: USB disconnect, device number 4
[  123.800162][ T6512] System zones: 0-5
[  123.831191][ T6512] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.916025][ T6512] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  124.031617][   T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.250096][   T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.320447][   T30] audit: type=1326 audit(1750753072.343:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="syz.1.126" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f03ebd8e929 code=0x0
[  124.436125][ T6535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.126'.
[  124.472962][ T6535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.126'.
[  124.502471][ T6052] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.892562][   T59] bridge_slave_1: left allmulticast mode
[  126.912892][   T59] bridge_slave_1: left promiscuous mode
[  126.939708][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.334067][   T59] bridge_slave_0: left allmulticast mode
[  127.366292][   T59] bridge_slave_0: left promiscuous mode
[  127.378789][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.419250][ T6565] loop5: detected capacity change from 0 to 512
[  127.449987][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  127.465198][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  127.482381][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  127.493977][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  127.497735][ T6565] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.527785][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  127.588760][ T6565] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.821377][ T6052] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.427136][ T6590] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  129.603697][ T5843] Bluetooth: hci3: command tx timeout
[  130.070068][ T5895] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  130.251911][ T5895] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  130.273705][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  130.285224][ T5895] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  130.304859][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  130.324124][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  130.359560][ T5895] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  130.372080][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  130.388342][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  130.410731][ T5895] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  130.423947][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  130.443421][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  130.463863][   T59] bond0 (unregistering): Released all slaves
[  130.478219][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  130.501029][ T5895] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  130.515307][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  130.587158][ T5895] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  130.623890][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  130.658495][ T5895] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  130.712529][ T5895] usb 6-1: string descriptor 0 read error: -22
[  130.719300][ T5895] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  130.754305][ T5895] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.817227][ T5895] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  131.678614][ T5843] Bluetooth: hci3: command tx timeout
[  133.141289][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.147722][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.182536][    T9] usb 6-1: USB disconnect, device number 4
[  133.967138][ T5843] Bluetooth: hci3: command tx timeout
[  134.178278][   T59] hsr_slave_0: left promiscuous mode
[  134.235519][   T59] hsr_slave_1: left promiscuous mode
[  134.252296][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.265754][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.294717][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.319628][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.416433][   T59] veth1_macvtap: left promiscuous mode
[  134.446016][   T59] veth0_macvtap: left promiscuous mode
[  134.632567][   T59] veth1_vlan: left promiscuous mode
[  134.638669][   T59] veth0_vlan: left promiscuous mode
[  134.998924][ T6669] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[  135.839002][ T5956] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  135.862000][ T6679] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.172' sets config #0
[  135.874096][ T6679] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.172' sets config #1
[  136.000063][ T5843] Bluetooth: hci3: command tx timeout
[  136.010602][ T5956] usb 3-1: config 193 has an invalid interface number: 8 but max is 0
[  136.059392][ T5895] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  136.114905][ T6683] loop5: detected capacity change from 0 to 512
[  136.306192][ T6683] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.319220][ T6683] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.966577][ T5956] usb 3-1: config 193 has an invalid descriptor of length 0, skipping remainder of the config
[  136.977895][ T5956] usb 3-1: config 193 has no interface number 0
[  136.984477][ T5956] usb 3-1: config 193 interface 8 altsetting 239 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  136.995697][ T5956] usb 3-1: config 193 interface 8 altsetting 239 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  137.010500][ T5956] usb 3-1: config 193 interface 8 has no altsetting 0
[  137.164201][   T59] team0 (unregistering): Port device team_slave_1 removed
[  137.233842][   T59] team0 (unregistering): Port device team_slave_0 removed
[  137.936045][ T5956] usb 3-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=57.23
[  137.945347][ T5956] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.953439][ T5956] usb 3-1: Product: syz
[  137.957613][ T5956] usb 3-1: Manufacturer: syz
[  137.962267][ T5956] usb 3-1: SerialNumber: syz
[  138.009851][ T6052] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.049704][ T5895] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  138.084220][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  138.151860][ T5895] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  138.155201][ T6566] chnl_net:caif_netlink_parms(): no params data found
[  138.194730][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  138.209740][ T5956] net1080 3-1:193.8: probe with driver net1080 failed with error -22
[  138.244943][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  138.278424][ T5956] usb 3-1: USB disconnect, device number 2
[  138.303686][ T5895] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  138.329856][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  138.356197][ T5895] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  138.396355][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  138.446466][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  138.489669][ T5895] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  138.515825][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  138.535752][ T5895] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  138.562030][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  138.589152][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  138.658178][ T5895] usb 2-1: string descriptor 0 read error: -22
[  138.664497][ T5895] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  138.690993][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.734749][ T5895] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  138.835108][ T5895] usb 2-1: USB disconnect, device number 5
[  139.187246][ T6716] bridge0: port 3(syz_tun) entered blocking state
[  139.242908][ T6716] bridge0: port 3(syz_tun) entered disabled state
[  139.289564][ T6716] syz_tun: entered allmulticast mode
[  139.337417][ T6716] syz_tun: entered promiscuous mode
[  139.365434][ T6716] bridge0: port 3(syz_tun) entered blocking state
[  139.372034][ T6716] bridge0: port 3(syz_tun) entered forwarding state
[  139.704269][ T6566] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.741714][ T6566] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.764317][ T6566] bridge_slave_0: entered allmulticast mode
[  139.776532][ T6566] bridge_slave_0: entered promiscuous mode
[  139.787731][ T6566] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.923141][ T6735] loop5: detected capacity change from 0 to 1024
[  140.396899][ T6566] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.436329][ T6566] bridge_slave_1: entered allmulticast mode
[  140.456223][ T6737] syz.1.186 uses obsolete (PF_INET,SOCK_PACKET)
[  140.461224][ T6566] bridge_slave_1: entered promiscuous mode
[  140.480575][ T6739] loop2: detected capacity change from 0 to 8
[  140.563771][ T6739] SQUASHFS error: zlib decompression failed, data probably corrupt
[  140.590118][ T6739] SQUASHFS error: Failed to read block 0x9b: -5
[  140.609918][ T6739] SQUASHFS error: Unable to read metadata cache entry [99]
[  140.627609][ T6739] SQUASHFS error: Unable to read inode 0x127
[  140.635588][ T5956] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  140.658626][ T6566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.707152][ T6566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.868481][ T5956] usb 6-1: Using ep0 maxpacket: 16
[  140.892810][ T5956] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.040090][ T6749] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  141.251725][ T6566] team0: Port device team_slave_0 added
[  141.684709][ T5956] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.861593][ T6566] team0: Port device team_slave_1 added
[  141.929208][ T5956] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  141.954001][ T5956] usb 6-1: config 0 interface 0 has no altsetting 0
[  141.961982][ T5956] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  141.989566][ T5956] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.053685][ T5956] usb 6-1: config 0 descriptor??
[  142.326903][ T6566] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.351547][ T6566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.384200][ T6768] loop2: detected capacity change from 0 to 4096
[  142.400157][ T6768] EXT4-fs (loop2): Test dummy encryption mode enabled
[  142.423312][ T6566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.462891][ T6768] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  142.485176][ T6768] System zones: 0-5
[  142.492642][ T6566] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.514132][ T6566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.517568][ T6768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.572158][ T6566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.806979][ T6566] hsr_slave_0: entered promiscuous mode
[  142.975429][ T6566] hsr_slave_1: entered promiscuous mode
[  143.066072][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.948778][ T6793] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  144.285509][ T6796] loop2: detected capacity change from 0 to 512
[  144.366802][ T6796] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.502161][ T5956] usbhid 6-1:0.0: can't add hid device: -71
[  144.517859][ T6796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.539835][ T5956] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  144.696048][ T6796] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.708456][ T5956] usb 6-1: USB disconnect, device number 5
[  144.941476][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.090290][ T6807] ieee802154 phy0 wpan0: encryption failed: -22
[  145.097018][ T6807] ieee802154 phy0 wpan0: encryption failed: -22
[  145.128281][    T9] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  145.168632][ T5902] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  145.225232][ T6566] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  145.273711][ T6566] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  145.305169][ T6566] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  145.326865][ T6566] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  145.345147][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.358381][ T5902] usb 6-1: Using ep0 maxpacket: 8
[  145.389856][    T9] usb 2-1: New USB device found, idVendor=056a, idProduct=0031, bcdDevice= 0.00
[  145.410038][ T5902] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  145.442941][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.463784][ T5902] usb 6-1: config 0 interface 0 has no altsetting 0
[  145.481031][    T9] usb 2-1: config 0 descriptor??
[  145.494352][ T5902] usb 6-1: New USB device found, idVendor=046d, idProduct=c286, bcdDevice= 0.00
[  145.512514][ T5902] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.554430][ T5902] usb 6-1: config 0 descriptor??
[  145.784078][ T6566] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.866331][ T6566] 8021q: adding VLAN 0 to HW filter on device team0
[  145.923352][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.930960][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.950019][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  145.956094][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  145.980570][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.987823][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.010924][    T9] usb 2-1: USB disconnect, device number 6
[  146.121355][ T5902] logitech 0003:046D:C286.0002: hidraw0: USB HID v0.03 Device [HID 046d:c286] on usb-dummy_hcd.5-1/input0
[  146.153651][ T5902] logitech 0003:046D:C286.0002: no inputs found
[  146.660454][ T5916] hid-generic 0005:15C2:0001.0003: item fetching failed at offset 0/1
[  146.686118][ T5902] usb 6-1: USB disconnect, device number 6
[  146.700443][ T5916] hid-generic 0005:15C2:0001.0003: probe with driver hid-generic failed with error -22
[  146.786574][ T6828] fido_id[6828]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  147.341956][ T6843] loop2: detected capacity change from 0 to 128
[  147.896353][ T6843] EXT4-fs (loop2): Test dummy encryption mode enabled
[  148.275797][ T6843] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  148.289947][ T6843] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  148.355258][ T6849] Bluetooth: MGMT ver 1.23
[  148.361139][ T6849] Bluetooth: hci0: unsupported parameter 32767
[  148.405035][ T6849] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  148.647787][ T5850] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  148.833961][ T6860] ieee802154 phy0 wpan0: encryption failed: -22
[  148.848695][ T6860] ieee802154 phy0 wpan0: encryption failed: -22
[  149.025171][ T6566] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.798784][ T6875] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  150.766251][ T6883] netlink: 148 bytes leftover after parsing attributes in process `syz.1.223'.
[  152.168448][ T5902] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  152.372078][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.408269][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.462725][ T5902] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  152.502416][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.527913][ T5902] usb 3-1: config 0 descriptor??
[  152.565786][ T6901] Zero length message leads to an empty skb
[  152.938577][ T6566] veth0_vlan: entered promiscuous mode
[  152.977263][ T6566] veth1_vlan: entered promiscuous mode
[  153.111313][ T6566] veth0_macvtap: entered promiscuous mode
[  153.151331][   T30] audit: type=1326 audit(1750753101.173:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.157872][ T6566] veth1_macvtap: entered promiscuous mode
[  153.178032][ T5902] usbhid 3-1:0.0: can't add hid device: -71
[  153.198018][ T5902] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  153.246718][ T5902] usb 3-1: USB disconnect, device number 3
[  153.264946][   T30] audit: type=1326 audit(1750753101.173:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.273381][ T6566] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.345710][   T30] audit: type=1326 audit(1750753101.173:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.366069][ T6566] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.441283][   T49] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.476731][   T49] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.478340][   T30] audit: type=1326 audit(1750753101.173:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.547761][   T49] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.558572][   T30] audit: type=1326 audit(1750753101.173:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.588854][   T59] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.673546][   T30] audit: type=1326 audit(1750753101.173:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6885 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  153.806022][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.854743][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.017114][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.061910][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.088969][ T6929] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  154.140124][ T6927] loop5: detected capacity change from 0 to 1764
[  154.165523][ T6927] iso9660: Unknown parameter '00000000000000000000007'
[  154.730489][ T6939] netlink: 148 bytes leftover after parsing attributes in process `syz.2.234'.
[  155.548324][ T6947] netlink: 404 bytes leftover after parsing attributes in process `syz.6.236'.
[  156.432559][ T6954] loop2: detected capacity change from 0 to 256
[  156.586058][ T6954] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  158.530432][ T6971] loop2: detected capacity change from 0 to 256
[  158.838578][ T6974] syzkaller0: entered promiscuous mode
[  158.878286][ T6974] syzkaller0: entered allmulticast mode
[  160.277882][ T6996] loop6: detected capacity change from 0 to 4096
[  160.362534][ T6996] EXT4-fs (loop6): Test dummy encryption mode enabled
[  160.413294][ T6996] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  160.491311][ T6996] System zones: 0-5
[  160.553618][ T7004] loop2: detected capacity change from 0 to 2048
[  160.566560][ T6996] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.660825][ T7004] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.805963][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.813995][ T6999] UDF-fs: error (device loop2): udf_read_inode: (ino 1345) failed !bh
[  160.973713][ T7007] loop5: detected capacity change from 0 to 4096
[  160.996172][ T5153] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  161.005611][ T5153] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  161.022054][ T5153] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  161.037352][ T5153] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  161.053732][ T5153] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  161.067276][ T7007] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.443083][ T6052] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /35/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.489773][ T6052] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.527543][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  162.543406][ T6052] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /35/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.606027][ T6052] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.658696][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  162.690955][ T6052] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /35/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.745095][ T6052] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.842704][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  162.865521][ T6052] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /35/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.893644][ T6052] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.932856][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  162.946189][ T6052] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /35/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  162.976903][ T6052] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  163.006626][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  163.064457][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  163.099534][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  163.119535][ T5843] Bluetooth: hci5: command tx timeout
[  163.138015][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  163.155250][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  163.176696][ T6052] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  164.753224][ T7035] loop2: detected capacity change from 0 to 1024
[  164.781912][ T7035] EXT4-fs: Ignoring removed nobh option
[  164.788386][ T7035] EXT4-fs: Ignoring removed bh option
[  164.810049][ T7035] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal
[  164.892167][ T6052] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.138042][   T36] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.146079][ T7048] loop2: detected capacity change from 0 to 1024
[  165.171024][ T7047] loop6: detected capacity change from 0 to 2048
[  165.198410][ T5843] Bluetooth: hci5: command tx timeout
[  165.267629][ T5851]  loop6: p1 < > p3
[  165.313230][ T5851] loop6: p3 size 134217728 extends beyond EOD, truncated
[  165.342214][ T7048] hfsplus: xattr search failed
[  165.457646][ T7047]  loop6: p1 < > p3
[  165.490045][   T36] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.527715][ T7047] loop6: p3 size 134217728 extends beyond EOD, truncated
[  165.589171][ T5203]  loop6: p1 < > p3
[  165.618716][ T5203] loop6: p3 size 134217728 extends beyond EOD, truncated
[  165.769440][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  165.817387][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  165.862540][   T36] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.968975][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  165.990894][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  166.206635][   T36] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.217824][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  166.239373][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  166.607283][ T6803] bridge0: port 3(syz_tun) entered disabled state
[  166.690355][ T6803] syz_tun (unregistering): left allmulticast mode
[  166.718961][ T6803] syz_tun (unregistering): left promiscuous mode
[  166.725476][ T6803] bridge0: port 3(syz_tun) entered disabled state
[  167.278248][ T5843] Bluetooth: hci5: command tx timeout
[  167.402499][ T5153] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  167.417239][ T5153] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  167.434833][ T5153] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  167.463164][ T5153] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  167.485605][ T5153] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  167.683150][ T7008] chnl_net:caif_netlink_parms(): no params data found
[  169.169809][ T7109] loop2: detected capacity change from 0 to 1024
[  169.249245][ T7109] EXT4-fs (loop2): Test dummy encryption mode enabled
[  169.270130][ T7109] EXT4-fs (loop2): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  169.316047][ T7109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.340275][   T36] bridge_slave_1: left allmulticast mode
[  169.359580][ T5843] Bluetooth: hci5: command tx timeout
[  169.377355][   T36] bridge_slave_1: left promiscuous mode
[  169.385109][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.401978][   T36] bridge_slave_0: left allmulticast mode
[  169.416622][   T36] bridge_slave_0: left promiscuous mode
[  169.433696][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.543477][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.602376][ T5843] Bluetooth: hci0: command tx timeout
[  169.676175][ T7119] loop2: detected capacity change from 0 to 2048
[  169.729466][ T5837]  loop2: p1 < > p3
[  169.751732][ T5837] loop2: p3 size 134217728 extends beyond EOD, truncated
[  169.977129][ T7119]  loop2: p1 < > p3
[  169.984349][ T7119] loop2: p3 size 134217728 extends beyond EOD, truncated
[  170.099783][ T7123] loop6: detected capacity change from 0 to 8
[  170.295915][ T7123] SQUASHFS error: Unable to read inode 0x127
[  170.611411][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  170.612279][ T5845] udevd[5845]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  170.663275][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  170.672272][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  170.845620][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.863265][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.881424][   T36] bond0 (unregistering): Released all slaves
[  170.901920][ T7008] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.910022][ T7008] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.917234][ T7008] bridge_slave_0: entered allmulticast mode
[  170.929376][ T7008] bridge_slave_0: entered promiscuous mode
[  170.939543][ T7008] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.954670][ T7008] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.962564][ T7008] bridge_slave_1: entered allmulticast mode
[  170.970816][ T7008] bridge_slave_1: entered promiscuous mode
[  170.983106][ T7130] loop2: detected capacity change from 0 to 128
[  171.000378][ T7130] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  171.032166][ T7130] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.220939][ T7008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.233558][ T7008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.326501][ T7135] loop2: detected capacity change from 0 to 256
[  171.341414][ T7133] loop6: detected capacity change from 0 to 256
[  171.379764][ T7135] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  171.450781][ T7135] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  171.482912][ T7008] team0: Port device team_slave_0 added
[  171.514681][ T7135] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  171.529640][ T7008] team0: Port device team_slave_1 added
[  171.679245][ T5843] Bluetooth: hci0: command tx timeout
[  171.725313][ T7141] input: syz1 as /devices/virtual/input/input7
[  171.765505][   T30] audit: type=1326 audit(1750753119.783:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7138 comm="syz.6.293" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f840798e929 code=0x0
[  171.849211][ T7008] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.866883][ T7008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.896018][ T7008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.912578][ T7008] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.932797][ T7008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.960768][ T7008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.993118][   T36] hsr_slave_0: left promiscuous mode
[  172.006458][   T36] hsr_slave_1: left promiscuous mode
[  172.013165][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.022662][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.063108][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.072337][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.107379][   T36] veth1_macvtap: left promiscuous mode
[  172.113973][   T36] veth0_macvtap: left promiscuous mode
[  172.125728][   T36] veth1_vlan: left promiscuous mode
[  172.131991][   T36] veth0_vlan: left promiscuous mode
[  172.136051][ T5956] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  172.308272][ T5956] usb 3-1: Using ep0 maxpacket: 8
[  172.327957][ T5956] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.339040][ T5956] usb 3-1: config 0 has no interfaces?
[  172.344670][ T5956] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  172.355829][ T5956] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.370452][ T5956] usb 3-1: config 0 descriptor??
[  172.576747][ T7149] futex_wake_op: syz.6.296 tries to shift op by 32; fix this program
[  172.594527][   T48] usb 3-1: USB disconnect, device number 4
[  172.853496][   T36] team0 (unregistering): Port device team_slave_1 removed
[  172.937662][   T36] team0 (unregistering): Port device team_slave_0 removed
[  173.016813][ T7153] loop6: detected capacity change from 0 to 128
[  173.043048][ T7153] EXT4-fs (loop6): Test dummy encryption mode enabled
[  173.234314][ T7153] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.254288][ T7153] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  173.760703][ T5843] Bluetooth: hci0: command tx timeout
[  174.498478][ T7162] loop2: detected capacity change from 0 to 2048
[  174.527720][ T7162] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.578522][ T7173] loop2: detected capacity change from 0 to 4096
[  175.600519][ T7173] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  175.878433][ T5843] Bluetooth: hci0: command tx timeout
[  176.056540][ T7092] chnl_net:caif_netlink_parms(): no params data found
[  176.106608][ T6566] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  176.574934][ T7008] hsr_slave_0: entered promiscuous mode
[  176.602113][ T7008] hsr_slave_1: entered promiscuous mode
[  176.628632][ T5956] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  176.647017][ T7008] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.692754][ T7008] Cannot create hsr debugfs directory
[  176.803545][ T5956] usb 2-1: device descriptor read/64, error -71
[  177.026051][ T7092] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.041392][ T7092] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.049751][ T7092] bridge_slave_0: entered allmulticast mode
[  177.057783][ T7092] bridge_slave_0: entered promiscuous mode
[  177.109517][ T7092] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.135466][ T7092] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.161209][ T7092] bridge_slave_1: entered allmulticast mode
[  177.171663][ T7092] bridge_slave_1: entered promiscuous mode
[  177.198274][ T5956] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  177.233938][ T5909] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  177.325931][ T7092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.342162][ T5956] usb 2-1: device descriptor read/64, error -71
[  177.376668][ T7092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.408702][ T5909] usb 7-1: Using ep0 maxpacket: 16
[  177.430903][ T5909] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.466672][ T5909] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.468876][ T5956] usb usb2-port1: attempt power cycle
[  177.492226][ T5909] usb 7-1: config 0 interface 0 has no altsetting 0
[  177.511851][ T5909] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  177.527927][ T7219] loop2: detected capacity change from 0 to 4096
[  177.536422][ T5909] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.569659][ T5909] usb 7-1: config 0 descriptor??
[  177.577543][ T7219] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  177.595560][ T7092] team0: Port device team_slave_0 added
[  177.653438][ T7092] team0: Port device team_slave_1 added
[  177.793092][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.838647][ T5956] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  178.010899][ T5956] usb 2-1: device descriptor read/8, error -71
[  178.014162][ T5909] hid (null): unknown global tag 0xe
[  178.023928][ T5909] hid (null): unknown global tag 0xd3
[  178.025832][ T7092] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.029729][ T5909] hid (null): unknown global tag 0xc
[  178.041072][ T7092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.042403][ T5909] hid (null): invalid report_count -1461060856
[  178.070080][ T7092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.221949][ T5909] usb 7-1: USB disconnect, device number 2
[  178.243569][ T7092] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.267905][ T5956] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  178.293763][ T7092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.358731][ T7092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.470347][ T5956] usb 2-1: device descriptor read/8, error -71
[  178.524053][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.660171][ T5956] usb usb2-port1: unable to enumerate USB device
[  178.872094][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.938919][ T7238] loop6: detected capacity change from 0 to 1764
[  179.338472][ T7092] hsr_slave_0: entered promiscuous mode
[  179.344976][ T7092] hsr_slave_1: entered promiscuous mode
[  179.415387][ T7092] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  179.458588][ T7092] Cannot create hsr debugfs directory
[  179.524985][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.889080][ T7008] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  180.046603][ T7008] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  180.078954][ T7008] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  180.444574][ T7008] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  180.641243][   T36] bridge_slave_1: left allmulticast mode
[  180.657049][   T36] bridge_slave_1: left promiscuous mode
[  180.675585][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.736002][   T36] bridge_slave_0: left allmulticast mode
[  180.754529][   T36] bridge_slave_0: left promiscuous mode
[  180.771614][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.910259][ T7291] hub 1-0:1.0: USB hub found
[  182.915553][ T7291] hub 1-0:1.0: 1 port detected
[  183.854785][ T7296] loop2: detected capacity change from 0 to 512
[  183.900716][ T7296] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.327: casefold flag without casefold feature
[  183.925965][ T7296] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.327: couldn't read orphan inode 15 (err -117)
[  183.953685][ T7296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.075696][ T7302] EXT4-fs (loop2): shut down requested (1)
[  184.138371][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.212364][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.234163][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.258899][   T36] bond0 (unregistering): Released all slaves
[  186.601078][   T36] hsr_slave_0: left promiscuous mode
[  186.670211][   T36] hsr_slave_1: left promiscuous mode
[  186.676287][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.692373][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.724546][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.732240][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.816750][   T36] veth1_macvtap: left promiscuous mode
[  186.830440][   T36] veth0_macvtap: left promiscuous mode
[  186.836372][   T36] veth1_vlan: left promiscuous mode
[  186.852430][   T36] veth0_vlan: left promiscuous mode
[  187.902807][ T5956] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  187.953046][   T36] team0 (unregistering): Port device team_slave_1 removed
[  188.006963][   T36] team0 (unregistering): Port device team_slave_0 removed
[  188.048304][ T5956] usb 7-1: device descriptor read/64, error -71
[  188.290323][ T5956] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  188.440945][ T5956] usb 7-1: device descriptor read/64, error -71
[  188.551274][ T5956] usb usb7-port1: attempt power cycle
[  188.699739][ T7092] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  188.751291][ T7092] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  188.850540][ T7092] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  188.899640][ T7092] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  188.906929][ T5956] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  188.934220][ T7008] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.947686][ T5956] usb 7-1: device descriptor read/8, error -71
[  189.065398][ T7008] 8021q: adding VLAN 0 to HW filter on device team0
[  189.096784][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.103995][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.162644][ T1336] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.169874][ T1336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.238245][ T5956] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  189.269078][ T5956] usb 7-1: device descriptor read/8, error -71
[  189.382270][ T5956] usb usb7-port1: unable to enumerate USB device
[  189.445325][ T7373] loop2: detected capacity change from 0 to 256
[  189.473851][ T7373] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  189.507697][ T7374] netlink: 12 bytes leftover after parsing attributes in process `syz.1.342'.
[  189.546142][ T7374] veth1_to_bond: entered allmulticast mode
[  189.654983][ T7092] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.696709][ T7371] veth1_to_bond: left allmulticast mode
[  189.783948][ T7092] 8021q: adding VLAN 0 to HW filter on device team0
[  189.827410][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.834717][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.924439][ T3501] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.931627][ T3501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.122467][ T7008] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.750126][ T7092] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.044911][ T7008] veth0_vlan: entered promiscuous mode
[  191.077126][ T7008] veth1_vlan: entered promiscuous mode
[  191.131308][ T7008] veth0_macvtap: entered promiscuous mode
[  191.218612][ T7008] veth1_macvtap: entered promiscuous mode
[  191.228350][ T5935] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  191.311985][ T7008] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.334346][ T7008] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.424608][ T5935] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  191.435763][ T7124] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.468039][ T5935] usb 7-1: config 1 has no interface number 0
[  191.486265][ T7124] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.518584][ T5935] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.548887][ T7124] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.600987][ T7124] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.618214][ T5935] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  191.658390][ T5935] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 6302, setting to 1024
[  191.718361][ T5935] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  191.763783][ T5935] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  191.803439][ T5935] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.837891][ T5935] usb 7-1: Product: syz
[  191.842534][ T5935] usb 7-1: Manufacturer: syz
[  191.847149][ T5935] usb 7-1: SerialNumber: syz
[  191.946855][ T7124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.009338][ T7124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.114173][ T7431] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  192.292956][ T3434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.325921][ T3434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.432080][ T7092] veth0_vlan: entered promiscuous mode
[  192.486581][ T7092] veth1_vlan: entered promiscuous mode
[  192.619920][ T7092] veth0_macvtap: entered promiscuous mode
[  192.671164][ T7092] veth1_macvtap: entered promiscuous mode
[  192.758682][ T7431] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  192.776403][ T7092] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.795841][ T5935] cdc_ncm 7-1:1.1: bind() failure
[  192.813135][ T7092] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.880672][ T7124] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.908336][ T7124] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.937084][ T7124] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.962408][ T7124] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.992444][ T5909] usb 7-1: USB disconnect, device number 7
[  193.228853][ T7466] loop2: detected capacity change from 0 to 136
[  193.240456][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.257462][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.335787][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.355409][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.538342][   T30] audit: type=1326 audit(1750753141.543:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7452 comm="syz.7.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed1ff8e929 code=0x7fc00000
[  194.330147][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.336721][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  195.708372][ T5909] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  195.984432][ T5909] usb 8-1: device descriptor read/64, error -71
[  196.448335][ T5909] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  196.628667][ T5909] usb 8-1: device descriptor read/64, error -71
[  196.660645][ T7521] loop6: detected capacity change from 0 to 512
[  196.753474][ T7521] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  196.780688][ T5909] usb usb8-port1: attempt power cycle
[  196.832802][ T7521] EXT4-fs (loop6): 1 truncate cleaned up
[  196.949971][ T7521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.199194][ T5909] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  198.345734][ T5909] usb 8-1: device descriptor read/8, error -71
[  198.420723][ T7543] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  198.525931][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.346453][ T5909] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  199.406999][ T5909] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  199.431258][ T5909] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  199.459806][ T7558] loop8: detected capacity change from 0 to 764
[  199.465891][ T5909] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  199.479497][ T5909] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.598256][ T5909] usb 8-1: Product: syz
[  199.602870][ T5909] usb 8-1: Manufacturer: syz
[  199.618228][ T5909] usb 8-1: SerialNumber: syz
[  199.627672][ T7558] rock: directory entry would overflow storage
[  199.652001][ T7558] rock: sig=0x4654, size=5, remaining=4
[  199.957225][ T7571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.385'.
[  199.989626][ T5909] cdc_ncm 8-1:1.0: CDC Union missing and no IAD found
[  200.001675][ T5909] cdc_ncm 8-1:1.0: bind() failure
[  200.012947][ T5909] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  200.019843][ T5909] cdc_ncm 8-1:1.1: bind() failure
[  200.034100][ T5909] usb 8-1: USB disconnect, device number 5
[  200.347685][   T51] Bluetooth: hci1: unexpected event for opcode 0x0c5a
[  201.254237][ T7595] loop6: detected capacity change from 0 to 128
[  201.354246][ T7597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.395'.
[  201.518378][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  201.763700][ T7597] veth1_to_bond: entered allmulticast mode
[  202.040563][ T7596] veth1_to_bond: left allmulticast mode
[  202.830822][ T7624] loop2: detected capacity change from 0 to 512
[  202.867732][ T7624] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  203.030171][ T7624] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  203.041244][ T7624] System zones: 0-2, 18-18, 34-34
[  203.056439][ T7624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.069136][ T7624] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.156926][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.182936][ T7636] loop7: detected capacity change from 0 to 8
[  203.365273][ T7636] SQUASHFS error: Unable to read directory block [629:1f]
[  204.875091][ T7669] loop2: detected capacity change from 0 to 512
[  205.004645][ T7669] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  205.072203][ T7669] EXT4-fs (loop2): 1 truncate cleaned up
[  205.082682][ T7669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.272698][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.448537][ T7686] loop6: detected capacity change from 0 to 512
[  205.479507][ T7686] EXT4-fs (loop6): blocks per group (71) and clusters per group (20800) inconsistent
[  205.584546][ T7674] "syz.1.415" (7674) uses obsolete ecb(arc4) skcipher
[  205.739480][ T7690] loop2: detected capacity change from 0 to 2048
[  205.815022][ T7690] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  205.860612][ T7690] UDF-fs: Scanning with blocksize 512 failed
[  205.911328][ T7690] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  206.368383][ T5923] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  206.383226][ T7716] loop8: detected capacity change from 0 to 128
[  206.427188][ T7716] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  206.489142][ T7716] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  206.619797][ T5923] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.638522][ T5923] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.649284][ T5923] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  206.663087][ T5923] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  206.676405][ T5923] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.765064][ T5923] usb 7-1: config 0 descriptor??
[  207.424800][ T5923] plantronics 0003:047F:FFFF.0005: reserved main item tag 0xe
[  207.512374][ T5923] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  207.754870][ T5923] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  207.952435][ T5923] usb 7-1: USB disconnect, device number 8
[  208.342606][ T7731] fido_id[7731]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  208.587107][ T7745] netlink: 8 bytes leftover after parsing attributes in process `syz.8.439'.
[  208.621520][ T7746] loop6: detected capacity change from 0 to 1024
[  208.676406][ T7746] EXT4-fs: Ignoring removed orlov option
[  208.716534][ T7746] EXT4-fs (loop6): Test dummy encryption mode enabled
[  208.737151][ T7746] EXT4-fs (loop6): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  208.759502][ T7751] loop7: detected capacity change from 0 to 128
[  208.791556][ T7746] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal
[  208.948537][ T7754] FAT-fs (loop7): error, invalid access to FAT (entry 0x0fff0000)
[  208.967322][ T7754] FAT-fs (loop7): Filesystem has been set read-only
[  209.085455][ T7759] loop6: detected capacity change from 0 to 128
[  209.116559][ T7759] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  210.052468][ T5923] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  210.202515][ T7751] syz.7.440: attempt to access beyond end of device
[  210.202515][ T7751] loop7: rw=2049, sector=129, nr_sectors = 8 limit=128
[  210.278600][ T7751] syz.7.440: attempt to access beyond end of device
[  210.278600][ T7751] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128
[  210.326100][ T7751] syz.7.440: attempt to access beyond end of device
[  210.326100][ T7751] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128
[  210.347041][ T7751] syz.7.440: attempt to access beyond end of device
[  210.347041][ T7751] loop7: rw=2049, sector=177, nr_sectors = 8 limit=128
[  210.378396][ T7751] syz.7.440: attempt to access beyond end of device
[  210.378396][ T7751] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128
[  210.415519][ T5923] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.489182][ T7751] syz.7.440: attempt to access beyond end of device
[  210.489182][ T7751] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[  210.532863][ T7751] syz.7.440: attempt to access beyond end of device
[  210.532863][ T7751] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[  210.582353][ T7751] syz.7.440: attempt to access beyond end of device
[  210.582353][ T7751] loop7: rw=2049, sector=241, nr_sectors = 8 limit=128
[  210.605702][ T5923] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  210.617306][ T5923] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  210.628762][ T5923] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  210.642852][ T5923] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  210.652270][ T5923] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.669370][ T7751] syz.7.440: attempt to access beyond end of device
[  210.669370][ T7751] loop7: rw=2049, sector=257, nr_sectors = 8 limit=128
[  210.685783][ T7751] syz.7.440: attempt to access beyond end of device
[  210.685783][ T7751] loop7: rw=2049, sector=273, nr_sectors = 8 limit=128
[  210.686382][ T5923] usb 7-1: config 0 descriptor??
[  210.891072][ T5923] gspca_main: spca561-2.14.0 probing abcd:cdee
[  211.129422][ T5923] spca561 7-1:0.0: probe with driver spca561 failed with error -22
[  211.320356][ T5923] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  211.327995][ T5923] usb 7-1: MIDIStreaming interface descriptor not found
[  211.468682][ T5923] usb 7-1: USB disconnect, device number 9
[  212.818254][ T7810] mmap: syz.6.457 (7810) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  214.966748][ T7854] tracefs: Bad value for 'gid'
[  214.971981][ T7854] tracefs: Bad value for 'gid'
[  215.184234][ T7863] loop2: detected capacity change from 0 to 4096
[  215.195406][ T7863] EXT4-fs: inline encryption not supported
[  215.203663][ T7863] EXT4-fs: Ignoring removed oldalloc option
[  215.307197][ T7863] EXT4-fs (loop2): Test dummy encryption mode enabled
[  215.505094][ T7875] loop6: detected capacity change from 0 to 512
[  215.532961][ T7863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.150365][ T7863] Quota error (device loop2): do_check_range: Getting block 134217730 out of range 1-5
[  216.190218][ T7875] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.226202][ T7863] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  216.292711][ T7875] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.304273][ T7863] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.471: Failed to acquire dquot type 1
[  216.424280][   T30] audit: type=1800 audit(1750753164.443:23): pid=7875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.473" name="file1" dev="loop6" ino=15 res=0 errno=0
[  216.569474][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.182469][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.659266][ T7909] 9pnet_fd: Insufficient options for proto=fd
[  218.722854][ T7909] loop6: detected capacity change from 0 to 256
[  219.174483][ T7909] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  219.445691][ T7909] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  219.723417][ T7909] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  219.747193][ T7909] exFAT-fs (loop6): Filesystem has been set read-only
[  219.877721][   T30] audit: type=1326 audit(1750753167.893:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.1.486" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f03ebd8e929 code=0x0
[  220.695306][   T30] audit: type=1326 audit(1750753168.713:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  220.858465][   T30] audit: type=1326 audit(1750753168.713:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  221.110526][ T7950] block nbd1: NBD_DISCONNECT
[  221.116179][ T7950] block nbd1: Send disconnect failed -22
[  221.122628][   T30] audit: type=1326 audit(1750753168.713:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  221.124984][   T30] audit: type=1326 audit(1750753168.713:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  221.125032][   T30] audit: type=1326 audit(1750753168.713:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  221.125072][   T30] audit: type=1326 audit(1750753168.713:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f740838e929 code=0x7ffc0000
[  221.179073][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  221.179098][   T30] audit: type=1326 audit(1750753169.143:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f74083858e7 code=0x7ffc0000
[  221.205079][ T7952] 9pnet_fd: Insufficient options for proto=fd
[  221.263797][ T7948] block nbd1: Disconnected due to user request.
[  221.270388][ T7948] block nbd1: shutting down sockets
[  221.399269][ T7952] loop7: detected capacity change from 0 to 4096
[  221.406238][ T7956] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  221.428458][ T7952] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  221.438994][   T30] audit: type=1326 audit(1750753169.143:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f740832ab19 code=0x7ffc0000
[  221.518835][   T30] audit: type=1326 audit(1750753169.143:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f74083858e7 code=0x7ffc0000
[  221.608485][   T30] audit: type=1326 audit(1750753169.143:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f740832ab19 code=0x7ffc0000
[  221.678374][   T30] audit: type=1326 audit(1750753169.143:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f74083858e7 code=0x7ffc0000
[  221.768277][   T30] audit: type=1326 audit(1750753169.143:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f740832ab19 code=0x7ffc0000
[  221.858823][   T30] audit: type=1326 audit(1750753169.143:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f74083858e7 code=0x7ffc0000
[  221.958400][   T30] audit: type=1326 audit(1750753169.163:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f740832ab19 code=0x7ffc0000
[  222.181709][   T30] audit: type=1326 audit(1750753169.163:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f74083858e7 code=0x7ffc0000
[  222.205286][   T30] audit: type=1326 audit(1750753169.183:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f740832ab19 code=0x7ffc0000
[  222.279449][ T7984] block nbd6: NBD_DISCONNECT
[  222.284101][ T7984] block nbd6: Send disconnect failed -22
[  222.290614][ T7983] block nbd6: Disconnected due to user request.
[  222.298791][ T7983] block nbd6: shutting down sockets
[  222.332794][ T7995] 9pnet_fd: Insufficient options for proto=fd
[  224.577068][ T8036] 9pnet_fd: Insufficient options for proto=fd
[  224.639525][ T8036] loop7: detected capacity change from 0 to 4096
[  224.662401][ T8036] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  224.692605][ T8038] bridge1: the hash_elasticity option has been deprecated and is always 16
[  224.991666][ T8047] tap0: tun_chr_ioctl cmd 1074025672
[  224.997026][ T8047] tap0: ignored: set checksum enabled
[  225.198213][ T8047] loop6: detected capacity change from 0 to 512
[  225.616838][ T8047] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.529: bg 0: block 393: padding at end of block bitmap is not set
[  225.637500][ T8047] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  225.648127][ T8047] EXT4-fs (loop6): 2 truncates cleaned up
[  225.661552][ T8047] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.683394][ T8057] netlink: 8 bytes leftover after parsing attributes in process `syz.7.532'.
[  225.798454][    T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  226.415173][ T8062] loop7: detected capacity change from 0 to 131072
[  226.435321][ T8062] F2FS-fs (loop7): Invalid log sectorsize (67108873)
[  226.442413][ T8062] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  226.455298][ T8062] F2FS-fs (loop7): invalid crc value
[  226.488172][    T9] usb 2-1: Using ep0 maxpacket: 16
[  226.552062][    T9] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[  226.567992][    T9] usb 2-1: config 0 has no interface number 0
[  226.599339][    T9] usb 2-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16
[  226.610515][ T8062] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  226.617703][ T8062] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  226.626050][    T9] usb 2-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024
[  226.642197][    T9] usb 2-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  226.668323][    T9] usb 2-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0
[  226.681664][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.690150][    T9] usb 2-1: Product: syz
[  226.695065][    T9] usb 2-1: Manufacturer: syz
[  226.701124][    T9] usb 2-1: SerialNumber: syz
[  226.711945][    T9] usb 2-1: config 0 descriptor??
[  226.727761][ T8052] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  226.738944][ T8052] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  226.761891][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.241574][   T10] usb 2-1: USB disconnect, device number 11
[  232.077455][ T8102] loop2: detected capacity change from 0 to 1764
[  237.864926][ T8143] loop6: detected capacity change from 0 to 131072
[  237.887829][ T8143] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  237.894715][ T8143] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  237.896321][ T8141] loop7: detected capacity change from 0 to 1024
[  237.905307][ T8143] F2FS-fs (loop6): invalid crc value
[  237.995216][ T8141] EXT4-fs: inline encryption not supported
[  238.018449][ T8143] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  238.025528][ T8143] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  238.056503][ T8141] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  238.197155][ T8141] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 2: comm syz.7.560: lblock 2 mapped to illegal pblock 2 (length 1)
[  238.266799][ T8141] __quota_error: 24 callbacks suppressed
[  238.266813][ T8141] Quota error (device loop7): qtree_write_dquot: dquota write failed
[  238.313375][ T8141] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 48: comm syz.7.560: lblock 0 mapped to illegal pblock 48 (length 1)
[  238.376897][ T8141] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  238.413062][ T8141] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.560: Failed to acquire dquot type 0
[  238.436774][ T8141] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  238.478019][ T8141] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.560: mark_inode_dirty error
[  238.508534][ T8141] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  238.535551][ T8141] EXT4-fs (loop7): 1 orphan inode deleted
[  238.561183][ T8141] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.594853][   T49] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  238.642884][   T49] Quota error (device loop7): remove_tree: Can't read quota data block 1
[  238.671311][   T49] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  238.816919][ T8141] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.889712][ T8141] EXT4-fs error (device loop7): __ext4_get_inode_loc:4792: comm syz.7.560: Invalid inode table block 1 in block_group 0
[  238.970072][ T8141] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  239.055831][ T8141] EXT4-fs error (device loop7): ext4_quota_off:7217: inode #3: comm syz.7.560: mark_inode_dirty error
[  239.382444][ T8155] input: syz0 as /devices/virtual/input/input8
[  241.827491][ T8168] loop6: detected capacity change from 0 to 2048
[  241.950022][ T8168] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  242.194490][   T30] audit: type=1326 audit(1750753190.193:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.8.569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc703d8e929 code=0x0
[  242.412668][ T5153] Bluetooth: hci1: unexpected event for opcode 0x0419
[  243.403997][ T8180] loop2: detected capacity change from 0 to 256
[  244.002769][ T8186] loop6: detected capacity change from 0 to 131072
[  244.880725][ T8186] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  244.887441][ T8186] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  244.917788][ T8186] F2FS-fs (loop6): invalid crc value
[  245.019532][ T8186] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  245.025985][ T8197] loop7: detected capacity change from 0 to 1764
[  245.026594][ T8186] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  245.580179][ T8207] netlink: 16 bytes leftover after parsing attributes in process `syz.2.581'.
[  246.422373][ T8211] loop2: detected capacity change from 0 to 2048
[  246.480417][ T5153] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  246.498644][ T5153] Bluetooth: hci1: Injecting HCI hardware error event
[  246.508456][ T5843] Bluetooth: hci1: hardware error 0x00
[  246.531745][ T8211] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  247.921091][ T8223] loop2: detected capacity change from 0 to 32768
[  247.946339][ T8223] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  247.955554][ T8223] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  248.029313][ T8223] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  248.043634][   T48] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  248.066103][   T48] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  248.288018][   T48] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 221ms
[  248.300351][   T48] gfs2: fsid=syz:syz.0: jid=0: Done
[  248.307795][ T8223] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  248.558620][ T5843] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  249.666979][ T8223] gfs2: fsid=syz:syz.0: found 1 quota changes
[  249.758365][ T5843] Bluetooth: hci0: command 0x0405 tx timeout
[  249.985030][ T8245] sit0: entered promiscuous mode
[  250.080841][ T8245] netlink: 'syz.1.589': attribute type 1 has an invalid length.
[  250.113212][ T8245] netlink: 1 bytes leftover after parsing attributes in process `syz.1.589'.
[  250.483473][ T8252] binder: 8248:8252 ioctl c0306201 0 returned -14
[  251.833466][ T8261] loop7: detected capacity change from 0 to 2048
[  251.840095][ T5843] Bluetooth: hci0: command 0x0405 tx timeout
[  251.862507][ T8261] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=4096, location=4096
[  251.874576][ T8261] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[  251.888014][ T8261] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[  251.899844][ T8261] UDF-fs: Scanning with blocksize 512 failed
[  251.929485][ T8261] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  251.937247][ T8261] UDF-fs: Scanning with blocksize 1024 failed
[  251.952768][ T8261] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  251.965938][ T8261] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  251.973979][ T8261] UDF-fs: Scanning with blocksize 2048 failed
[  251.986415][ T8261] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  252.011941][ T8261] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  252.038305][ T8261] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  252.068312][ T8261] UDF-fs: Scanning with blocksize 4096 failed
[  252.074419][ T8261] UDF-fs: warning (device loop7): udf_fill_super: No partition found (1)
[  252.193230][ T8269] loop2: detected capacity change from 0 to 128
[  253.410960][ T8280] netlink: 12 bytes leftover after parsing attributes in process `syz.7.603'.
[  253.480047][ T8283] veth1_to_bond: entered allmulticast mode
[  253.490428][ T8279] veth1_to_bond: left allmulticast mode
[  254.288285][ T5956] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  254.523165][ T5956] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  254.533995][ T5956] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  254.573163][ T5956] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.633144][ T5956] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  254.654188][ T5956] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  254.696342][ T5956] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.752746][ T5956] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  254.803794][ T5956] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  254.849525][ T8301] loop7: detected capacity change from 0 to 1764
[  254.998680][ T5956] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  255.110192][ T5956] usb 3-1: string descriptor 0 read error: -22
[  255.116821][ T5956] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  255.144163][ T5956] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.164576][ T5956] adutux 3-1:168.0: interrupt endpoints not found
[  255.364094][   T24] usb 3-1: USB disconnect, device number 5
[  256.295535][ T8311] loop6: detected capacity change from 0 to 131072
[  256.303502][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  256.314324][ T8311] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  256.321324][ T8311] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  256.339167][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.445278][ T8311] F2FS-fs (loop6): invalid crc value
[  256.595744][ T8311] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  256.603762][ T8311] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  256.935608][ T8319] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.948278][ T5923] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  257.030399][ T8322] netlink: 12 bytes leftover after parsing attributes in process `syz.8.617'.
[  257.044687][ T8319] warning: `syz.2.616' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  257.094205][ T8322] veth1_to_bond: entered allmulticast mode
[  257.106528][ T8321] veth1_to_bond: left allmulticast mode
[  257.128255][ T5923] usb 2-1: Using ep0 maxpacket: 32
[  257.153612][ T5923] usb 2-1: config index 0 descriptor too short (expected 40210, got 18)
[  257.163062][ T5923] usb 2-1: config 209 has too many interfaces: 248, using maximum allowed: 32
[  257.174548][ T5923] usb 2-1: config 209 has an invalid descriptor of length 41, skipping remainder of the config
[  257.227167][ T5923] usb 2-1: config 209 has 0 interfaces, different from the descriptor's value: 248
[  257.296189][ T5923] usb 2-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=39.2b
[  257.319024][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.328287][ T5923] usb 2-1: Product: syz
[  257.338216][ T5923] usb 2-1: Manufacturer: syz
[  257.348523][ T5923] usb 2-1: SerialNumber: syz
[  257.700268][ T5923] usb 2-1: USB disconnect, device number 12
[  257.755525][ T8345] netlink: 36 bytes leftover after parsing attributes in process `syz.8.627'.
[  257.815883][ T8342] loop2: detected capacity change from 0 to 1764
[  257.978457][ T5956] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  258.843333][ T5956] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  258.881135][ T5956] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  258.894522][ T5956] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  258.920269][ T5956] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  258.936185][ T5956] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  258.947542][ T5956] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  259.075154][ T5956] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  259.111481][ T5956] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  259.347283][ T5956] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  259.612215][ T5956] usb 8-1: string descriptor 0 read error: -22
[  259.630078][ T5956] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  259.661730][ T8357] loop6: detected capacity change from 0 to 512
[  259.674877][ T8357] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  259.821592][ T5956] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.866157][ T5956] adutux 8-1:168.0: interrupt endpoints not found
[  259.875368][ T8357] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  259.904124][ T8357] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.462258][ T5909] usb 8-1: USB disconnect, device number 6
[  261.150285][ T8375] loop2: detected capacity change from 0 to 512
[  262.356021][ T8375] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.513714][ T8375] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.542318][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  262.600481][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.528634][ T8391] binder: 8389:8391 ioctl c0306201 0 returned -14
[  264.631277][ T8396] loop2: detected capacity change from 0 to 131072
[  264.737018][ T8396] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  264.743859][ T8396] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  264.757983][ T8396] F2FS-fs (loop2): invalid crc value
[  265.251047][ T8396] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  265.258172][ T8396] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  265.628245][   T24] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  265.820304][   T24] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  265.851933][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  265.878258][   T24] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  265.913371][   T24] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  265.939026][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  265.972884][   T24] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  266.079517][   T24] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  266.111748][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  266.168370][   T24] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  266.236664][   T24] usb 2-1: string descriptor 0 read error: -22
[  266.253609][   T24] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  266.278516][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.316974][   T24] adutux 2-1:168.0: interrupt endpoints not found
[  266.331125][ T8416] netlink: 16 bytes leftover after parsing attributes in process `syz.7.641'.
[  266.389254][ T8416] loop7: detected capacity change from 0 to 1024
[  266.409253][ T8416] EXT4-fs: Ignoring removed bh option
[  266.428396][ T8416] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  266.460030][ T8416] EXT4-fs (loop7): can't mount with data_err=abort, fs mounted w/o journal
[  266.548241][ T5956] usb 2-1: USB disconnect, device number 13
[  266.573533][ T8416] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.679985][ T8419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.825989][ T8421] loop2: detected capacity change from 0 to 1024
[  267.686294][ T8421] xt_limit: Overflow, try lower: 0/0
[  267.900930][ T8428] loop2: detected capacity change from 0 to 128
[  268.186733][ T8430] netlink: 'syz.2.652': attribute type 16 has an invalid length.
[  268.194566][ T8430] netlink: 'syz.2.652': attribute type 17 has an invalid length.
[  271.124591][ T8441] loop6: detected capacity change from 0 to 131072
[  271.135916][ T8441] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  271.143345][ T8441] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  271.155806][ T8441] F2FS-fs (loop6): invalid crc value
[  271.286820][ T8441] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  271.294118][ T8441] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  271.371673][ T8449] loop2: detected capacity change from 0 to 1764
[  271.652804][ T8457] loop7: detected capacity change from 0 to 256
[  271.709177][ T8457] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  271.733872][ T8459] fuse: Bad value for 'fd'
[  271.753214][ T8459] 9pnet_fd: Insufficient options for proto=fd
[  271.754118][ T8457] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  272.834939][ T8457] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  273.512560][ T8474] Device name cannot be null; rc = [-22]
[  274.052130][ T8457] loop7: detected capacity change from 256 to 0
[  274.078793][    C1] I/O error, dev loop7, sector 168 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  274.088785][    C1] Buffer I/O error on dev loop7, logical block 168, lost sync page write
[  274.340347][ T7008] bio_check_eod: 50 callbacks suppressed
[  274.340361][ T7008] syz-executor: attempt to access beyond end of device
[  274.340361][ T7008] loop7: rw=524288, sector=160, nr_sectors = 1 limit=0
[  274.509383][ T8478] netlink: 12 bytes leftover after parsing attributes in process `syz.8.668'.
[  274.518506][ T8478] netlink: 16 bytes leftover after parsing attributes in process `syz.8.668'.
[  275.155393][ T7008] syz-executor: attempt to access beyond end of device
[  275.155393][ T7008] loop7: rw=524288, sector=161, nr_sectors = 1 limit=0
[  275.169317][ T7008] syz-executor: attempt to access beyond end of device
[  275.169317][ T7008] loop7: rw=524288, sector=162, nr_sectors = 1 limit=0
[  275.188821][ T7008] syz-executor: attempt to access beyond end of device
[  275.188821][ T7008] loop7: rw=524288, sector=163, nr_sectors = 1 limit=0
[  275.219173][ T7008] syz-executor: attempt to access beyond end of device
[  275.219173][ T7008] loop7: rw=524288, sector=164, nr_sectors = 1 limit=0
[  275.272692][ T7008] syz-executor: attempt to access beyond end of device
[  275.272692][ T7008] loop7: rw=524288, sector=165, nr_sectors = 1 limit=0
[  275.425238][ T7008] syz-executor: attempt to access beyond end of device
[  275.425238][ T7008] loop7: rw=524288, sector=166, nr_sectors = 1 limit=0
[  275.470658][ T7008] syz-executor: attempt to access beyond end of device
[  275.470658][ T7008] loop7: rw=524288, sector=167, nr_sectors = 1 limit=0
[  275.624688][ T7008] syz-executor: attempt to access beyond end of device
[  275.624688][ T7008] loop7: rw=0, sector=160, nr_sectors = 1 limit=0
[  275.805455][ T7008] syz-executor: attempt to access beyond end of device
[  275.805455][ T7008] loop7: rw=0, sector=161, nr_sectors = 1 limit=0
[  276.217831][ T8488] loop6: detected capacity change from 0 to 2048
[  276.341742][ T8488]  loop6: p1 < > p3
[  276.347226][ T8488] loop6: p3 size 134217728 extends beyond EOD, truncated
[  276.823326][ T7124] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.061607][ T8492] mmap: syz.2.673 (8492): VmData 25976832 exceed data ulimit 81. Update limits or use boot option ignore_rlimit_data.
[  277.112034][ T8492] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  277.500892][ T7124] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.679863][ T7124] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.318685][ T5153] Bluetooth: hci3: command 0x0406 tx timeout
[  278.611567][ T8508] xt_CT: You must specify a L4 protocol and not use inversions on it
[  278.760045][ T8507] loop6: detected capacity change from 0 to 256
[  279.178671][ T7124] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.766815][ T8515] loop6: detected capacity change from 0 to 1024
[  279.864074][ T8515] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.458957][ T7124] bridge_slave_1: left allmulticast mode
[  280.466321][ T7124] bridge_slave_1: left promiscuous mode
[  280.483493][ T7124] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.564699][ T7124] bridge_slave_0: left allmulticast mode
[  280.581339][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.581362][ T7124] bridge_slave_0: left promiscuous mode
[  280.581566][ T7124] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.607833][ T5153] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  280.618460][ T5153] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  280.626553][ T5153] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  280.648361][ T5153] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  280.659611][ T5153] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  281.494585][ T8529] loop2: detected capacity change from 0 to 8
[  281.533194][ T8531] netlink: 12 bytes leftover after parsing attributes in process `syz.6.684'.
[  282.728254][ T5153] Bluetooth: hci2: command tx timeout
[  283.322261][ T7124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.337414][ T7124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.352716][ T7124] bond0 (unregistering): Released all slaves
[  283.385749][ T8531] veth1_to_bond: entered allmulticast mode
[  283.401984][ T8531] veth1_to_bond: left allmulticast mode
[  284.596987][ T8555] loop2: detected capacity change from 0 to 2048
[  284.890076][ T5153] Bluetooth: hci2: command tx timeout
[  285.159519][ T8555] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  285.591456][ T8566] loop6: detected capacity change from 0 to 1764
[  286.853435][ T8571] xt_CT: You must specify a L4 protocol and not use inversions on it
[  287.057750][ T5153] Bluetooth: hci2: command tx timeout
[  287.066042][   T30] audit: type=1326 audit(1750753234.993:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  287.518406][   T30] audit: type=1326 audit(1750753234.993:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  287.558426][   T30] audit: type=1326 audit(1750753235.073:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  287.678338][   T30] audit: type=1326 audit(1750753235.073:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  287.737997][   T30] audit: type=1326 audit(1750753235.073:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  287.805663][   T30] audit: type=1326 audit(1750753235.073:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f03ebd8d3df code=0x7ffc0000
[  288.315756][ T8576] loop6: detected capacity change from 0 to 131072
[  288.342261][   T30] audit: type=1326 audit(1750753235.073:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  288.369658][ T8576] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  288.376374][ T8576] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  288.399745][ T8576] F2FS-fs (loop6): invalid crc value
[  288.432808][   T30] audit: type=1326 audit(1750753235.073:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  288.462947][ T5909] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  288.485851][   T30] audit: type=1326 audit(1750753235.073:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  288.546452][   T30] audit: type=1326 audit(1750753235.073:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ebd8e929 code=0x7ffc0000
[  288.603096][ T8576] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  288.610228][ T8576] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  288.743042][ T5909] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  288.777373][ T5909] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  288.812418][ T8522] chnl_net:caif_netlink_parms(): no params data found
[  288.812810][ T5909] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.876413][ T5909] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  288.898292][ T5909] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  288.934383][ T5909] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.992654][ T5909] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  289.048893][ T5909] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  289.093512][ T5909] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  289.114777][ T7124] hsr_slave_0: left promiscuous mode
[  289.120239][ T5843] Bluetooth: hci2: command tx timeout
[  289.288928][ T7124] hsr_slave_1: left promiscuous mode
[  289.298885][ T7124] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.306302][ T7124] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.100046][ T7124] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.118243][ T5909] usb 3-1: string descriptor 0 read error: -22
[  290.118293][ T7124] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.124642][ T5909] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  290.124666][ T5909] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.170682][ T5909] adutux 3-1:168.0: interrupt endpoints not found
[  291.322412][ T7124] veth1_macvtap: left promiscuous mode
[  291.327989][ T7124] veth0_macvtap: left promiscuous mode
[  291.350487][ T5956] usb 3-1: USB disconnect, device number 6
[  291.378398][ T7124] veth1_vlan: left promiscuous mode
[  291.387427][ T7124] veth0_vlan: left promiscuous mode
[  295.149440][   T51] Bluetooth: hci0: command 0x0405 tx timeout
[  295.491206][ T8626] netlink: 12 bytes leftover after parsing attributes in process `syz.6.701'.
[  298.351466][ T7124] team0 (unregistering): Port device team_slave_1 removed
[  298.433902][ T7124] team0 (unregistering): Port device team_slave_0 removed
[  300.763899][ T8626] veth1_to_bond: entered allmulticast mode
[  300.777337][ T8654] syz_tun: left allmulticast mode
[  300.782473][ T8654] syz_tun: left promiscuous mode
[  300.788913][ T8654] bridge0: port 3(syz_tun) entered disabled state
[  300.817011][ T8654] bridge_slave_0: left allmulticast mode
[  300.824128][ T8654] bridge_slave_0: left promiscuous mode
[  300.830001][ T8654] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.843389][ T8654] bridge_slave_1: left allmulticast mode
[  300.849412][ T8654] bridge_slave_1: left promiscuous mode
[  300.855147][ T8654] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.869689][ T8654] bond0: (slave bond_slave_0): Releasing backup interface
[  300.884976][ T8654] bond0: (slave bond_slave_1): Releasing backup interface
[  300.904990][ T8654] team0: Port device team_slave_0 removed
[  300.916525][ T8654] team0: Port device team_slave_1 removed
[  300.922983][ T8654] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.930601][ T8654] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.943974][ T8654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.951456][ T8654] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.074198][ T8626] veth1_to_bond: left allmulticast mode
[  301.291057][ T8522] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.317283][ T8522] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.345668][ T8522] bridge_slave_0: entered allmulticast mode
[  301.355428][ T8522] bridge_slave_0: entered promiscuous mode
[  301.383045][ T8522] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.437789][ T8522] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.197572][ T8522] bridge_slave_1: entered allmulticast mode
[  302.590318][ T8691] loop2: detected capacity change from 0 to 256
[  302.600540][ T8691] exfat: Deprecated parameter 'utf8'
[  302.606111][ T8691] exfat: Deprecated parameter 'namecase'
[  302.611980][ T8691] exfat: Deprecated parameter 'utf8'
[  303.114448][ T8522] bridge_slave_1: entered promiscuous mode
[  303.138433][ T8691] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  303.190005][ T8689] exFAT-fs (loop2): start_clu is invalid cluster(0x0)
[  303.421220][ T8686] loop6: detected capacity change from 0 to 256
[  303.501593][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  303.501610][   T30] audit: type=1326 audit(1750753251.523:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc703d8e929 code=0x7ffc0000
[  303.600306][   T30] audit: type=1326 audit(1750753251.523:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc703d8e929 code=0x7ffc0000
[  303.628424][   T30] audit: type=1326 audit(1750753251.553:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  303.651911][   T30] audit: type=1326 audit(1750753251.553:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  303.674370][   T30] audit: type=1326 audit(1750753251.553:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  303.707150][   T30] audit: type=1326 audit(1750753251.553:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  303.792510][ T8522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.830262][   T30] audit: type=1326 audit(1750753251.553:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  303.837091][ T8522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.918379][   T30] audit: type=1326 audit(1750753251.553:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  304.113362][   T30] audit: type=1326 audit(1750753251.553:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  304.270016][ T8705] loop6: detected capacity change from 0 to 128
[  304.311877][   T30] audit: type=1326 audit(1750753251.553:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8692 comm="syz.8.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc703d2ab19 code=0x7ffc0000
[  304.430252][ T8705] FAT-fs (loop6): bogus sectors per cluster 0
[  304.436899][ T8705] FAT-fs (loop6): Can't find a valid FAT filesystem
[  305.115728][ T8522] team0: Port device team_slave_0 added
[  305.125893][ T8522] team0: Port device team_slave_1 added
[  305.233437][ T8522] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.251363][ T8522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.336980][ T8522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.371578][ T8522] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.390631][ T8714] netlink: 12 bytes leftover after parsing attributes in process `syz.6.726'.
[  305.424835][ T8522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.467248][ T8522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.968184][ T8711] veth1_to_bond: entered allmulticast mode
[  306.000027][ T8709] veth1_to_bond: left allmulticast mode
[  306.329703][ T8522] hsr_slave_0: entered promiscuous mode
[  306.336439][ T8522] hsr_slave_1: entered promiscuous mode
[  306.359595][ T8522] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.360135][ T8724] overlayfs: missing 'lowerdir'
[  306.369809][ T8522] Cannot create hsr debugfs directory
[  306.438396][   T24] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  306.640346][   T24] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  306.723923][   T24] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  306.828300][   T24] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  306.860050][ T8735] tmpfs: Bad value for 'nr_inodes'
[  306.924449][   T24] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  306.976839][   T24] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  307.046738][   T24] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  307.319946][ T8522] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  307.339246][   T24] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  307.346791][   T24] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  307.382466][ T8522] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  307.452420][ T8522] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  307.613699][ T8522] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  307.651237][   T24] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  307.901604][   T24] usb 7-1: string descriptor 0 read error: -22
[  307.999944][   T24] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  308.034765][ T8753] loop2: detected capacity change from 0 to 128
[  308.133254][ T8753] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  308.159458][ T8753] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  308.435954][ T8522] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.489681][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.499520][ T8522] 8021q: adding VLAN 0 to HW filter on device team0
[  308.524420][  T149] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.531575][  T149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.550881][  T149] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.557981][  T149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.567219][ T8757] netlink: 12 bytes leftover after parsing attributes in process `syz.8.738'.
[  308.595849][ T8757] veth1_to_bond: entered allmulticast mode
[  308.602795][ T8756] veth1_to_bond: left allmulticast mode
[  308.676427][ T5850] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  308.719677][   T24] adutux 7-1:168.0: interrupt endpoints not found
[  308.990649][ T5916] usb 7-1: USB disconnect, device number 10
[  309.856557][ T8522] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.500720][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.2.749'.
[  310.617391][ T8793] veth1_to_bond: entered allmulticast mode
[  311.469150][ T8787] veth1_to_bond: left allmulticast mode
[  311.953509][ T8522] veth0_vlan: entered promiscuous mode
[  311.978715][   T10] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  311.985786][ T8522] veth1_vlan: entered promiscuous mode
[  312.176043][   T10] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  312.187003][ T8522] veth0_macvtap: entered promiscuous mode
[  312.217256][   T10] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  312.253350][   T10] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  312.300132][   T10] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  312.315038][   T10] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  312.318885][ T8522] veth1_macvtap: entered promiscuous mode
[  312.374599][   T10] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  312.426122][   T10] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  312.433879][ T8522] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.444315][   T10] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  312.504205][   T10] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  312.507940][ T8522] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.567083][   T10] usb 2-1: string descriptor 0 read error: -22
[  312.601657][   T10] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  312.635030][ T8644] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.654944][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.665227][ T8644] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.688079][   T10] adutux 2-1:168.0: interrupt endpoints not found
[  312.707298][ T8644] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.739205][ T8638] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.897272][ T5916] usb 2-1: USB disconnect, device number 14
[  313.968994][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.979855][  T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.988302][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.018205][  T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.598393][ T5956] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  316.918832][ T5956] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  317.062845][ T5956] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  317.082768][ T5956] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  317.137788][ T5956] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  317.205614][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.212249][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.272541][ T5956] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  317.298527][ T5956] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  317.331999][ T5956] usb 3-1: SerialNumber: syz
[  317.347823][ T8863] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  317.352580][ T8874] input: syz1 as /devices/virtual/input/input9
[  317.382925][ T5956] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[  317.412196][ T5956] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -12
[  317.848614][ T8884] loop2: detected capacity change from 0 to 128
[  317.869684][ T8884] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  317.881520][ T8884] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  318.009416][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  318.009434][   T30] audit: type=1800 audit(1750753266.033:157): pid=8884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.773" name="file1" dev="loop2" ino=94 res=0 errno=0
[  318.045902][ T8884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  318.055023][ T8884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.396359][ T5909] usb 3-1: USB disconnect, device number 7
[  321.468866][ T8890] loop9: detected capacity change from 0 to 32768
[  323.260680][ T8890] read_mapping_page failed!
[  323.313472][ T8890] jfs_mount: Failed to read AGGREGATE_I
[  323.379423][ T8890] Mount JFS Failure: -5
[  325.087782][ T8925] netlink: 'syz.1.793': attribute type 16 has an invalid length.
[  325.095782][ T8925] netlink: 'syz.1.793': attribute type 17 has an invalid length.
[  326.454046][ T8936] input: syz1 as /devices/virtual/input/input10
[  326.555490][ T8937] Invalid source name
[  326.559854][ T8937] UBIFS error (pid: 8937): cannot open "./file0", error -22
[  327.469838][ T8944] Invalid source name
[  327.481455][ T8944] UBIFS error (pid: 8944): cannot open "./file0", error -22
[  329.033148][ T8955] kernel profiling enabled (shift: 7)
[  329.886505][ T8966] fuse: Unknown parameter 'group_i00000000000000000000'
[  331.927129][ T8987] Invalid source name
[  331.931353][ T8987] UBIFS error (pid: 8987): cannot open "./file0", error -22
[  332.657118][ T8989] input: syz1 as /devices/virtual/input/input11
[  337.576173][ T9006] loop2: detected capacity change from 0 to 128
[  339.475361][ T9031] fuse: Unknown parameter 'group_i00000000000000000000'
[  339.886381][ T9026] loop6: detected capacity change from 0 to 4096
[  339.958049][ T9037] fuse: Bad value for 'fd'
[  339.975463][ T9026] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  340.002900][ T9037] fuse: Bad value for 'fd'
[  340.438905][ T9026] 9pnet: bogus RWRITE count (2 > 1)
[  340.508611][ T9041] input: syz1 as /devices/virtual/input/input12
[  341.295296][ T9049] 9pnet_virtio: no channels available for device syz
[  341.632272][ T9048] loop6: detected capacity change from 0 to 1024
[  341.665604][ T9048] hfsplus: failed to load catalog file
[  341.739053][ T9039] 9pnet_virtio: no channels available for device syz
[  343.784194][ T9071] loop9: detected capacity change from 0 to 4096
[  343.815121][ T9071] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[  343.952452][ T9071] 9pnet: bogus RWRITE count (2 > 1)
[  344.020772][ T9075] loop2: detected capacity change from 0 to 256
[  344.063734][ T9075] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  346.219601][ T9097] fuse: Unknown parameter 'group_id00000000000000000000'
[  349.658344][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  349.888378][   T24] usb 3-1: Using ep0 maxpacket: 8
[  349.907819][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  349.949152][   T24] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  349.968940][   T24] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  349.977059][   T24] usb 3-1: Product: syz
[  350.001707][   T24] usb 3-1: Manufacturer: syz
[  350.006338][   T24] usb 3-1: SerialNumber: syz
[  350.051268][ T9119] loop9: detected capacity change from 0 to 128
[  350.071467][ T9122] netlink: 16 bytes leftover after parsing attributes in process `syz.8.857'.
[  350.268520][ T9122] netlink: 16 bytes leftover after parsing attributes in process `syz.8.857'.
[  350.277561][ T9122] netlink: 16 bytes leftover after parsing attributes in process `syz.8.857'.
[  350.295747][   T24] usb 3-1: palm_os_3_probe - error -71 getting connection information
[  350.318315][   T24] visor 3-1:1.0: probe with driver visor failed with error -71
[  350.369476][   T24] usb 3-1: USB disconnect, device number 8
[  352.463853][ T9142] loop2: detected capacity change from 0 to 8
[  352.598774][ T9142] SQUASHFS error: zlib decompression failed, data probably corrupt
[  352.628287][ T9142] SQUASHFS error: Failed to read block 0x9b: -5
[  352.645075][ T9142] SQUASHFS error: Unable to read metadata cache entry [99]
[  352.698002][ T9142] SQUASHFS error: Unable to read inode 0x127
[  352.924368][ T9152] loop6: detected capacity change from 0 to 1024
[  352.938356][ T9152] hfsplus: failed to load catalog file
[  354.527112][ T9166] netlink: 16 bytes leftover after parsing attributes in process `syz.6.871'.
[  354.546716][ T9166] netlink: 16 bytes leftover after parsing attributes in process `syz.6.871'.
[  355.568355][ T9166] netlink: 16 bytes leftover after parsing attributes in process `syz.6.871'.
[  355.592013][ T9170] IPv6: Can't replace route, no match found
[  358.601064][ T9190] loop2: detected capacity change from 0 to 128
[  358.914976][ T9192] netlink: 148 bytes leftover after parsing attributes in process `syz.9.880'.
[  359.906948][ T9197] loop9: detected capacity change from 0 to 1024
[  360.058531][ T9197] hfsplus: failed to load catalog file
[  360.130774][ T9198] 9pnet: bogus RWRITE count (2 > 1)
[  362.394102][ T9217] loop6: detected capacity change from 0 to 1764
[  367.982933][ T9239] loop2: detected capacity change from 0 to 4096
[  368.103317][ T9239] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  368.334592][ T9259] loop6: detected capacity change from 0 to 128
[  374.086519][ T9290] loop9: detected capacity change from 0 to 1024
[  374.119297][ T9290] hfsplus: failed to load catalog file
[  378.808978][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.951755][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.259562][ T9320] netlink: 148 bytes leftover after parsing attributes in process `syz.8.918'.
[  382.441736][ T5895] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  384.068479][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.6.929'.
[  384.078244][ T9351] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  384.086025][ T9351] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  384.673520][ T5895] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  384.808232][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  384.828373][ T5895] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  384.845584][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  384.940177][ T5895] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  385.078038][ T5895] usb 2-1: unable to read config index 1 descriptor/start: -71
[  385.098475][ T5895] usb 2-1: can't read configurations, error -71
[  387.958309][    C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  387.970251][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  387.978691][    C1] CPU: 1 UID: 0 PID: 6566 Comm: syz-executor Not tainted 6.16.0-rc3-next-20250623-syzkaller #0 PREEMPT(full) 
[  387.990334][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.000500][    C1] RIP: 0010:pidfs_free_pid+0xaf/0x140
[  388.005896][    C1] Code: f0 ff ff 73 e4 43 80 3c 3c 00 74 08 4c 89 f7 e8 a7 1b de ff 49 83 3e 00 0f 85 84 00 00 00 e8 08 f2 79 ff 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 82 1b de ff 4c 8b 33 4d 85 f6 74
[  388.025573][    C1] RSP: 0000:ffffc90000a08b90 EFLAGS: 00010246
[  388.031625][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888027553c00
[  388.039579][    C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: ffff888030ac7b70
[  388.047527][    C1] RBP: 0000000000000001 R08: ffff888030ac7b03 R09: 1ffff11006158f60
[  388.055475][    C1] R10: dffffc0000000000 R11: ffffed1006158f61 R12: 1ffff11006158f6d
[  388.063445][    C1] R13: ffffffff81a83684 R14: ffff888030ac7b68 R15: dffffc0000000000
[  388.071486][    C1] FS:  0000555584de9500(0000) GS:ffff888125d25000(0000) knlGS:0000000000000000
[  388.080397][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  388.086967][    C1] CR2: 00007f84086e8704 CR3: 000000006713e000 CR4: 00000000003526f0
[  388.095025][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  388.102974][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  388.110937][    C1] Call Trace:
[  388.114216][    C1]  <IRQ>
[  388.117043][    C1]  ? __pfx_delayed_put_pid+0x10/0x10
[  388.122312][    C1]  put_pid+0x9c/0x130
[  388.126284][    C1]  rcu_core+0xca5/0x1710
[  388.130511][    C1]  ? __pfx_rcu_core+0x10/0x10
[  388.135171][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  388.140347][    C1]  ? sched_clock_cpu+0x74/0x430
[  388.145179][    C1]  ? ktime_get+0x3e/0x1f0
[  388.149482][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  388.155697][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  388.160960][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  388.166749][    C1]  handle_softirqs+0x283/0x870
[  388.171505][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  388.176343][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  388.181611][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  388.186793][    C1]  __irq_exit_rcu+0xca/0x1f0
[  388.191373][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  388.196558][    C1]  irq_exit_rcu+0x9/0x30
[  388.200778][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  388.206397][    C1]  </IRQ>
[  388.209326][    C1]  <TASK>
[  388.212348][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  388.218313][    C1] RIP: 0010:check_preemption_disabled+0x17/0x120
[  388.224659][    C1] Code: 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 de 1d 32 07 48 89 44 24 08 <65> 8b 05 e6 1d 32 07 65 8b 0d db 1d 32 07 f7 c1 ff ff ff 7f 74 23
[  388.244363][    C1] RSP: 0000:ffffc9000460fd60 EFLAGS: 00000286
[  388.250417][    C1] RAX: c3de040a4547b800 RBX: ffffffff820b16f1 RCX: 0000000000000000
[  388.258457][    C1] RDX: ffff888027553c00 RSI: ffffffff8be322a0 RDI: ffffffff8be32260
[  388.266500][    C1] RBP: 0000000000000017 R08: 0000000000000000 R09: ffffffff820b16f1
[  388.274469][    C1] R10: dffffc0000000000 R11: fffff940003f72df R12: 0000000000001255
[  388.282428][    C1] R13: ffff888027553c00 R14: ffff888024536b80 R15: 0000000000000001
[  388.290476][    C1]  ? count_memcg_event_mm+0x21/0x260
[  388.295754][    C1]  ? count_memcg_event_mm+0x21/0x260
[  388.301053][    C1]  ? count_memcg_event_mm+0x21/0x260
[  388.306332][    C1]  rcu_is_watching+0x15/0xb0
[  388.310914][    C1]  ? count_memcg_event_mm+0x21/0x260
[  388.316184][    C1]  count_memcg_event_mm+0x5c/0x260
[  388.321280][    C1]  handle_mm_fault+0x50f/0x8e0
[  388.326027][    C1]  do_user_addr_fault+0xa81/0x1390
[  388.331132][    C1]  ? rcu_is_watching+0x15/0xb0
[  388.335907][    C1]  ? trace_page_fault_user+0x84/0x1e0
[  388.341266][    C1]  exc_page_fault+0x76/0xf0
[  388.345750][    C1]  asm_exc_page_fault+0x26/0x30
[  388.350577][    C1] RIP: 0033:0x7f84079445e9
[  388.354980][    C1] Code: da 00 01 5b c3 0f 1f 40 00 48 8d 3d 31 41 da 00 e8 6c 0a 00 00 eb de 66 2e 0f 1f 84 00 00 00 00 00 8b 05 1e 41 da 00 83 e8 01 <89> 05 15 41 da 00 75 16 48 c7 05 0c 41 da 00 00 00 00 00 87 05 fe
[  388.374656][    C1] RSP: 002b:00007ffeb086f9d8 EFLAGS: 00010246
[  388.380707][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f8407985193
[  388.388657][    C1] RDX: 00000000000001a3 RSI: 0000000000000000 RDI: 0000000001200011
[  388.396640][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  388.404598][    C1] R10: 0000555584de97d0 R11: 0000000000000246 R12: 00000000000001a3
[  388.412562][    C1] R13: ffffffffffffffa8 R14: 0000000000000006 R15: 00007ffeb086fb70
[  388.420538][    C1]  </TASK>
[  388.423549][    C1] Modules linked in:
[  388.427504][    C1] ---[ end trace 0000000000000000 ]---
[  388.432986][    C1] RIP: 0010:pidfs_free_pid+0xaf/0x140
[  388.438380][    C1] Code: f0 ff ff 73 e4 43 80 3c 3c 00 74 08 4c 89 f7 e8 a7 1b de ff 49 83 3e 00 0f 85 84 00 00 00 e8 08 f2 79 ff 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 82 1b de ff 4c 8b 33 4d 85 f6 74
[  388.458004][    C1] RSP: 0000:ffffc90000a08b90 EFLAGS: 00010246
[  388.464081][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888027553c00
[  388.472146][    C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: ffff888030ac7b70
[  388.480237][    C1] RBP: 0000000000000001 R08: ffff888030ac7b03 R09: 1ffff11006158f60
[  388.488230][    C1] R10: dffffc0000000000 R11: ffffed1006158f61 R12: 1ffff11006158f6d
[  388.496377][    C1] R13: ffffffff81a83684 R14: ffff888030ac7b68 R15: dffffc0000000000
[  388.504362][    C1] FS:  0000555584de9500(0000) GS:ffff888125d25000(0000) knlGS:0000000000000000
[  388.513298][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  388.519885][    C1] CR2: 00007f84086e8704 CR3: 000000006713e000 CR4: 00000000003526f0
[  388.527844][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  388.535847][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  388.543826][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  388.551281][    C1] Kernel Offset: disabled
[  388.555590][    C1] Rebooting in 86400 seconds..