last executing test programs:

27.003112098s ago: executing program 3 (id=810):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x68000080)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="4400000002010300000000000000000002000000300001802c000180090003"], 0x44}}, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f00000006c0)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="1f00020000009a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$key(0xf, 0x3, 0x2)
r5 = dup(r4)
sendmsg$key(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000300)=ANY=[@ANYBLOB="0216000009000000000000000000000007001800000000000a00000000000000000000000000000000000000000000000000000002000000ffffffff000000000000000000000000f663e3ef3a6eb9a18f77b1d65dabce23ecfc3fc93f2214ce97844f5addd4352307"], 0x48}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000900)={0x9, 0xffff8000, 0x0, 'queue1\x00', 0x5})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x18, &(0x7f0000000840)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000008000000850000001c00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_control_io$uac1(r2, &(0x7f0000000240)={0x14, &(0x7f0000000040)={0x0, 0xd, 0x72, {0x72, 0x30, "d31ac327c2bb49b60f21f933c0baf1198dad03dc0c5840a13575f89aa4a8d8c818c9e586232f58c15b37a9c62ed89642f9816c899f9e5da49d6c0635d6ee30be853219c834f48a92d8663d40087135d5f2d967cbc4feb10ebe8373032e30c77b5a4f0ce87e65c609bb6715eac01be35d"}}, &(0x7f0000000140)={0x0, 0x3, 0xd1, @string={0xd1, 0x3, "4939a878dc7a41b80125f075d7e9bb1248bc10dfcd82b99b1ef3eee3e142ea1f89a0296642590ff4b1b3072f999a98b8089db5ecadfb59a449f0681a9cfb7347b2e581b3aad8089ac85d8522f7d996f913d5a810594ffb8b9d0944176fa57d755cd4636394fce05621da98dfa781d3f50d6d1027fbad36fdb71968fbfbf78e1f721a87228e7a02cb38279878dec675531bc234ff4166853dba1c4f4db3727741163bdada4fef2dae222e2002f3c7d04e700f38b1362e865b271b9decb2e3be7a2dc199aa278f69cb3f52404103b78c"}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000580)={0x0, 0x18, 0xbb, "221f748b7108eac3bfc11f6a220e2e4c201a8ac344def8e86e3a19fd33cf8ae21b06970534ac3e70b5a40a593a4fbb56596744e1f728deec4c2dec45d56c53008838f0088ae78f0edad93863167260ed688d5ce66ed4c5c76fe6c154e2faef6fe0ad25e2c391d80a30101b0972887acba6c953b7c262ee81b1a38fa6d6a727817de4239bac3abd54b5c76bbd13084fcacc39a8b167430795fd43a35ad2933f3e51eb69c70f2f323a0bb8cbfa211d6c5f75ad095a2834bd5c0037f6"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0x1}, &(0x7f00000003c0)={0x20, 0x81, 0x1, "f8"}, &(0x7f0000000400)={0x20, 0x82, 0x3, "1466b5"}, &(0x7f0000000680)={0x20, 0x83, 0x1, "c9"}, &(0x7f0000000740)={0x20, 0x84, 0x2, "68eb"}, &(0x7f0000000780)={0x20, 0x85, 0x3, "de7f73"}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_usb_control_io$cdc_ecm(r2, 0x0, &(0x7f0000001180)={0x1c, &(0x7f0000000f80)=ANY=[@ANYBLOB="400f8b00000041625f12315ec1c01683f3a01ae3"], 0x0, 0x0})

23.215012742s ago: executing program 3 (id=813):
io_uring_setup(0x76d0, &(0x7f00000001c0)={0x0, 0xf06c, 0x200})
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$SIOCAX25ADDUID(0xffffffffffffffff, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r3, 0x0, 0x0, &(0x7f0000000340)=0x1, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e20, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x38)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000500)="6b8ab7e6d61d55c6065fbd783a9ff5c44ff2f19d7571b70ac0f7179e6959618d193e39b75c08f6de11b79c3c27903c85f21f6b6bf6f86b3f000096dee718882185344a92f0863d37082be57c99fb3467e33850a9aa39581e1459459744c40f09faaf3e1a49d475185530049489cea9a13431b836fbed1db10f83354cebed4277b6054ea1694f8844efdc6e64395fb9077eb3ca7f40c020d0bbd120dff1f4d738c7062a8dbe499c82573bc0f8e092617fdff53ec04b8001193018697b672e4df4aaec94a4f8fc88f027ccbecff06d4448a0be60473b836396991565ef8ccc9b4666a03e6c16d6539b5cdc749f8aa66e77324001cc2a686d137854611f3664f73c4f46381c7236cd79ab276b0fa34a05340fdd6a2a3ed43c8ef42ff4ea0a4c2183753fffe8fb05f8fc1700000000000000005d6536", 0x134, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r4, r4, r4}, &(0x7f00000002c0)=""/38, 0x26, &(0x7f0000000340)={&(0x7f0000000080)={'sha256-avx2\x00'}, &(0x7f0000000040)="6b10b7d46200005248", 0x9})

22.507839374s ago: executing program 3 (id=818):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r4 = epoll_create1(0x0)
r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$char_usb(r5, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000000))
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r6, 0x851, 0x0)

20.527589109s ago: executing program 3 (id=821):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000100)={0x8, 0x7f, 0x800006, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, &(0x7f0000000040)={r1})
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6576, 0x9, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r2, 0xc01064b3, &(0x7f0000000080)={r3})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x6, 0xfd, 0x1f, 0x0, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r4, 0xc01064b3, &(0x7f00000002c0)={r5})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r7 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000001500), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f00000000c0)={0x9, 0x7, 0x10000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000180)={0xe3, 0x200, 0x3, 0x0, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r6, 0xc01064b3, &(0x7f00000001c0)={r8})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r7, 0xc01064b3, &(0x7f0000000140)={r8})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000100)={0x8, 0x7f, 0x800006, 0x0, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r0, 0xc00464b4, &(0x7f0000000280)={r10})

20.331608546s ago: executing program 3 (id=832):
socket$inet6(0xa, 0x3, 0x2)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000005980)=[{{0x0, 0x0, &(0x7f0000003ac0)=[{&(0x7f0000002500)="bb", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004cc0)=[{&(0x7f0000003c80)='}', 0x1}], 0x1}}], 0x2, 0x16da)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x28, 0x14, 0x509, 0x0, 0x0, {0x2, 0x1f, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @local}, @IFA_BROADCAST={0x8, 0x4, @local}]}, 0x28}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deda8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f53d709959d7bd2f5cc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36fb0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8012392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdff7f0000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977e37df17a321d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2c6aea1d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb89243a16ff10feea20bdac0000000400000000ca06f256c8028e0f9b65f037b21f3289f86a01040000a35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92de6b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250054f84b0fccd4f810bce02322b489b79aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b19128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe309118bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9c35f4259e3452b2f53ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788a25b5a6003b579b8f0e20d78be3d885557292971e65f4f1daefad2c5ccbca608b46406ffff25610c3cbae9f56cd47678f482e2c1f7cdfc5ce2a67c1545c1192f2ac3990f9c850788401469fbca801e73cd9efbcc6e44b2f414cdff5c49e706d699b5bfa75526f700c4e32611b826b2787f99532c02262a9c60e4b07a09377c38747c7f05e38b6d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

16.919021017s ago: executing program 3 (id=829):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_MM(0x41555856, 0xf7354000, &(0x7f0000ffa000/0x3000)=nil)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x50, &(0x7f0000002140)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\"\x00', 0x1a, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @ipv4={'\x00', '\xff\xff', @broadcast}, [{}]}}}}}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=@getneigh={0x14, 0x1e, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x8011}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000), 0x6)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)

13.400356128s ago: executing program 4 (id=837):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000050000000000000000c50000000e800000850000000e00000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRES64], 0x86, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR")
open(&(0x7f0000000040)='./bus\x00', 0x14507e, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext2\x00', &(0x7f0000000240)='./file0\x00', 0x10c74c2, &(0x7f00000001c0), 0x1, 0x778, &(0x7f0000000ec0)="$eJzs3c9rHGUfAPDvbJKmSfO+yQsvvG89BQQNlG5Mja2Ch4oHESwU9Nx22WxDzSZbspvShIAtIngRVDwI9tKz1Xrr1R9X/S88SEvVtFjxIJHZ7KabZjdu2uyukM8HJvs8M7N5nu8+M888uzPMBLBvjad/MhGHI+LDJGK0Nj+JiIFqqj/i5MZ6D9ZW8+mUxPr6m78k1XXur63mo+E9qUO1zP8j4tv3Io5ktpdbXl6ZyxWLhcVafrIyf3GyvLxy9MJ8brYwW1g4PjU9fezECyeO712sv/2wMnLno9ee/fLkH+/+7+YH3yVxMkZqyxrj2CvjMV77TAbSj3CLV/e6sB5Lel0BHku6a/Zt7OVxOEajr5pqYaibNQMAOuWdiFgHAPaZxPEfAPaZ+u8A99dW8/Wpt79IdNfdVyLi4Eb89fObG0v6a+fsDlbPgw7fT7acGUkiYmwPyh+PiGu3ztxIp+jQeUiAZq5cjYhzY+Pb+/9k2zULu/VcG+uMP5LX/0H3fJ2Of15sNv7LbI5/osn4Z7DJvvs4/n7/z9zeg2JaSsd/Lzdc2/agIf6asb5a7l/VMd9Acv5CsZD2bf+OiIkYGEzzUzuUMXHvz3utljWO/379+O3P0/LT14drZG73D259z0yuknuSmBvdvRrxVH+z+JPN9k9ajH9Pt1nG6y+9/1mrZWn8abz1aXv8nbV+PeKZpu3/8Iq2ZMfrEyerm8NkfaNo4qsfPx1uVX5j+1+7daY8EpGvfxfohrT9h3eOfyxpvF6zvPsyvr8++k2rZY/EfyMtf2v8zbf/A8lb1fSB2rzLuUplcSriQPLG9vnHHr63nq+vn8Y/8XTz/X+n7T/9Tniuzfj77/z8xePH31lp/DO7av/dJ24+mOtrVX577T9dTU3U5rTT/7VbwSf57AAAAAAAAAAAAAAAAAAAAAAAAACgXZmIGIkkk91MZzLZ7MYzvP8bw5liqVw5cr60tDAT1Wdlj8VApn6ry9GG+6FO1e6HX88feyT/fET8JyI+GRyq5rP5UnGm18EDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQM2hFs//T/002OvaAQAdc7DXFQAAus7xHwD2n90d/4c6Vg8AoHt8/weA/cfxHwD2H8d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuz0qVPptP772mo+zc9cWl6aK106OlMoz2Xnl/LZfGnxYrY/SrPFQjZfmm/5j65svBRLpYvTsbB0ebJSKFcmy8srZ+dLSwuVsxfmc7OFs4WBrkUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO0rL6/M5YrFwqKEhITEZqKxlxjqXQcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8A/3VwAAAP//pucnaA==")
dup(r3)
r4 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)={0x0, r4})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

11.44749302s ago: executing program 4 (id=844):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f00000002c0)={0x0, 'veth0_vlan\x00', {}, 0x1e})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x6, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x32)
r2 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, &(0x7f0000000100)="5ab03d080995da4e7b1348df2ee3940af68c3e22eb612a3daa1b005a5f74e5f4d0f173a6108fa4b0380399a12645f61dd198533b54b9941924b046720110ba01acc60608d2a0b5d8c73c253980e013e71b18fddf143c04eafd7da9bcdafc451ec9f2a20c91c9511c11090b7aaf3fa668bd4a23c4f08fc9aeada9e6cbc03af89554c2e9a8671ec369d00ec0688a9a25e4274effc6dcd47bc6")
r3 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101000, 0x149, 0x1}, 0x18)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
ftruncate(r4, 0x200002)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x6, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x32)
sendfile(r5, r4, 0x0, 0x80001d00c0d0)
ioctl$PPPIOCGMRU(r4, 0x80047453, &(0x7f0000000280))
connect$pppl2tp(r3, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x3, 0x0, 0x4, 0x4}}, 0x2e)
ioctl$BTRFS_IOC_INO_PATHS(0xffffffffffffffff, 0xc0389423, &(0x7f0000000200)={0xfff, 0x40, [0x1, 0x81, 0x1], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$PPPIOCGL2TPSTATS(r0, 0x80047453, 0x0)

10.263001305s ago: executing program 4 (id=848):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1000c80, &(0x7f0000000080)={[{@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x6, 0x588, &(0x7f0000000300)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x44, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x26, 0x33, @action={{{}, {}, @device_b}, @channel_switch={0x0, 0x4, {{0x3b, 0x3}, @val={0x3e, 0x1}, @void}}}}]}, 0x44}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00ffffffffffffff06061f0d84cb6448786e73e857ff000000000000020000001800028014000180040001000000000008000200ac141400"], 0x2c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058acfed"], 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file2\x00', 0x0, &(0x7f0000003240)=ANY=[], 0x13, 0x325, &(0x7f0000000b40)="$eJzs3M9LG2kYwPEnMcYkoslh2WUXFl92L7uXQbN7XjYsCssGVtQsq4XCqJM2ZJpIJlhSStVTr6X3ngo9iEdvQus/4KW39tJLb14KPdRD6ZSZzJjfGmNsrH4/UObN+75P5n3zvinPDE4O/390J5+1tKxelmBESUBE5EgkIUHxBbxj0C2Hpd6m/Dr6/tWP84tL/6TS6ek5pWZSC78llVLjE8/v3o963fZG5CBx8/Bd8u3BtwffH35auJ2zVM5ShWJZ6Wq5+KasL5uGWs1ZeU2pWdPQLUPlCpZRqrYXq+1Zs7i2VlF6YXUstlYyLEvphYrKGxVVLqpyqaL0W3quoDRNU2MxwWky23NzeqrH4JU+DwYXpFRK6UMiEm1pyWwPZEAAAGCgmvP/oJPS95T/y7ib/zuda/n/zk/75dH/dse9/H8v3C7///119b0a8v+IiPSS/z+RM+T/rRnR9XKu/B+Xw0S4pSrQ8MrJ/2Pe99e1dWNn0i2Q/wMAAAAAAAAAAAAAAAAAAAAA8DU4su24bdtx/+j/qz1C4L3GldRp/UdEJOKsvs36X2Xzi0sScR/cc9bYfLieWc9Uj16HfRExxZBJictHdz94nLL/5JFyJOSFueHFb6xnhtyWVFZybvyUxCXRHG/bM3+np6dUlRd//JhSrD4+KXH5pn18sjHeO39Yfvm5Ll6TuLxckaKYsuru61r8gyml/vo33RQfdfsBAAAAAHAVaOpY2+t3TevUXv2VkVTWvU3U4f5A9fp6su31eSj+Q2jQswcAAAAA4HqwKvfyumkapRMKUTm9T++FUHedw001wyd1HqqbYbfjCbs3MkTOO6+nXX6qDQX/DykamiJeZW/j8efft/XarK8JShdRoebBTzgV6oxn3/Imclzj3zYKd/icZbb1fYIn7IThvu3n7x4/+9C/L8gfu/4OOL3zVq/nijTvOrcwfNH/7wAAAAD48mpJv1/zZ31zYCCDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgmrmQn/RrKgx6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBl8TkAAP//3cD3xQ==")
syz_usb_control_io(r5, 0x0, 0x0)
syz_fuse_handle_req(r4, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f0000000340)={0x50}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r6, 0x401070c9, &(0x7f0000000180))
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10.075025212s ago: executing program 0 (id=849):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x7f)
write$binfmt_script(r0, &(0x7f00000002c0)={'#! ', '', [{0x20, ');4\x8d\bx\xf3\xd1\x94t\x89+G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\xb9\xfa\x1eG\xae8n\xf2g\x95\xeb\x90\xc1\xfd\xc8O\t\fe\x191F\xf2d\xbe:WA\xfc\x04\x81\xe7\xafh\x7fT\xac\xa9\x0f\xfdm=\xdbA\xb2\xc7qP\x84*\x18\xe5:\x9d\xf9[\xe6dPx\xaa_bK\v\x0e\xa4#=\x94q\xd6\xa4,\xc8~\xc3\xab\x93\x88\n\xbb@\xf9\x16\xcc\xca\x9c\xa4\xc6H\xd3\xe3V\x1a\x85\xd2\x82\xb2O\xad\x87\xf9\xe3\xf0\xd3\x01\x03|\xec\xbc\xbd\xb0S\x99\xaf$\xc32\x80y\xed\x99\x10\x9c\xe7\aD\xcc\xda,\x8b\x7f\xc1\xf8\xc2%u\xe2\x00\n\xe0\x1e>\xa9~\x97\xaa\xad\x05\xe3o\x8cVcA\xc9\xf1!?\xd3\x9f8\xf7\x8a<\xc8\xc2U\xec\x05b_\xbb\xf5`\xe9R\x81\x0e\xd0c\x8e\x13\xfb\xc6\x8d\xcc\x19 \'\x1a\'\xf1\x80\xfa\xbc\xfaJ\t\x8c\xe2\x9e\x1di.\xc8\xea\x99\\A\"\x03\xd6\x1ad|n\x9ey\x04\x89G:\x8f\xc8\xa5\xda\xe2 \xcf\xff_5\x85\n\x1b\xfd\x9aBP\x98\xe3tXP'}]}, 0x116)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000002680)={[{@codepage={'codepage', 0x3d, 'iso8859-4'}}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}]}, 0x7, 0x34c, &(0x7f0000002800)="$eJzs3U1r1EwAB/D/JPuSfVr65Gn7UPAk1YKn0taD4sUixYtfwIMUa7uF0lihVtCCWD2LeBMEj948i34FvYhfQE89iCe9FA9GZjLZTOLMbna3y1r7/4HZmJ3XzEwys8s2IKJj69LSp5dn9+U/UQXgA7gAeAACoALgf0wFd7Z2Oibkt/YEkpjitzCrW01b1AA6hhbK/1Uwah6jwYjjOP7cMdQ3/RoMvDw0HMIcwQYPqOvRqd7/W3rAXlKv48VoYXGAA9zF2DCLQ0REw6fv/56+S4zq+bvnATN6Hn7U7/+5+c3B8MoxeHHnIK37v6ejCHl+/lVvyfXexk7UXEuWcLL1vXSVaEvL2ifi7HTXkPQsf6TuZQXIcrFTZfEa6xtRc3ZPJfAIFzUj2KTargGecdBV2lryMm1Zm7bRru7tjag6VGUdFhzln2iXo3UB/PYLntmzW35fokzinfgglkWI51jL5n/G2QsLQyUp/5w7RVXLMAmVq2VW/P/kpnIibYE3r7JaNlznNYAvy2IjUxHF+XuYlvNpzR0L48h/rJDUbt5dOxVrAqgItWowYy20Av2wxpos5tVYr0bN2dVbkavTHy7rik48EVfFNL7iNZaM+b8nQ8/APTJzo1yokLpn5OtTuBpUVEhHO+aoLnizq5FJymVrQ1u1hsZj3MB5jN2+t7u5EkXN7T52gqi5LVu9z3TSodJj9JN91qK4k3RE3R3lEflqhEEgd6oAyqbsoXhE3qiNIz/jOLZGr+Dw6uXeqaqqnnuRVXl3c0Xoa14+cDrIy2Yhr5yFtxbdgQEsAtBHRJd5mTsPWrHqWYKlon+Xra2O2DtkWqpBN4psAliawEe91Ehp9JDplfubK1FPVyI6YrJGx9S1YReGhkHOu0Sy/jPWK3PqqiM3Ybb+qRbjdlxpGinOO1ZA42r7T7kVXCtZ5zxxJN3psOY6dQY4XcjRQ5rjw2KyoS4n/sRvJbv/KkMs4SOu8/N/IiIiIiIiIiIiIiIiIiIiIiIiIqKjpttfI/Tyc4J8jvvH8A9vEBERERERERERERERERERERERERERERH1x3j+L+CrJ8bUbM//bfekJsVPnvwSHMbzf/0Sz/8Ve13UkohsfgUAAP//84JX5Q==")
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r3, &(0x7f0000000140)='./file1\x00', r3, &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18080000000700000000000000000000850000002300000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000001", @ANYRES16=r5, @ANYBLOB="01000000000000000000020000000900010073797a3000000000"], 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$unix(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
close(r0)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000000)=0xd4e, 0x4)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
execveat(r0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000600)={&(0x7f0000000180)=@ieee802154, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000200)=""/121, 0x79}, {&(0x7f0000000400)=""/177, 0xb1}, {&(0x7f00000004c0)=""/114, 0x72}, {&(0x7f0000000080)=""/53, 0x35}, {&(0x7f0000000540)=""/139, 0x8b}, {&(0x7f0000000700)=""/162, 0xa2}, {&(0x7f0000000280)=""/56, 0x38}], 0x7}, 0x120)

9.178950301s ago: executing program 0 (id=851):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="383f64d83a04ee94219d9e4b8a44c8e7a53731d262650dafe80500141e87b25032", 0x21}], 0x1}}], 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
socket$inet6(0xa, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.058690409s ago: executing program 1 (id=853):
write$P9_RSTATFS(0xffffffffffffffff, &(0x7f00000002c0)={0x43, 0x9, 0x1, {0x3, 0x10000000, 0xfff, 0x1ff, 0x8000, 0x20, 0x401, 0x0, 0x7fff}}, 0x43)
r0 = userfaultfd(0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000200), &(0x7f0000000240), 0x2, 0x2)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000016b000/0x4000)=nil, 0x4000}, 0x1})
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x1})
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x640, 0x0)
r3 = dup(r2)
ioctl$PTP_EXTTS_REQUEST2(r3, 0xc0603d06, &(0x7f0000000040))
setsockopt$MRT6_PIM(r3, 0x29, 0xcf, &(0x7f0000000340), 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x1000})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8200, &(0x7f00000001c0), 0x83, 0x5de, &(0x7f0000000bc0)="$eJzs3c9rXNUeAPDvvZPkJW3eS/t4PGxRDLhoQZomtVh11daFXRQs2IWIi4YmqaHTHzQp2FowBRcKCiJuRbrxH3Av3bsTQd25FqpIxYVKR+6de9shnUljmsmd9n4+cCfnnHuTc765ObnnzJ0zE0BtTWYPacSuiDiVREx07BuP9s7J4rjbv147nW1JtFqv/ZJEUpSVx98pvm7PHpKI0Yj45mjEfxv317t05erZ2War7d2I/cvnLu5funJ13+K52TPzZ+bPzxx44eCh6RdnDs5sSpxlXMeOv/rkR++99fzCt819SRyOk8PvzMWqODbLZEzGnSLEzvKhiDiUJbr8Xh41ZQhJxe1gYxrF3+NwRPw/JqKR59omYvHDShsH9FWrEdECairR/6GmynFAObfvxzx4kN060p4A3R//UPu5kRjN50bbbicdM6P2fHfHJtSf1fHXtd2fZVv0eB5iaBPq6WXlekQ80S3+JG/bjvxZnCz+NNKO78vS0xExUrTv5Q3WP7kqv9V/f/8k/s7zkMV/uPialR/dYP1Vxw9APd08UlzIV7LcvetfNjIsxz/RZfwz3uXatRFVX/96j//K6/1o/hx5umoclo3/TnT/kcOrC3784NgnvervHP9lW1Z/ORbcCreuR+xeFf/7+UAvuXv+ky7nPzvk1DrreOW7n4/12ld1/K0bEXu6zn/u3dHKUmvcn9y/sNicn24/dq3jq6/f/KJX/VXHn53/6BH/Wuc/K7u4zjq+PHHjXK994w+MP/1pJDmZp0aKkrdnl5cvzUSMJMeLQzrKD6zdlvKY8mdk8e99pnv/Xyv+sfJf5jpcfP3s7V77HvL832mt88BesvjnNnj+P15nHb+/cfmpXvvWin/sYQIDAAAAAACAGkrze7BJOnU3naZTU+01vP+LbWnzwtLyswsXLp+fi9ibvx5yOC3vdE+080mWnyleD1vmD6zKPxcROyPi08ZYnp86faE5V3XwAAAAAAAAAAAAAAAAAAAAMCC2F+v/y8+p/q3RXv8P1EQ/P2AOGGz6P9RX3v/TqlsBVMH1H+pL/4f60v+hvvR/qC/9H+pL/4f60v+hvvR/AAAAAHgs7Xz65g9JRKy8NJZvmZFi33ClLQP6TR+H+mpU3QCgMndv/Vv+D7WzrvH/H8WbA/a/OUAFkm6F+eCgtXbnv9n1OwEAAAAAAAAAAACAPtizy/p/qCvL/qC+HmL9v7cOgEect/6H+jLHBx60in+01w7r/wEAAAAAAAAAAABgy4znW5JOFWuBxyNNp6Yi/h0RO2I4WVhszk9HxH8i4vvG8L+y/EzVjQYAAAAAAAAAAAAAAAAAAIDHzNKVq2dnm835S52JP+8rebwT5aegDkp7OhORbH2lYxExCLH3JzHUUZJErGRnfiAadmkpBqMZeaLif0wAAAAAAAAAAAAAAAAAAFBDHWuPu9v9+Ra3CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC23r3P/+9fouoYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH098BAAD//wX4PNY=")

7.962568398s ago: executing program 0 (id=854):
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f00000001c0)=ANY=[], 0x31)
syz_emit_ethernet(0x17b, &(0x7f0000000580)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000400", 0x145, 0x3a, 0x1, @private0, @local, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "a9d528", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, [@routing], "31751c2a3dc022dcc8de6aff2a1515a5a193b36c1ffc63af56a7c1fdaadecb98d3b658be4d0e6e46bda8fa34c0b9e01a1c9e8fcae1ba11d35300f100488131e3103b3fc143d8bc9e45d8fc409630af724f7fb04da3aca66040f44b87bf62a169f44f9279efaa02ada260bb0df44ea203e0eeda8b9365feefd366fa0927ee3f7e581594f992acdb5d998799529f1b9dd374b1ea6947eba5d4b5908b8cce84275e8aa4bc0e298fa29aa52253e0ce4014bf61f564faa5f71ca67690760d2d57dc9e9f442305fc3b111dd66a43f4a1ad727a178fcc6157c4903700448cbfc57657c050f59c6c69c051be9b68b14c72c4b6b0fb22f57f41df7da17edffe13065fa37a55d3714707cad2bde6de874b15"}}}}}}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800efffaa6f289a"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x114, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_IE={0x28, 0x2a, [@perr={0x84, 0x22, {0xce, 0x2, [{{0x0, 0x1}, @device_b, 0x9, @value=@broadcast, 0x32}, {{}, @broadcast, 0x932, @void, 0xb}]}}]}, @NL80211_ATTR_PROBE_RESP={0x5, 0x91, "a6"}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_TX_RATES={0xb8, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x9, 0x1, 0x5, 0xe6, 0xfffa, 0x21e, 0x10]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x4, 0x48, 0x5, 0x45, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x0, 0x6}, {0x6, 0x8}, {0x2, 0x1}, {0x7, 0x8}, {0x7, 0x8}, {0x5, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_60GHZ={0x40, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x24, 0x18, 0x9, 0x12, 0xb, 0x4, 0x1, 0x3, 0x16, 0x18, 0xc, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0xf800, 0xd50, 0x6, 0x3, 0x4, 0x80]}}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x5f69aab4996923d7}]}]}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x3}]}, 0x114}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000000)=ANY=[@ANYRES8=r0], 0x32)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000d40)=ANY=[], 0x4e7)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x20000400)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040))
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20008011}, 0x4000)

7.455006722s ago: executing program 1 (id=855):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x400)
r1 = syz_io_uring_setup(0x24f5, &(0x7f0000000080), &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x45a5, 0x0, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x8012, r0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
fsopen(&(0x7f0000000380)='configfs\x00', 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x22000200}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, r5, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xf7}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x20, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x20}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x24000000)
ioctl$SNDCTL_DSP_SPEED(r0, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f00000005c0)={{}, 0x100, './file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)={0x40, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x40}}, 0x0)

7.048662478s ago: executing program 1 (id=857):
socket$key(0xf, 0x3, 0x2)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
read$FUSE(r0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe2$9p(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x8, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$usbfs(0x0, 0x75, 0x1a1281)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={<r4=>0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0xfffffffffffffffc})
close_range(r4, 0xffffffffffffffff, 0x0)

6.863885615s ago: executing program 0 (id=858):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5f, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='mmap_lock_acquire_returned\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r1, @ANYRES64], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = eventfd(0x800a6)
write$eventfd(r2, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
r3 = dup(r2)
read$eventfd(r3, &(0x7f0000000040), 0x8)
mlockall(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mlockall(0x6)

6.363900488s ago: executing program 2 (id=860):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
creat(0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
syz_clone3(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640100001900010000000000feffffff1d010000150003000000000000000000d0ef0185bf940fb0030000001e0106000000660000a5868970f5386b127e00f99ada367bd51c64ec0679e88637de0d8260e87cc756225017fdb3e617a3957bd5a0001e7fe37f59d13c72b70ee5406fd78c4729c3acba7102dc3d998d8998149af0d2282afaa5564cedee7a3def9ea01a3ce848dd1b3946fcf5c30557069e8188479c008bc2affe8bbd9a9891906382742db74e65a63382f7b2c96e84401834b2aae404f46fdfc39c32876f7faac71d175bee7ac78551e6aef06473fb1137bb58ba68f22efbdceeffbb6dbc705db37f3d3a6c4e584706a4d4f39d7cafcd681f57a43c9c6b066cf8ac911cdfec30172f02b083c79a54e7f2f45a661d311da0fc3f097164d058a222cecc308a09bb55ec07607da5c97900384af115bf3bcb01000000292614496ddff375fa000015000200030000a000010000732a678227d4470f07"], 0x164}}, 0x0)

6.103049842s ago: executing program 1 (id=861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff7e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$inet(0x2, 0x2000000080002, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[<r4=>0x0], &(0x7f0000000340)=[<r5=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r5, r4], 0x2, 0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r6, 0xc01064c8, &(0x7f0000000140)={0x1, 0x0, &(0x7f0000000100)=[<r7=>0x0]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000240)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.562658249s ago: executing program 4 (id=862):
getsockopt$inet_sctp_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f000033f000/0x2000)=nil, 0x3)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x3, @local, 'macvtap0\x00'}}, 0x1e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x161002, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80940, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
r5 = dup(r4)
ioctl$PPPIOCCONNECT(r5, 0x40047435, &(0x7f00000002c0)=0x2)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000300)=""/246)

5.034810726s ago: executing program 2 (id=863):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r1, 0x104, 0x3, 0x0, &(0x7f0000000040))
sendto$inet6(r0, &(0x7f0000000140)="c7865066f53915f565d1e45eae2b545884aec7d7ff8e93156832d669b5cf59350bea0b3b31f713507fec212e6d012c95d993efe475a342ca8e4615c8b7c09dbdb6a47b66ac9bc9ac87efe9570a5b3e1c606c8a2396e2412213ec9957f8a963afdc056f75d0f4fc232d85df2361b7ed28e6999c0a8af389add4c6d370c280ec5bf78d86d269996bd01bc486a375d9997ba0c2b25b79b45c4448daa8ff9335cc1b53d8af02bec6f18e1c7b3dda3d1de4cc1f81ca4faaf4071ab01796d05551e3033460763bc76101aeb25f2974ff13321f89ebd577c80944182d7094e4ba09ec2b4f3b550dc38df5c87d1494553290a71d032c3275c3d9827997d16c2d9ce6798e2c97c05dd19cc3e1f2789ab7af4d6cd86ed5a78d48864d6a533a204e7fabfbff9467ce63695b790743beb0fc29313e9b0348386b83bda48fb12ee636043f4eef6c385f023bfc9e20273d4745f42b2815d49b7afb03b669a05a06a48b1bf1bcc8332e4052fb446ddbdb0501943111d3eba1f0371c5e786bfe3afc98fcac0efbf4a4736d616ce2240fca51e7e58d4c4c9d00352c8b03aebcd16c286587cbde23e17ea29c7478d1beac2fa454572110a6e9465b3b44c792955fd2f1ead52678921d987babf6fc15584410d818e81dd86aa64d6f1b90706c1e3f5fa4b5b2590a8baf4cadfee1428f0ba615acddf65994b5ebc3c3d586055c4af3a4534af0734c48436e9d5f8b0ec6d376aa2d1c8018dcec1c85b06a777b8d2e13b91cd540adc622bfa2a97174a689192408ec9c258f1ede90f842306babce5220102ba76b267c8d24ee16f1c1d9d99c5cff7210c68873585ba289bbe9828e85a1a49ea4ddafafa7f09c25016f3519accf713e6552b7704a4176fb053fe08f59d60db16fb7638a46ded5ad2b691472c9ebeb5b2b05fed9a4d5889358e305afacb256df199fa62a0a03417b9cd827cd5a44c155806fe30afb844d09c63256b9f4d298c8fc4d0185bf83eeb5d00b38c4b5c3e4b1144c8c13a178b6348636ea86c22d0be348da6909336134d441842adb3d3a03e5482a8bf2852c72ff0878969fd35380beac712b26b008c473c5934df6eb666ee22e870e581968c538ed098015e0838d41fe71d1fbe0217dfbeb31d87c3be072e291d553dfe5abab7820397eeba147959dd0562e7c4a2ecb4e50f4f9a097cf34a581d9fcce9a9151208bb59b5c53342d6b9fadac020285f362e68c85456f78193f56542b1c8815c543b34af68283ff0a918ce4fdb370dfa8455f6f9b5a969d94bdae98e8a1264a270e18ae27b8027a19d2922f454cc9100ee79694e0a3cfd3ef9e250ecbcf40de9fbb779f8f906db44b66e19c61a0d22eb28e5bc277c494d0d7995d2d5ed470617326d22f84a4c3efbf7cadc15a880845ec2496f2180e968d7ef3c9d626b6a7349760604532e6ada962696d1409afd404cf0f748049554b02f8d516ce81d10ff664ffb78d25e255bd5859b75400a176b1e4712fea1fd95af05ba52a1b4a3ca22d90988c5c9ef6bc9a852794eae0df8f3259aa5963c98a91b7f373932aeae3670df1a1d4555143943b227e96f5264511082eb1ac997b6ed2fd614aecb789991e87355dd96119b4582895ef80031b4ddb2abe36b85ad310a78ceca6b61c02dc436822d8b10a3ded7aa7c93b29d51476c6146018cff288c31501ec2a981aa39da86b99c9d1182265457472947bd4be72bfdc04a02bacb93b60dff3b0b8980cabe1492ab7cd3b51d19aa2824751c1b8a5b2460e9f8fe6a14e8fae4bea82ac9afe5e90d944089ba1c4c1ec6c9892700131b9e8b0343987138d2b6fffe3d8501e0433210d9541cb3a3e27e3cbf42217534055fdab340bf052dba5396f6ca54368a11a2de66aa71970e10765d4a48093257d9ed602d21cb638dc30c080cd5220dd650b01316122f0029ddd1176a0e4bf509bec2c81b735224c3caa031d5106a44d40aed7401cbb2daf5bf2603f60bbbdb369ba9c83218fb2de5595cb0b26c4d3e301f987a2df70364574573c29bcfce5984d0b0fb672cdaaabd4bcae4d4b1526a3ae071834ebce6a4edbf7426d8cd7451ca5239bce7f56565e91de5eb3c9e9a6f146878520b7ea212f3c3a6a708094b64c7c8b898f89276996e86e2f6031df3962deefd954274db69fa4c8a980dd19c8f8640e6c786fd8e83f7198b18a92a65e3f421059a427d4c818814276d5e07f39f0f133e5af6858b98fcf0fff7d292181ebc4a2c8237e64909415cb64b61d2effcc71e706527d5cbf28066e86589e7ba749cdb2363662174f9ce5869329ede25ccfb169da10a5e26c464da0d5e78c6e65915f91512c38455b04a1fa025dd4a60646c4f292487006da06094c4e06697c05f955974b350f7d2ea99af01af3a011a5b373335231fc423ac1d72c4bafbde7e7c9005afdb08bc71eee4010df2de3403c6bb5b636c9e08549d820d9598c594460de3b2d58f9a8e1700bb6ba734d33cd04f4cd7146bcd811bd31d7c92611279c97928fe5ad62409364561090386b8a06f4b029f250f22319d67ab4a5b5d318f8bd65a0d0a8364987fb4e84e50a45066764d0fe1e14f9d0d48d03786035268e798be5d13a5d9d7da4aa8a2a729146ceeada269d0ab167b26406de24c3164f39c9c9fe2a01c04a5a19fe84e9f3db1eeb0e7cd803b6626a6fea2bdcc8558576013d016102d3777052701daa6e316cca09a3c1a6e65d3d8537299836aadb696f02180fa860f1d9fcef8a77bc0d6f21f386fca283982b9a1d52c5b50bda5a70e846c0ef0bbf7465b453ed45d89ee9a2eb947d3782b52cdcb5e6ad135b98432e3033878e7d198cf752850d34a5cb8118b94817f7ca99d8b07a895bbfc5a082c5991207b006ed5414252d0f57328814f2e30e0d35e59d9f9c1f30eb3f3912bfdd8381b0aaa3b741273cc08e68b171f71242ab5d1462893c9f288ca0e58c2ce399d32ead58ab58833fcce4f104ca3ee3d0b5bb44c508715bc9e6c4e63a93f95ad2c226084db816775fd8b56903aaa7ce44f46901c12d0d967a302343586f1c9a7e6dc5494dbfe85c5a893e3802ac1e3e2b65f53b2ef294e882dfc80b00ecba6dae95ec8a8e8649ae80bbeac8bead010f92869d02e4809066435659aeb27e2a94c7bf6e2d456f35ce62fd35a1629b916d835ecaa28fa17599840b97c033937874d02f59fa0e9713065915fb41b1b5559ba003d73ace526fabd467595f143ef1198782364e104c62e50dbff7b8045ab5ba7566abb7bb23394086106867d02e5fd4c4b0caf5d635409b5027e74ed97f49f2edc0c4bd1c5f59ed0b08c10a67898bcb836c860c3c508fe1354709fcab9c47a030cca033a1251c9e4017dea223db9364f4f85253d755ed1ebe0a7a283c4a2331c55dc91ab876ab676a83f28be4b8505ca15cec266762feb5ccc3b81e91dd5427e085d42a1a4cdefd562a5ecc3b7b0c5465b9df8121ff2cf285008373952a5e4bb47c80c6b12c90fa16331ff0a6e271185ecb5067010f8251b19d6f57339c7106b2b3ceeb0649259738d2e7607e2af116e4859bcb039274ec0ad77cb46ba1c4e53fd9d21ba0f5f4518c913e93775c91be0aa31be6e32e4448a8c4f2d01b22ad130d0d7ed8d1a878fc036084adc3dfb426a3bb269ac27a989ff5dafdad3f6e1702bf582d02788c621c5036d4fba972c377232148523a35eb51409016f6af320aa485cc837dd6d628405cbfa3c9c24b1f0d3943d451398f7930c36d2635d5acef85480305883875f48a3eeef5ba624f0a01b5470d73be70b8d3a32b115a3d56af639f4dba0188f09e9dde59649eabbec0edfb0f322cd672d01dc93a1c6296795edd0a20fea58a925bf6d849e7bd068f85310eda84cd7fc8a4f0d3cb9d239a4db0b50dc7cd11950ea6fc81d4e1c8c74f37f07378fd1caaefa58021770ae90d9d681d7cdac0c9be977af7cbd3e27ca1250f727a2b6461a1e9a4750c7659fc40796b2345a8a500667394879f0173a44e46b675d37b3bc4480777dbf93801e649544d37846e5eb63b38141daa8c9a3140b8e3e83118523c998c93bc314b7786b0ff0d647afa5b16a5aae1c0b999ef2b35a14c9126bb1a94ca39bb36ff5377a82378069573e5fb8f7573d0ff412cd4f6643480b33612f9dbbe781044b1263dce39ac42f7c27a0429d3175ec3db653578e4c82133cf2559f75218d2d3e5e7560f3bf25ef0ba9b43d352f2111034a7dd403d29de53d55d74d6fa78b11a005372230829c14a8ed8f53c442a2f0e73c55681dbebaa5212faed347493c472c039f373a51b76187548a2176889ecfbab7f43466419f1cdd75c5be2c9eb8a00f74f4678a7ff71c3effbf2158e32e4baa92b67ffdfb192caef9510a610e8c445250e58a641c04c6929a167420d6d9fafade09980113b6b31bd203a6149b0241ef4264105d3059d22c10433f3318edd1f4d6fdeefe341bd180796e03f45e9f38984ab6a0b4de2b5599fa494ec3d4335bf9684013a87d79faa50997fbe090e12c5da3fd914657c363f0c631471682194617b8621e740fd2365190bcd3f5fbe699e53f25be5abee6da7ff52a32fce7a592e9288b1185b5a0098348eed7c62cb23d57d5bddb2ec2daf2657dbe5ac4cef02f008f60dd473132b77919b4bb3adfcfdd33a852094d78b4e499fccfc76241230a2cc24d89e3165097127a775798a38a6b636c8e1dac0c3f6fbeed501e57525e16349df0c4c082c307f9d73c871de3222b785464f024d90669f91bca7a5b5b6e4461a06d620f579b0bfe126bd1231b2edc027b8caa61d7958e70b7deaf8f9c4a7eff2d7a3e22ae277184e2566d5ddd603e996a66c1e694e6502c1ad9747b2d971928bf750b851045888d5db69dcf4b41e2ef7986b4b8fd40f2318af50bbf61d2bbd5274711acc496468585e9faefefbddc6acf30dd1e64e619e60742272e9417f2338431d9087f77f93621ae76e688ab058820a30d49062ef737e2f1e63f032cb6501525141e66ce1e53950b7a3255c34b31645c44780b50bedf196c51ecb0bc0d93870fd045df9be1e6ff9c44e8ff7e6158a223413919056c40d6a7ac76c9b48da5e13081f039e17cc5862acfc5e273fe2b6bc021576c977bf5793b00d9c0d41967cdcc82bedf7e278997ff11b387a29a47f0e797c3c6c912508843e269b1eae99406aff2fc00e472f436760b4e383c49f3f384f4be19ba56613403bf407c190ac15fea54bd0fb185598d153a730771f96a1e49d92799d6d82293d1d76499364cc0f91187c87fa06cc445310996b1a3c1fe493794420696b256d8c51d13ddb1b2a358ae2f013a366683541b4675cdcca03cea24e6a733d511f37f70724b19e4947dd8444b8ac300c400dfded277102f8a5a5db66b7bd1dacee494ec11fc4babeaf3a372c0544a41b24f8bed625dd35a913cb9456a9f2caa0be71122993c8e825799d3b3a8f6d92298a53fbe7dd938f71c6353bc5f44db3c46ea83e0ff8eb601747d8c4917628a140095aa3465d0999e07b1b9d719fb63b41824595f5162d681df5c958acabe145deb9cc7dfdc95e41d4e5612245bff3b60a3505454dd5d9c5e60e7e4b855778121b43dadbb21926297816f36500f3db379aaa123f76095e15bd3a9d7704930b295d4fa8e7504e2937548b85da3835f6dfe2124a2e4b095d120a2ef68876a4269881ba4bd3612ea841c5b1d0a1a94b3e79a62815cd896641cd6f56fb1f5b9f6fccc526faa1d3fcd8d0cd41df48cfd38cbc5325ef5db8e3459dc04a1a16f633002185044ce9fcbf1aa1806aa247091353a5437c991a31bf665c58e156", 0x1000, 0x4000, &(0x7f0000000040)={0xa, 0x4e24, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9a}, 0x1c)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_buf(r2, 0x29, 0xca, &(0x7f0000000140)="f3d3da7747286305fa4957df", 0xc)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_ethernet(0x66, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60cb653e0030040000000000000000000000ffffac1414bbff020000000000000000000000000001030090780000000060256b5400000000ff010000000000000000000000000001fe8000000000e0ffffffffffffff0000"], 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x3d17, 0x0, 0x0, 0x7, 0x0, "7e12105588e633bbb1df022dace17a32d211ee"})
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d}})
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0x1100, 0x101}})

4.812738115s ago: executing program 1 (id=864):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./bus\x00', 0xa00010, &(0x7f0000001040)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d312c6e6f7374726963742c6c617374626c6f636b3d30303030303030303130303030303030303534362c6769643d666f726765742c6c6f6e6761642c6c6f6e6761646c756e64656c6574652c6d6f64653d30303030303030303030303030303030303030303030352c66696c657365743d30303030303030303030303030303030303030352c0024e2518192b3bfda48dfe13b4266fd03197717ef33213b683106edb44d8be6b214d0a906adf0efb7926c61d97157678e69a1a1c3a3c51a0d7b156c464d96557868e14f471f480aa28c2c592f3ab07a04e3f4c07207bb714a36859b5b29b80608983df62729a7cc1c7a1b0a6c1ead438adfa701154b98686ae80262ccbbb242c44ec0ace9df7346bf1e6c9eb008dc753f5463f2205e800c8d8e8106f1083d4edf4308ec"], 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_clone3(&(0x7f0000000700)={0x2000a0080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)

4.811100815s ago: executing program 2 (id=865):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x20321, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x1f, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000025000200091bb0ff3d030000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200001400000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ptrace$getregset(0x4204, 0x0, 0x600, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, 0x0)
clock_adjtime(0xffffffd3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x4, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x24)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1c00000007"], 0xd)

4.723140873s ago: executing program 4 (id=866):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x8000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000100)={0x0, <r6=>0x0}, &(0x7f0000000180)=0x6)
setuid(r6)
keyctl$KEYCTL_MOVE(0x1e, r4, r3, r3, 0x0)

2.940761821s ago: executing program 1 (id=867):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r4, &(0x7f0000000040)={0x2020}, 0x2084)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x10)
close(0xffffffffffffffff)
syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.648777195s ago: executing program 4 (id=868):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000009c0)=ANY=[@ANYBLOB='nostrict,umask=00000000000000000000010,unhide,longad,utf8,lastblock=00000000000000002304,anchor=18446744073709551615,gid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=forget,uid=forget,noadinicb,shortad,iocharset=ascii,lastblock=00000000000000000009,iocharset=cp950,fileset=00000000000000000001,undelete,anchor=00000000000000000006,partition=00000000000000000008,anchor=00000000000008421375,session=00000000000000000001,anchor=00000000000000000005,gid=', @ANYRESDEC=0x0, @ANYRES32, @ANYRES64, @ANYBLOB="00f7ffffffa504c116a12e6c926e45f36744b31522e34f4a2d9dc07e1fc31f", @ANYRES64=0x0, @ANYRESDEC=0x0], 0x9, 0xc1e, &(0x7f0000001240)="$eJzs3U9sHNd9B/DfG5HiUmkrJnYUu42LTVukMmO5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLppYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUsZvatuKRIixFFibI+H5v67s6+N/PevPWMLOjNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4vdfu3T6THrUrQAAHqYrY185fdb9HwCeKFf9/z8AAAAAAAAAAAAAABx2KYp4KlLMX1lPE9X7ttrlVu+t2+PDIztX609VzSNV+fKndubsufNffGnoQicvt2Y/ov6D9my8MXb1Uv3VuZvzC9OLi9NT9fHZ1uTc1PSe97Df+tsNViegfvPNW1PXry/Wz754bsvHtwc+7PvEiYGLQ8+feq5Tdnx4ZGRss0jtvo+9g91meByNIk5Fihe++5PUjIgi9n8uag937LfrrzoxWHVifHik6shMqzm7VH442jkRRUS9q1Kjc452Hovo6X2ofdhdI2K5bH7Z4MGye2PzzYXmtZnp+mhzYam11JqbHU3t1pb9qUcRF1LESkSs9d29u94ooidSfPv4eroWEUc65+EL1cTg3dtRHGAf96BsZ703YqV4DMbsEOuLIl6PFD9972RMlucs/8TnI14v8/sR75T5SkQqvxjnIz7Y4XvE46kniviLcvwvrqep6nrQua5c/mr9y7PX57rKdq4rv+D94a4rxSO6P/Rvy4fjkF+balFEs7rir6f7/80OAAAAAAAAAAAAAAAAAA9afxTxbKR47d//uJpXHNW89OMXh/5g4Je754w/c4/9lGVfjIjlYm9zco/miYGjaTSlRzyX+ElWiyL+JM//++ajbgwAAAAAAAAAAAAAAAAAAMATrYgfR4qX3z+ZVqJ7TfHW7I361ea1mfaqsJ21fztrpm9sbGzUUzsbOSdyLudcybmacy1nFLl+zkbOiZzLOVdyruZcyxlHcv2cjZwTOZdzruRczbmWM3py/ZyNnBM5l3Ou5FzNuZYzDsnavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHydFFPHzSPGtr6+nSBHRiJiIdq72PerWAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAClvlTE9yJF/Q8bd7b1RESq/m07Wf5yPhpHy/xUNIbKfCUal3I2q+xpfPMRtJ/96U1F/ChS9NXevTPgefx72+/ufA3inW9svvvVnnYe6Xw48GHfJ04cvzg08uvP7PY67dSAwcut2Vu36+PDIyNjXZt78tE/1bVtIB+3eDBdJyIW33r7zebMzPTC/b8ovwL7qO6FF4f1RfQcimY8mr7zBCjv/x9Eit95/z86N/zO/f+X2u/u3OHjZ3+6ef9/efuO9nj/79le7x73/6e6tr2cfzfS2xNRW7o533siorb41tunWjebN6ZvTM+eP336S0NDXzp3uvdoRO16a2a669UDOV0AAAAAAAAAAAAAAAAAD08q4vciRfNH66keEber+VoDF4eeP/XckThSzbfaMm/7jbGrl+qvzt2cX5heXJyeqo/Ptibnpqb3erhaNd1rfHjkQDpzT/0H3P7+2qtz828ttG780dKOnx+rXbq2uLTQnNz54+iPIqLRvWWwavD48EjV6JlWc7aqOrrjZPpfXG8q4j8jxeT5evpc3pbn/22f4b9l/v/y9h0d0Pz/T3ZtK4+ZUhE/ixS//ZfPxOeqdh6Lu85ZLve3kWLwwmdzuThaluu0of1cgfbMwLLs/0aKf/z51rKd+ZBPbZY9s+cT+5gox/94pPjen38nfiNv2/r8h53H/9j2HR3Q+D/dte3YlucV7Lvr5PE/FSleeerd+M287aOe/9F59sbJXPjO8zkOaPw/3bVtIB/3tx5M1wEAAAAAAAAAAB5rvamIv4sUPxjpSS/lbXv5+39T23d0QH//6zNd26YezHpF93yx75MKAAAAAIdEbyrix5HixtK7d+ZQb53/3TX/83c3538Op22fVn/O9yvVcwMe5J//dRvIx53Yf7cBAAAAAAAAAAAAAAAAAADgUEmpiJfyeuoT1Xz+qV3XU1+NFK/99wu5XDpRluusAz9Q/Vq7Mjd76tLMzNxkc6l5bWa6PjbfnJwu6z4dKdb/5rO5blGtr95Zb769xvvmWuwLkWLk7ztl22uxd9Ymf3qz7Jmy7CcjxX/9w9aynXWsP71Z9mxZ9q8jxdf+eeeyJzbLnivLfidS/PBr9U7ZY2XZzvNRP7NZ9sXJueIARgUAAAAAAAAAAAAAAAAAAIAnTW8q4s8ixf/cXLkzlz+v/9/b9bbyzje61vvf5na1zv9Atf7/bq/vZ/3/6rkCy7sdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPp5SFPF2pJi/sp5W+8r3bbXLrdlbt8eHR3au1p+qmkeq8uVP7czZc+e/+NLQhU5+dP0H7dl4Y+zqpfqrczfnF6YXF6en6uOzrcm5qek972G/9bcbrE5A/eabt6auX1+sn33x3JaPbw982PeJEwMXh54/9Vyn7PjwyMhYV5me3vs++l3SLtuPRhF/FSle+O5P0g/6IorY/7m4x3fnoPVXnRisOjE+PFJ1ZKbVnF0qPxztnIgiot5VqdE5Rw9hLPalEbFcNr9s8GDZvbH55kLz2sx0fbS5sNRaas3NjqZ2a8v+1KOICyliJSLW+u7eXW8U8Wak+Pbx9fQvfRFHOufhC1fGvnL67O7tKA6wj3tQtrPeG7FSPAZjdoj1RRH/FCl++t7J+Ne+iJ5o/8TnI14v8/sR70R7vFP5xTgf8cEO3yMeTz1RxP+V439xPb3XV14POteVy1+tf3n2+lxX2c515bG/PzxMh/zaVIsiflhd8dfTv/nvGgAAAAAAAAAAAAAAAOAQKeLXIsXL759M1fzgO3OKW7M36leb12ba0/o6c/86c6Y3NjY26qmdjZwTOZdzruRczbmWM4pcP2ejzNrGxkR+v5xzJedqzrWccSTXz9nIOZFzOedKztWcazmjJ9fP2cg5kXM550rO1ZxrOeOQzN0DAAAAAAAAAAAAAAAAAAA+XorqnxTf+vp62uhrry89Ee1ctR7ox97/BwAA///bhfta")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0x8000f28, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000280)='./file0\x00', 0x40415, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYRES8], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
timer_create(0x0, 0x0, &(0x7f0000000100))
syz_open_dev$tty1(0xc, 0x4, 0x1)
open(&(0x7f00000000c0)='./file0\x00', 0x615, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
getitimer(0x0, &(0x7f00000010c0))
truncate(&(0x7f0000000000)='./file2\x00', 0x300)

1.255041669s ago: executing program 2 (id=869):
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_setup(0x7ff, &(0x7f0000002080)=<r0=>0x0)
io_pgetevents(r0, 0x1, 0x1, &(0x7f0000000040)=[{}], 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x2, 0x3, 0x6)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x14, 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000002540)=[&(0x7f0000002140)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}])
r3 = getpgrp(0x0)
sched_setscheduler(r3, 0x5, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, &(0x7f0000000000), 0x4)
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a240100000700020c"], 0x0)

915.20045ms ago: executing program 0 (id=870):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0xd}, 0x1c)
listen(r5, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f00000000c0)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)

800.764539ms ago: executing program 2 (id=871):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000005640)=0x1, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000080)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27)
syz_emit_ethernet(0xfdef, &(0x7f0000000440)={@multicast, @empty, @val={@void}, {@llc_tr={0x11, {@llc={0x0, 0x0, 'N'}}}}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = creat(&(0x7f00000002c0)='./bus\x00', 0xc1)
pwritev2(r3, 0x0, 0x1b, 0x6, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000540)={{0x1, 0x0, 0x0, 0x0, 0x205}})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000040), 0x4)
write$binfmt_misc(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720aacff0000000071104400000000009500000000000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

546.973492ms ago: executing program 2 (id=872):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x24, 0x3a, 0xb, 0x0, 0x0, {0x2}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x11\x83'}]}]}, 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x64b6d000)
getsockopt$netrom_NETROM_T1(0xffffffffffffffff, 0x103, 0x1, 0x0, &(0x7f00000000c0))
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x2, 0x2, 0x0, 0x0, 0x270, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x7, 0x0, 0x0, @void, @value}, 0x10)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

0s ago: executing program 0 (id=873):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1000c80, &(0x7f0000000080)={[{@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x6, 0x588, &(0x7f0000000300)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x44, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x26, 0x33, @action={{{}, {}, @device_b}, @channel_switch={0x0, 0x4, {{0x3b, 0x3}, @val={0x3e, 0x1}, @void}}}}]}, 0x44}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00ffffffffffffff06061f0d84cb6448786e73e857ff000000000000020000001800028014000180040001000000000008000200ac141400"], 0x2c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058acfed"], 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file2\x00', 0x0, &(0x7f0000003240)=ANY=[], 0x13, 0x325, &(0x7f0000000b40)="$eJzs3M9LG2kYwPEnMcYkoslh2WUXFl92L7uXQbN7XjYsCssGVtQsq4XCqJM2ZJpIJlhSStVTr6X3ngo9iEdvQus/4KW39tJLb14KPdRD6ZSZzJjfGmNsrH4/UObN+75P5n3zvinPDE4O/390J5+1tKxelmBESUBE5EgkIUHxBbxj0C2Hpd6m/Dr6/tWP84tL/6TS6ek5pWZSC78llVLjE8/v3o963fZG5CBx8/Bd8u3BtwffH35auJ2zVM5ShWJZ6Wq5+KasL5uGWs1ZeU2pWdPQLUPlCpZRqrYXq+1Zs7i2VlF6YXUstlYyLEvphYrKGxVVLqpyqaL0W3quoDRNU2MxwWky23NzeqrH4JU+DwYXpFRK6UMiEm1pyWwPZEAAAGCgmvP/oJPS95T/y7ib/zuda/n/zk/75dH/dse9/H8v3C7///119b0a8v+IiPSS/z+RM+T/rRnR9XKu/B+Xw0S4pSrQ8MrJ/2Pe99e1dWNn0i2Q/wMAAAAAAAAAAAAAAAAAAAAA8DU4su24bdtx/+j/qz1C4L3GldRp/UdEJOKsvs36X2Xzi0sScR/cc9bYfLieWc9Uj16HfRExxZBJictHdz94nLL/5JFyJOSFueHFb6xnhtyWVFZybvyUxCXRHG/bM3+np6dUlRd//JhSrD4+KXH5pn18sjHeO39Yfvm5Ll6TuLxckaKYsuru61r8gyml/vo33RQfdfsBAAAAAHAVaOpY2+t3TevUXv2VkVTWvU3U4f5A9fp6su31eSj+Q2jQswcAAAAA4HqwKvfyumkapRMKUTm9T++FUHedw001wyd1HqqbYbfjCbs3MkTOO6+nXX6qDQX/DykamiJeZW/j8efft/XarK8JShdRoebBTzgV6oxn3/Imclzj3zYKd/icZbb1fYIn7IThvu3n7x4/+9C/L8gfu/4OOL3zVq/nijTvOrcwfNH/7wAAAAD48mpJv1/zZ31zYCCDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgmrmQn/RrKgx6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBl8TkAAP//3cD3xQ==")
syz_usb_control_io(r5, 0x0, 0x0)
syz_fuse_handle_req(r4, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f0000000340)={0x50}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r6, 0x401070c9, &(0x7f0000000180))
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

6]
[  214.478243][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  214.484468][ T5498] SQUASHFS error: Unable to read inode 0x11f
[  214.520685][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  214.560438][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  214.595248][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  214.651585][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  214.695501][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  214.802318][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  214.823200][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  214.868983][ T5407] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.880152][ T2988] Bluetooth: hci2: command 0x040f tx timeout
[  214.974693][ T5279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  214.997015][ T5418] team0: Port device team_slave_0 added
[  215.064434][ T5407] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.233282][ T5418] team0: Port device team_slave_1 added
[  216.521322][ T5521] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 25 (only 8 groups)
[  216.783458][ T4254] Bluetooth: hci3: command 0x040f tx timeout
[  216.956150][ T4254] Bluetooth: hci2: command 0x0419 tx timeout
[  216.987722][ T5407] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.037142][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.081328][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.198965][ T5418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.246689][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.301454][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.366858][ T5531] ODEBUG: Out of memory. ODEBUG disabled
[  217.396660][ T5418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.428722][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  217.459146][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  217.497664][ T5279] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.610520][ T5418] device hsr_slave_0 entered promiscuous mode
[  217.628644][ T5418] device hsr_slave_1 entered promiscuous mode
[  217.662179][ T5418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.669789][ T5418] Cannot create hsr debugfs directory
[  217.761379][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  217.779574][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  217.822924][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  217.835433][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  217.848519][ T5407] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  217.884166][ T5279] device veth0_vlan entered promiscuous mode
[  217.900458][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  217.911552][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  217.931266][ T5407] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  217.961532][ T5407] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  217.989343][ T5407] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  218.019357][ T5279] device veth1_vlan entered promiscuous mode
[  218.061592][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  218.123548][ T5539] loop2: detected capacity change from 0 to 512
[  218.258392][ T5539] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  218.317139][ T5539] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.452: casefold flag without casefold feature
[  218.333307][ T5539] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.452: couldn't read orphan inode 15 (err -117)
[  218.347658][ T5542] netlink: 288 bytes leftover after parsing attributes in process `syz.3.454'.
[  218.357584][ T5539] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,barrier,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  218.409093][ T5418] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.426235][ T5542] loop3: detected capacity change from 0 to 4096
[  218.443860][ T5539] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.452: Directory hole found for htree leaf block 0
[  218.455577][ T5407] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.503963][ T5279] device veth0_macvtap entered promiscuous mode
[  218.520822][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  218.530565][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  218.547992][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  218.567291][ T5279] device veth1_macvtap entered promiscuous mode
[  218.692686][ T5418] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.779565][ T5407] 8021q: adding VLAN 0 to HW filter on device team0
[  218.792402][ T4254] Bluetooth: hci3: command 0x0419 tx timeout
[  218.805485][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  218.817146][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  218.832175][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  218.846528][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.859246][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.871241][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.884289][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.894646][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.905870][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.916176][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.927179][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.939241][ T5279] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.956109][ T5418] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.070801][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  219.080133][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  219.093718][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.104771][ T2988] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  219.112527][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.123008][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.134161][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.145068][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.156268][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.166537][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.177697][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.187952][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.199101][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.210957][ T5279] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.239932][ T5418] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.268720][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  219.279337][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  219.300770][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  219.320046][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  219.330660][ T3813] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.337818][ T3813] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.358180][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  219.377401][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  219.396096][ T3813] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.403281][ T3813] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.421719][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  219.430749][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  219.449564][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  219.481591][ T2988] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  219.493858][ T5279] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.502815][ T5279] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.512456][ T2988] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  219.516519][ T5279] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.522823][ T2988] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  219.541716][ T5279] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.373611][ T2988] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  220.383087][ T2988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.419560][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  220.452054][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  220.471648][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  220.509211][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  220.537470][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  220.549078][ T2988] snd-usb-audio: probe of 4-1:27.0 failed with error -12
[  220.553635][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  220.576852][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  220.655741][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  220.666289][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  220.713919][ T4254] usb 4-1: USB disconnect, device number 7
[  220.747233][ T5407] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  220.835385][ T3650] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.864681][ T3650] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.882170][ T5418] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  220.911863][ T5418] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  220.934243][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  220.950666][ T5418] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  220.986910][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  221.001395][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  221.026324][ T5418] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  221.047235][ T5407] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.057948][ T3840] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.071330][ T3840] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.098493][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  221.149930][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  221.179049][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  221.315825][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  221.316487][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  221.319019][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  221.319645][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  221.323740][ T5407] device veth0_vlan entered promiscuous mode
[  221.399603][ T5407] device veth1_vlan entered promiscuous mode
[  221.498631][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  221.519298][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  221.529511][ T5573] loop0: detected capacity change from 0 to 256
[  221.625308][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  221.635618][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  221.654868][ T5418] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.669005][ T5407] device veth0_macvtap entered promiscuous mode
[  221.734655][ T5407] device veth1_macvtap entered promiscuous mode
[  221.754683][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  221.774196][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  221.812095][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  221.820415][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  221.854516][ T5418] 8021q: adding VLAN 0 to HW filter on device team0
[  221.960065][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.979357][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.990069][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.002402][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.012468][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.024930][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.037636][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.049820][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.060636][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.072759][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.084521][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.093872][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  222.103935][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  222.112747][ T3840] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.119874][ T3840] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.128055][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  222.140288][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  222.197652][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.212525][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.222587][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.233882][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.248620][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.259534][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.269455][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.280012][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.289878][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.300511][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.311976][ T5407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.322560][ T5407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.333755][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.341795][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  222.350178][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  222.360976][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  222.369564][ T3840] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.376664][ T3840] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.386784][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  222.396134][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  222.419391][ T5407] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.429050][ T5407] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.437896][ T5407] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.446776][ T5407] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.494642][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  222.550945][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  222.618167][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  222.650520][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  222.661538][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  222.670408][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  222.681946][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  222.697127][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  222.705762][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  222.727944][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  222.772845][ T5418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  222.870884][ T3840] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.936538][ T3840] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.969295][ T5570] chnl_net:caif_netlink_parms(): no params data found
[  223.022384][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  223.057659][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  223.442355][ T3614] Bluetooth: hci1: command 0x0409 tx timeout
[  223.678472][ T3650] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.723639][ T3650] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.802989][ T5595] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  223.964559][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  224.256028][ T5604] loop0: detected capacity change from 0 to 4096
[  224.308781][  T669] device hsr_slave_0 left promiscuous mode
[  224.329455][ T5604] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  224.460396][  T669] device hsr_slave_1 left promiscuous mode
[  224.668456][ T5604] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  224.676981][ T5604] ntfs3: loop0: Failed to load $MFT.
[  224.702341][  T669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.733362][  T669] batman_adv: batadv0: Removing interface: batadv_slave_0
[  224.779268][  T669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.880149][  T669] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.924090][  T669] device bridge_slave_1 left promiscuous mode
[  224.946662][  T669] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.773869][  T669] device bridge_slave_0 left promiscuous mode
[  225.780150][  T669] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.959000][   T23] Bluetooth: hci1: command 0x041b tx timeout
[  225.971004][  T669] device hsr_slave_0 left promiscuous mode
[  225.979918][  T669] device hsr_slave_1 left promiscuous mode
[  225.986952][  T669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.995881][  T669] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.004265][  T669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.012286][  T669] batman_adv: batadv0: Removing interface: batadv_slave_1
[  226.022999][  T669] bridge0: port 3(team0) entered disabled state
[  226.030570][  T669] device bridge_slave_1 left promiscuous mode
[  226.037014][  T669] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.048119][  T669] device bridge_slave_0 left promiscuous mode
[  226.054673][  T669] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.075765][  T669] device veth1_macvtap left promiscuous mode
[  226.082075][  T669] device veth0_macvtap left promiscuous mode
[  226.093582][  T669] device veth1_vlan left promiscuous mode
[  226.099450][  T669] device veth0_vlan left promiscuous mode
[  226.106376][  T669] device veth1_macvtap left promiscuous mode
[  226.112523][  T669] device veth0_macvtap left promiscuous mode
[  226.118674][  T669] device veth1_vlan left promiscuous mode
[  226.124797][  T669] device veth0_vlan left promiscuous mode
[  226.420941][  T669] team0 (unregistering): Port device team_slave_1 removed
[  226.439852][  T669] team0 (unregistering): Port device team_slave_0 removed
[  226.453736][  T669] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.469470][  T669] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.553839][  T669] bond0 (unregistering): Released all slaves
[  226.728776][ T5623] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  226.844906][  T669] device team_slave_1 left promiscuous mode
[  226.858331][  T669] team0 (unregistering): Port device team_slave_1 removed
[  226.875080][  T669] device team_slave_0 left promiscuous mode
[  226.885014][  T669] team0 (unregistering): Port device team_slave_0 removed
[  226.898924][  T669] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.914026][  T669] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.986856][  T669] bond0 (unregistering): Released all slaves
[  227.040325][ T5570] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.048462][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.056985][ T5570] device bridge_slave_0 entered promiscuous mode
[  227.071296][ T2988] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  227.087284][ T5570] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.104160][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.131236][ T4254] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  227.136429][ T5570] device bridge_slave_1 entered promiscuous mode
[  227.179796][ T5418] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.225509][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  227.241753][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  227.256399][ T5630] loop3: detected capacity change from 0 to 8192
[  227.265648][ T5570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.282376][ T5570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.305146][ T5630] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  227.321167][ T2988] usb 1-1: Using ep0 maxpacket: 16
[  227.329024][ T5630] REISERFS (device loop3): using journaled data mode
[  227.336829][ T5630] reiserfs: using flush barriers
[  227.349965][ T5630] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  227.380909][ T5630] REISERFS (device loop3): checking transaction log (loop3)
[  227.396588][ T5630] REISERFS (device loop3): Using r5 hash to sort names
[  227.404792][ T5630] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  227.420010][ T5630] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  227.461536][ T2988] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  227.472132][ T2988] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  227.487347][ T5570] team0: Port device team_slave_0 added
[  227.497240][ T5635] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  227.513352][ T4254] usb 2-1: config 0 has an invalid interface number: 107 but max is 0
[  227.522002][ T2988] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.530318][ T4254] usb 2-1: config 0 has no interface number 0
[  227.530801][ T5570] team0: Port device team_slave_1 added
[  227.537576][ T4254] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[  227.555170][ T2988] usb 1-1: config 0 descriptor??
[  227.572429][ T5636] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  227.590044][ T4254] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid maxpacket 29285, setting to 64
[  227.617809][ T2988] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  227.637298][ T5635] REISERFS warning (device loop3): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[  227.660590][ T5635] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  227.680414][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.701608][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.727577][    C1] vkms_vblank_simulate: vblank timer overrun
[  227.734329][ T5570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.754382][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.762206][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.789123][ T5570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.797594][ T4254] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  227.821243][ T4254] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  227.829559][ T4254] usb 2-1: Product: syz
[  227.834288][ T4254] usb 2-1: Manufacturer: syz
[  227.838998][ T4254] usb 2-1: SerialNumber: syz
[  227.865104][ T4254] usb 2-1: config 0 descriptor??
[  227.881050][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  227.881799][ T5623] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  227.890557][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  227.916611][    T7] usb 1-1: USB disconnect, device number 8
[  227.924201][ T4254] keyspan 2-1:0.107: Keyspan 4 port adapter converter detected
[  227.946774][ T4254] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 81
[  227.959535][ T4254] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 1
[  227.990435][ T4254] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  227.992255][ T5570] device hsr_slave_0 entered promiscuous mode
[  228.005654][ T3663] Bluetooth: hci1: command 0x040f tx timeout
[  228.037091][ T4254] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 2
[  228.054043][ T4254] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  228.064346][ T4254] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 4
[  228.073769][ T4254] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  228.083065][ T4254] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 6
[  228.094259][ T4254] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  228.153970][ T5570] device hsr_slave_1 entered promiscuous mode
[  228.163001][ T5570] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  228.170586][ T5570] Cannot create hsr debugfs directory
[  228.206885][ T5418] device veth0_vlan entered promiscuous mode
[  228.227042][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  228.237213][ T4254] usb 2-1: USB disconnect, device number 3
[  228.244038][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  228.257707][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  228.270446][ T4254] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  228.278648][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  228.292989][ T4254] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  228.316218][ T4254] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  228.377070][ T5418] device veth1_vlan entered promiscuous mode
[  228.378366][ T4254] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  228.421726][ T4254] keyspan 2-1:0.107: device disconnected
[  228.512695][ T5641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.474'.
[  228.576379][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  228.598732][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  228.629988][ T5418] device veth0_macvtap entered promiscuous mode
[  228.711869][ T5418] device veth1_macvtap entered promiscuous mode
[  228.773613][ T5570] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.802223][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.827229][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.853763][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.869129][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.881239][   T13] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  228.902241][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.058384][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.075524][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.093056][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.857282][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.870038][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.880932][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.950027][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.981464][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.015771][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.041150][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.061410][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.074839][ T5653] loop1: detected capacity change from 0 to 512
[  230.081352][ T3617] Bluetooth: hci1: command 0x0419 tx timeout
[  230.091598][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.111303][ T5418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.122421][   T13] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  230.151394][   T13] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  230.171833][ T5418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.199209][   T13] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  230.220673][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.233424][   T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.246896][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  230.267876][ T5653] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  230.280980][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  230.289437][ T5645] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  230.300037][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  230.329493][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  230.339642][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  230.354411][ T5658] EXT4-fs warning (device sda1): __ext4_ioctl:881: Setting inode version is not supported with metadata_csum enabled.
[  230.383186][ T5653] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.477: casefold flag without casefold feature
[  230.388082][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  230.416209][ T5653] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.477: couldn't read orphan inode 15 (err -117)
[  230.438689][ T5653] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,barrier,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  230.531583][ T5570] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.579503][ T5652] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.477: Directory hole found for htree leaf block 0
[  230.624558][   T13] usb 4-1: USB disconnect, device number 8
[  230.657264][ T5418] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.694450][ T5418] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.714707][ T5418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.727421][ T5418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.926127][ T5570] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.168611][ T5570] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.236566][ T5672] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  231.807488][ T5673] loop0: detected capacity change from 0 to 512
[  231.968248][ T3813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.006889][ T5673] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.480: casefold flag without casefold feature
[  232.031288][ T3813] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.054756][ T5678] loop1: detected capacity change from 0 to 64
[  232.076077][ T3841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.098204][ T5675] netlink: 'syz.3.482': attribute type 2 has an invalid length.
[  232.112435][ T3841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.137125][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  232.148033][ T5673] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.480: couldn't read orphan inode 15 (err -117)
[  232.194050][ T5673] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  232.210687][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  232.398417][ T5570] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  232.610982][ T5685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.484'.
[  232.650038][ T5570] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  232.689414][ T5687] loop1: detected capacity change from 0 to 256
[  233.697934][ T5570] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  233.716264][ T5687] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x02a07125, utbl_chksum : 0xe619d30d)
[  233.738348][ T5686] netlink: 'syz.4.435': attribute type 2 has an invalid length.
[  233.804872][ T5570] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  235.069657][ T5570] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.938784][ T5570] 8021q: adding VLAN 0 to HW filter on device team0
[  236.015390][ T5570] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  236.036133][ T5570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  236.111589][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  236.124742][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  236.332073][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  236.352099][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  239.155448][ T3840] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.162658][ T3840] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.192292][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  239.201502][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  239.221421][ T3840] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.228573][ T3840] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.273459][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  239.277039][ T5725] loop3: detected capacity change from 0 to 1024
[  239.301984][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  239.345460][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  239.383090][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  239.391411][ T5725] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  239.392980][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  239.411918][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  239.422127][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  239.444218][ T5725] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (25054!=20869)
[  239.449311][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  239.489066][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  239.502411][ T5725] EXT4-fs (loop3): filesystem has both journal inode and journal device!
[  239.520695][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  239.538892][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  239.548235][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  239.558519][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  239.800333][ T5744] loop3: detected capacity change from 0 to 128
[  240.403947][ T5744] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  240.958976][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  240.969887][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  241.163170][ T5762] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  241.184566][ T5570] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.982784][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  242.013474][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  242.314611][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  242.335433][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  242.397664][ T5570] device veth0_vlan entered promiscuous mode
[  242.426861][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  242.462970][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  242.517869][ T5570] device veth1_vlan entered promiscuous mode
[  242.641738][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  242.659029][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  242.698951][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  242.720860][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  242.772442][ T5570] device veth0_macvtap entered promiscuous mode
[  242.815874][ T5570] device veth1_macvtap entered promiscuous mode
[  242.912769][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.953326][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.981872][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.010271][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.041481][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.083822][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.114429][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.145974][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.176740][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.206328][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.241951][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.282099][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  243.291734][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  243.321085][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  243.341439][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  243.384043][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.413220][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.440008][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.470117][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.500815][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.539372][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.560561][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.591121][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.628512][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.650187][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.681109][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.721173][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.760094][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_1
[  243.780643][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  243.800497][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  243.834259][ T5570] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  243.891376][ T5570] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  243.906064][ T5570] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  243.925152][ T5570] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.204499][ T3619] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.221301][ T3619] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.242390][ T5780] loop4: detected capacity change from 0 to 8
[  245.278654][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  245.337366][ T3619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.371675][ T3619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.436494][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  245.623430][ T5787] device team_slave_0 entered promiscuous mode
[  245.630318][ T5787] device team_slave_1 entered promiscuous mode
[  245.668858][ T5787] device team_slave_0 left promiscuous mode
[  245.674957][ T5787] device team_slave_1 left promiscuous mode
[  247.118422][ T5799] loop3: detected capacity change from 0 to 2048
[  247.134452][ T5797] loop1: detected capacity change from 0 to 1024
[  247.186929][ T5801] netlink: 16 bytes leftover after parsing attributes in process `syz.4.514'.
[  247.218407][ T5797] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  247.221680][ T5801] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  247.249135][ T5799] EXT4-fs error (device loop3): ext4_fill_super:4840: inode #2: comm syz.3.515: casefold flag without casefold feature
[  247.261996][ T5797] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  247.267624][ T5789] loop2: detected capacity change from 0 to 32768
[  247.278071][ T5797] EXT4-fs error (device loop1): ext4_get_journal_inode:5159: comm syz.1.513: inode #1: comm syz.1.513: iget: illegal inode #
[  247.302205][ T5799] EXT4-fs (loop3): get root inode failed
[  247.312195][ T5799] EXT4-fs (loop3): mount failed
[  247.317885][ T5797] EXT4-fs (loop1): no journal found
[  247.385760][ T5789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.459'.
[  247.391500][ T5797] EXT4-fs (loop1): can't get journal size
[  247.446501][ T5797] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000005,journal_dev=0x0000000000000003,nouid32,noblock_validity,noload,data=writeback,,errors=continue. Quota mode: writeback.
[  247.764002][ T5807] syz.1.513 sent an empty control message without MSG_MORE.
[  248.604108][ T5811] loop0: detected capacity change from 0 to 1024
[  248.844198][ T5813] tipc: Started in network mode
[  248.849363][ T5813] tipc: Node identity d618645d3d9e, cluster identity 4711
[  248.856801][ T5813] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  248.865474][ T5813] ªªªªªª: renamed from syzkaller0
[  248.903328][ T5813] tipc: Disabling bearer <eth:syzkaller0>
[  248.939554][ T5818] loop1: detected capacity change from 0 to 128
[  249.093413][ T5818] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  249.148207][ T5818] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  249.244116][ T5823] hfsplus: request for non-existent node 32 in B*Tree
[  249.251427][ T5823] hfsplus: request for non-existent node 32 in B*Tree
[  249.258557][ T5823] hfsplus: request for non-existent node 33 in B*Tree
[  249.265369][ T5823] hfsplus: request for non-existent node 33 in B*Tree
[  249.299917][ T5818] syz.1.518 (pid 5818) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  249.485257][  T144] hfsplus: b-tree write err: -5, ino 4
[  250.317374][ T5839] loop2: detected capacity change from 0 to 4096
[  250.406687][ T5839] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  250.460176][ T5845] device syzkaller0 entered promiscuous mode
[  250.482161][ T5839] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  250.650759][ T5839] ntfs3: loop2: ntfs3_write_inode r=5 failed, -22.
[  250.807387][ T5570] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  252.175419][ T5863] loop3: detected capacity change from 0 to 256
[  252.403983][ T5863] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  252.423063][ T5865] loop2: detected capacity change from 0 to 512
[  252.441246][ T3612] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  252.519706][ T5865] EXT4-fs (loop2): 1 orphan inode deleted
[  252.525870][ T5865] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,grpquota,noblock_validity,init_itable,stripe=0x000000000000002e,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback.
[  252.553012][ T5865] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038 (0x7fffffff)
[  254.513299][ T5862] udc-core: couldn't find an available UDC or it's busy
[  254.531502][ T5862] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  254.595716][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.724108][ T5862] device bridge_slave_1 left promiscuous mode
[  254.731704][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.170934][ T5881] tipc: Started in network mode
[  255.215852][ T5881] tipc: Node identity ea338566c35c, cluster identity 4711
[  255.273170][ T5881] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.514747][ T3612] usb 5-1: unable to get BOS descriptor or descriptor too short
[  255.522857][ T1393] ieee802154 phy0 wpan0: encryption failed: -22
[  255.530147][ T1393] ieee802154 phy1 wpan1: encryption failed: -22
[  255.616793][ T5881] tipc: Disabling bearer <eth:syzkaller0>
[  255.691287][ T3612] usb 5-1: unable to read config index 0 descriptor/start: -71
[  255.711180][ T3612] usb 5-1: can't read configurations, error -71
[  255.959772][ T5888] netlink: 16 bytes leftover after parsing attributes in process `syz.3.540'.
[  256.107465][ T5875] loop0: detected capacity change from 0 to 32768
[  256.120867][ T5893] netlink: 2 bytes leftover after parsing attributes in process `syz.2.542'.
[  256.182496][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.271326][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.296574][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.316221][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.335814][ T5875] netlink: 4 bytes leftover after parsing attributes in process `syz.0.534'.
[  256.357757][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.379089][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.394770][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.407791][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.423693][ T5891] loop4: detected capacity change from 0 to 4096
[  256.424282][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.446904][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.467931][ T5893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.474560][ T5895] loop1: detected capacity change from 0 to 8192
[  256.481209][ T5893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.503561][ T5893] device batadv_slave_1 entered promiscuous mode
[  256.592793][ T5891] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  256.602989][ T5895] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  256.618163][ T5895] REISERFS (device loop1): using ordered data mode
[  256.640473][ T5891] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  256.661868][ T5895] reiserfs: using flush barriers
[  256.681276][ T5895] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  256.748996][ T5891] ntfs3: loop4: ntfs3_write_inode r=5 failed, -22.
[  256.781984][ T5895] REISERFS (device loop1): checking transaction log (loop1)
[  256.813453][ T5418] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  256.841768][ T5895] REISERFS (device loop1): Using r5 hash to sort names
[  256.879956][ T5895] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  256.891970][ T5901] loop2: detected capacity change from 0 to 8
[  257.860267][ T5913] SQUASHFS error: Failed to read block 0x1ec: -5
[  257.895652][ T5901] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  257.950773][ T5913] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  257.964396][ T5907] loop0: detected capacity change from 0 to 4096
[  258.064293][ T5907] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  258.151531][ T5920] loop3: detected capacity change from 0 to 47
[  258.178928][ T5907] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  258.203840][ T5920] MINIX-fs: bad superblock
[  258.324511][ T5907] ntfs3: loop0: ntfs3_write_inode r=5 failed, -22.
[  258.390379][ T5920] loop3: detected capacity change from 0 to 512
[  258.476687][ T5279] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  259.684234][ T5946] netlink: 'syz.2.553': attribute type 10 has an invalid length.
[  259.716678][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.724209][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.812047][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.819228][ T5946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.826657][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.833749][ T5946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.853307][ T5950] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  259.889195][ T5946] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  259.933289][ T5920] EXT4-fs (loop3): Test dummy encryption mode enabled
[  260.021863][ T5920] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #17: comm syz.3.549: iget: bogus i_mode (0)
[  260.069492][ T5957] loop1: detected capacity change from 0 to 1024
[  260.151913][ T5957] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  260.298434][ T5957] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_lock,dioread_nolock,,errors=continue. Quota mode: none.
[  260.480462][ T5920] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.549: couldn't read orphan inode 17 (err -117)
[  260.560119][ T5920] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,nojournal_checksum,barrier,barrier,test_dummy_encryption,journal_dev=0x0000000000006000,,errors=continue. Quota mode: none.
[  261.395814][ T5969] loop0: detected capacity change from 0 to 8192
[  261.550814][ T5976] loop4: detected capacity change from 0 to 64
[  261.587762][ T5969] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  261.613222][ T5969] REISERFS (device loop0): using ordered data mode
[  261.629363][ T5969] reiserfs: using flush barriers
[  261.636342][ T5976] hfs: found bad thread record in catalog
[  261.657928][ T5977] loop2: detected capacity change from 0 to 512
[  261.659480][ T5969] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  261.679908][ T5976] hfs: get root inode failed
[  261.685999][ T5969] REISERFS (device loop0): checking transaction log (loop0)
[  261.735686][ T5969] REISERFS (device loop0): Using r5 hash to sort names
[  261.755190][ T5977] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  261.761556][ T5969] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  261.774840][ T5977] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  261.882009][ T5977] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  261.889952][ T5977] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  261.967120][ T5977] System zones: 0-1, 15-15, 18-18, 34-34
[  261.975782][ T5977] EXT4-fs (loop2): orphan cleanup on readonly fs
[  261.984221][ T5977] __quota_error: 24 callbacks suppressed
[  261.984237][ T5977] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  262.000173][ T5977] EXT4-fs warning (device loop2): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  262.015281][ T5977] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  262.040692][ T5977] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.564: bg 0: block 40: padding at end of block bitmap is not set
[  262.064310][ T5977] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6185: Corrupt filesystem
[  262.121524][ T5977] EXT4-fs (loop2): 1 truncate cleaned up
[  262.127224][ T5977] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,nouid32,jqfmt=vfsv0,norecovery,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  262.946401][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  262.983195][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  263.000393][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  263.016473][ T5988] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  263.037614][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  263.060316][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  263.103111][ T5977] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  263.551958][ T6000] netlink: 'syz.1.571': attribute type 1 has an invalid length.
[  263.991183][ T3617] Bluetooth: hci1: command 0x0405 tx timeout
[  264.451212][ T3617] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  264.465694][ T6012] loop2: detected capacity change from 0 to 512
[  264.529821][ T6011] loop0: detected capacity change from 0 to 1024
[  264.536692][ T6012] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  264.620831][ T6016] loop3: detected capacity change from 0 to 256
[  264.701621][ T6016] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  264.721334][ T3617] usb 2-1: Using ep0 maxpacket: 16
[  264.728636][ T6016] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  264.777763][ T6016] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  265.016778][    T7] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  265.142312][ T3617] usb 2-1: New USB device found, idVendor=1784, idProduct=0008, bcdDevice=58.30
[  265.185430][ T3617] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.240733][ T3617] usb 2-1: Product: syz
[  265.274984][ T3617] usb 2-1: Manufacturer: syz
[  265.307244][ T3617] usb 2-1: SerialNumber: syz
[  265.373366][ T3617] usb 2-1: config 0 descriptor??
[  265.747912][ T6007] device batadv0 entered promiscuous mode
[  265.802494][ T6007] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  266.258148][ T6007] device batadv0 left promiscuous mode
[  266.434916][ T3617] usb 2-1: USB disconnect, device number 4
[  266.481347][    T7] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  266.493305][    T7] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  266.503301][    T7] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  266.512953][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.541859][ T6018] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  266.844022][    T7] usb 5-1: USB disconnect, device number 9
[  267.480451][ T6032] loop0: detected capacity change from 0 to 128
[  267.559285][ T6032] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  267.646385][ T6032] netlink: 8 bytes leftover after parsing attributes in process `syz.0.588'.
[  267.657989][ T6041] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  267.667646][ T6030] loop4: detected capacity change from 0 to 8192
[  267.871835][ T6030] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  267.898605][ T6030] REISERFS (device loop4): using ordered data mode
[  268.181572][   T23] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  268.652358][ T6030] reiserfs: using flush barriers
[  268.658786][ T6030] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  268.675464][ T6030] REISERFS (device loop4): checking transaction log (loop4)
[  268.698196][ T6030] REISERFS (device loop4): Using r5 hash to sort names
[  268.711644][ T6030] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  269.841693][   T23] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  269.911380][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.942327][   T23] usb 2-1: Product: syz
[  269.959294][   T23] usb 2-1: Manufacturer: syz
[  269.967185][   T23] usb 2-1: SerialNumber: syz
[  269.983920][   T23] usb 2-1: config 0 descriptor??
[  270.458411][   T23] ch341 2-1:0.0: ch341-uart converter detected
[  270.880755][ T6065] loop2: detected capacity change from 0 to 16
[  271.012807][ T6065] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  271.108145][ T6069] input: syz0 as /devices/virtual/input/input11
[  271.117133][ T6069] input: failed to attach handler leds to device input11, error: -6
[  271.387422][ T6079] netlink: 20 bytes leftover after parsing attributes in process `syz.3.594'.
[  271.397900][ T6078] fuse: Bad value for 'fd'
[  271.438035][ T6081] loop2: detected capacity change from 0 to 128
[  271.685822][   T23] usb 2-1: ch341-uart converter now attached to ttyUSB0
[  272.395936][ T3614] usb 2-1: USB disconnect, device number 5
[  272.432562][ T3614] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  272.671823][ T3614] ch341 2-1:0.0: device disconnected
[  272.753419][ T6090] loop3: detected capacity change from 0 to 128
[  272.809853][ T6090] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  272.857987][ T6094] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  272.857987][ T6094] The task syz.0.600 (6094) triggered the difference, watch for misbehavior.
[  272.906014][ T6090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.598'.
[  272.914417][ T6096] loop2: detected capacity change from 0 to 256
[  272.939739][ T6096] FAT-fs (loop2): Unrecognized mount option "B1ºâq�àÂéž³ÿÚ+d'‡�#.ԒͯÈ?oè\ò„Ž
[  272.939739][ T6096] ÿÿ18446744073709551615" or missing value
[  275.245969][ T6121] loop1: detected capacity change from 0 to 512
[  275.405888][ T6124] loop0: detected capacity change from 0 to 4096
[  275.498027][ T6126] loop3: detected capacity change from 0 to 2048
[  275.545243][ T6124] ntfs: volume version 3.1.
[  275.591429][ T6121] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.608: couldn't read orphan inode 26 (err -116)
[  275.608431][ T6126] UDF-fs: warning (device loop3): udf_fill_super: No fileset found
[  275.754166][ T6121] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.770763][ T6121] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038 (0x7fffffff)
[  276.349258][ T6137] loop2: detected capacity change from 0 to 764
[  276.470308][ T6137] rock: directory entry would overflow storage
[  276.497760][ T6137] rock: sig=0x4654, size=5, remaining=4
[  277.001241][ T6145] bridge0: port 3(syz_tun) entered blocking state
[  277.431449][ T6145] bridge0: port 3(syz_tun) entered disabled state
[  277.461441][ T6145] device syz_tun entered promiscuous mode
[  277.490173][ T6145] bridge0: port 3(syz_tun) entered blocking state
[  277.497299][ T6145] bridge0: port 3(syz_tun) entered forwarding state
[  277.583549][ T6151] syz.0.614 (6151) used greatest stack depth: 18944 bytes left
[  277.740584][ T6155] loop2: detected capacity change from 0 to 2048
[  277.780364][ T6155] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  277.851369][ T6155] EXT4-fs (loop2): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,grpquota,barrier=0x0000000000000000,grpjquota=,bsddf,bsddf,usrjquota=,. Quota mode: writeback.
[  278.131845][ T6161] loop3: detected capacity change from 0 to 256
[  278.216623][ T6161] FAT-fs (loop3): Unrecognized mount option "B1ºâq�àÂéž³ÿÚ+d'‡�#.ԒͯÈ?oè\ò„Ž
[  278.216623][ T6161] ÿÿ18446744073709551615" or missing value
[  278.256715][ T6164] loop1: detected capacity change from 0 to 128
[  278.282666][ T6164] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  278.314604][ T6164] netlink: 8 bytes leftover after parsing attributes in process `syz.1.616'.
[  278.396599][   T26] audit: type=1800 audit(1726258952.830:93): pid=6167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.618" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  278.417148][ T3616] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  279.501214][   T23] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  279.873615][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  279.899125][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  280.041381][ T3616] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.054433][ T6185] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  280.080510][ T3616] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  280.104667][ T3616] usb 1-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  280.121954][   T23] usb 2-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=e1.35
[  280.129430][ T3616] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.131002][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.131025][   T23] usb 2-1: Product: syz
[  280.160021][   T23] usb 2-1: Manufacturer: syz
[  280.165174][   T23] usb 2-1: SerialNumber: syz
[  280.179624][ T3616] usb 1-1: config 0 descriptor??
[  280.208790][   T23] usb 2-1: config 0 descriptor??
[  280.264272][   T23]  (null): radio-mr800 - initialization failed
[  280.279305][   T23] radio-mr800: probe of 2-1:0.0 failed with error -22
[  280.391392][ T3614] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  280.504090][   T23] usb 2-1: USB disconnect, device number 6
[  280.641289][ T3614] usb 3-1: Using ep0 maxpacket: 8
[  280.714921][ T3616] wacom 0003:056A:00BC.0005: Unknown device_type for 'HID 056a:00bc'. Assuming pen.
[  280.761322][ T3614] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  280.767996][ T3616] wacom 0003:056A:00BC.0005: hidraw0: USB HID v0.00 Device [HID 056a:00bc] on usb-dummy_hcd.0-1/input0
[  281.904074][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.907144][ T3614] usb 3-1: config 0 descriptor??
[  284.908311][ T3616] input: Wacom Intuos4 WL Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00BC.0005/input/input13
[  285.021587][ T3614] usb 3-1: can't set config #0, error -71
[  285.078649][ T6194] loop2: detected capacity change from 0 to 512
[  285.081557][ T3614] usb 3-1: USB disconnect, device number 6
[  285.334990][ T6194] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  285.532025][ T6200] usb usb8: usbfs: process 6200 (syz.1.628) did not claim interface 0 before use
[  287.927725][ T6194] EXT4-fs (loop2): orphan cleanup on readonly fs
[  287.965602][ T6194] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.627: bg 0: block 248: padding at end of block bitmap is not set
[  288.009112][ T6194] EXT4-fs (loop2): Remounting filesystem read-only
[  288.046700][ T6194] Quota error (device loop2): write_blk: dquota write failed
[  288.108458][ T3616] usb 1-1: USB disconnect, device number 9
[  288.148894][ T6194] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  288.164123][ T6204] syz.0.629 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  288.194494][ T6194] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.627: Failed to acquire dquot type 1
[  288.259104][ T6194] EXT4-fs (loop2): 1 truncate cleaned up
[  288.269750][ T6194] EXT4-fs (loop2): mounted filesystem without journal. Opts: acl,errors=remount-ro,quota,noblock_validity,usrquota,nomblk_io_submit,. Quota mode: writeback.
[  288.331770][ T6210] netlink: 'syz.3.631': attribute type 12 has an invalid length.
[  290.242268][ T6220] loop4: detected capacity change from 0 to 128
[  290.268327][ T6225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  290.295361][ T6227] device bridge0 entered promiscuous mode
[  290.312941][ T6225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  290.341055][ T6220] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  290.398157][ T6230] device veth0_macvtap left promiscuous mode
[  290.409952][ T6220] netlink: 8 bytes leftover after parsing attributes in process `syz.4.633'.
[  290.797100][ T6237] loop2: detected capacity change from 0 to 512
[  291.163948][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #3: comm syz.2.637: corrupted inode contents
[  291.190064][ T6237] EXT4-fs error (device loop2): ext4_dirty_inode:6007: inode #3: comm syz.2.637: mark_inode_dirty error
[  291.214836][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #3: comm syz.2.637: corrupted inode contents
[  291.234317][ T6237] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.637: mark_inode_dirty error
[  291.255723][ T6237] Quota error (device loop2): write_blk: dquota write failed
[  291.263861][ T6237] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  291.274809][ T6237] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.637: Failed to acquire dquot type 0
[  291.315437][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #16: comm syz.2.637: corrupted inode contents
[  291.336193][ T6237] EXT4-fs error (device loop2): ext4_dirty_inode:6007: inode #16: comm syz.2.637: mark_inode_dirty error
[  291.348168][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #16: comm syz.2.637: corrupted inode contents
[  291.378612][ T6237] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.637: mark_inode_dirty error
[  291.424177][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #16: comm syz.2.637: corrupted inode contents
[  291.443769][ T6244] loop3: detected capacity change from 0 to 2048
[  291.454366][ T6237] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  291.466579][ T6237] EXT4-fs error (device loop2): ext4_do_update_inode:5174: inode #16: comm syz.2.637: corrupted inode contents
[  291.493671][ T6237] EXT4-fs error (device loop2): ext4_truncate:4272: inode #16: comm syz.2.637: mark_inode_dirty error
[  291.508937][ T6237] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  291.540344][ T6237] EXT4-fs (loop2): 1 truncate cleaned up
[  291.546183][ T6237] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  291.557354][ T6237] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038 (0x7fffffff)
[  291.616559][ T6248] loop0: detected capacity change from 0 to 2048
[  291.639460][ T6244] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.653951][ T6248] UDF-fs: bad mount option "0x0000000000000004" or missing value
[  291.679937][ T6244] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  292.084538][ T6252] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  292.355102][ T6255] loop1: detected capacity change from 0 to 2048
[  292.402474][ T6244] EXT4-fs (loop3): failed to initialize system zone (-117)
[  292.521187][ T6244] EXT4-fs (loop3): mount failed
[  292.542197][ T6255] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  292.816496][   T26] audit: type=1800 audit(1726258967.250:94): pid=6255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.645" name="bus" dev="loop1" ino=18 res=0 errno=0
[  292.870697][ T6271] loop0: detected capacity change from 0 to 512
[  293.248891][ T6255] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  293.300470][ T6271] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  293.315829][ T6281] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  293.352408][ T6271] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038 (0x7fffffff)
[  293.384598][ T6281] loop4: detected capacity change from 0 to 1024
[  293.448016][ T6286] syz.3.650[6286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  293.448109][ T6286] syz.3.650[6286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  293.459767][ T6281] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  293.483232][ T6281] EXT4-fs error (device loop4): ext4_get_journal_inode:5159: inode #32: comm syz.4.649: iget: special inode unallocated
[  293.514506][ T6281] EXT4-fs (loop4): no journal found
[  293.521372][ T6281] EXT4-fs (loop4): can't get journal size
[  293.543729][ T6281] EXT4-fs error (device loop4): ext4_protect_reserved_inode:160: inode #32: comm syz.4.649: iget: special inode unallocated
[  293.567303][ T6281] EXT4-fs (loop4): failed to initialize system zone (-117)
[  293.577568][ T6281] EXT4-fs (loop4): mount failed
[  293.639491][   T26] audit: type=1804 audit(1726258968.070:95): pid=6291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.647" name="/newroot/50/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  293.960869][ T6300] loop4: detected capacity change from 0 to 8
[  294.035739][ T3614] libceph: connect (1)[c::]:6789 error -101
[  294.048983][ T3614] libceph: mon0 (1)[c::]:6789 connect error
[  294.080196][ T6302] ceph: No mds server is up or the cluster is laggy
[  294.342215][ T5547] libceph: connect (1)[c::]:6789 error -101
[  294.350594][ T5547] libceph: mon0 (1)[c::]:6789 connect error
[  294.457457][ T6313] netlink: 200 bytes leftover after parsing attributes in process `syz.0.655'.
[  295.296712][ T6320] loop0: detected capacity change from 0 to 8
[  295.873801][ T6320] unable to read xattr id index table
[  296.661090][ T6328] capability: warning: `syz.4.658' uses deprecated v2 capabilities in a way that may be insecure
[  297.198448][ T6339] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  297.715398][ T6341] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  297.721960][ T6341] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  297.781297][ T6341] vhci_hcd vhci_hcd.0: Device attached
[  298.789124][ T6355] xt_CT: No such helper "snmp_trap"
[  299.111229][ T4254] usb 17-1: new high-speed USB device number 3 using vhci_hcd
[  299.415853][ T6365] netlink: 24 bytes leftover after parsing attributes in process `syz.3.667'.
[  301.772680][ T6344] vhci_hcd: connection reset by peer
[  301.783599][  T144] vhci_hcd: stop threads
[  301.807027][  T144] vhci_hcd: release socket
[  301.828070][  T144] vhci_hcd: disconnect device
[  301.862026][ T6376] loop2: detected capacity change from 0 to 1024
[  301.886523][ T6379] syz.0.672[6379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  301.886626][ T6379] syz.0.672[6379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  301.943035][ T6376] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  301.966445][ T6376] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  301.973185][ T6382] vivid-006: disconnect
[  301.978899][ T6376] EXT4-fs (loop2): invalid journal inode
[  301.986677][ T6376] EXT4-fs (loop2): can't get journal size
[  301.997583][ T6376] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: writeback.
[  302.191691][ T6378] vivid-006: reconnect
[  303.231203][ T5547] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  303.595861][ T5547] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.621189][ T5547] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  303.664726][ T5547] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  303.686727][ T5547] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.712097][ T5547] usb 2-1: config 0 descriptor??
[  304.209118][ T5547] plantronics 0003:047F:FFFF.0006: ignoring exceeding usage max
[  304.413335][ T5547] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  304.747395][ T5547] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  304.871267][ T4254] vhci_hcd: vhci_device speed not set
[  307.201330][ T5547] usb 2-1: USB disconnect, device number 7
[  307.303947][ T6413] loop2: detected capacity change from 0 to 64
[  307.835599][   T26] audit: type=1326 audit(1726258982.270:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  307.886367][ T6448] loop0: detected capacity change from 0 to 512
[  307.913382][   T26] audit: type=1326 audit(1726258982.310:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.005627][   T26] audit: type=1326 audit(1726258982.310:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.067686][   T26] audit: type=1326 audit(1726258982.310:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.100289][   T26] audit: type=1326 audit(1726258982.310:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.130739][   T26] audit: type=1326 audit(1726258982.310:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.161180][ T1077] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  308.169436][   T26] audit: type=1326 audit(1726258982.310:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.203119][   T26] audit: type=1326 audit(1726258982.310:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ad4c8ef9 code=0x7ffc0000
[  308.236101][   T26] audit: type=1326 audit(1726258982.310:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80ad4c7890 code=0x7ffc0000
[  308.268598][   T26] audit: type=1326 audit(1726258982.310:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f80ad4c8afb code=0x7ffc0000
[  308.741312][ T1077] usb 2-1: New USB device found, idVendor=13d3, idProduct=3333, bcdDevice=84.ed
[  308.758832][ T1077] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.767702][ T1077] usb 2-1: Product: syz
[  308.781167][ T1077] usb 2-1: Manufacturer: syz
[  308.785797][ T1077] usb 2-1: SerialNumber: syz
[  308.809286][ T1077] usb 2-1: config 0 descriptor??
[  308.863857][ T1077] r8712u: register rtl8712_netdev_ops to netdev_ops
[  308.878948][ T1077] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  309.034156][ T6448] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  309.062767][ T6448] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038 (0x7fffffff)
[  309.121196][ T1077] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  309.138299][ T1077] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  309.146623][ T1077] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  309.159057][ T1077] usb 2-1: USB disconnect, device number 8
[  309.506614][ T6474] 9pnet: p9_errstr2errno: server reported unknown error œæç×¾
[  309.522838][ T6472] capability: warning: `syz.2.701' uses 32-bit capabilities (legacy support in use)
[  309.769099][ T6479] loop0: detected capacity change from 0 to 1764
[  310.118173][ T6479] iso9660: Corrupted directory entry in block 2 of inode 1920
[  310.155266][ T6494] loop4: detected capacity change from 0 to 512
[  310.210574][ T6494] EXT4-fs (loop4): unsupported inode size: 264
[  310.219645][ T6494] EXT4-fs (loop4): blocksize: 1024
[  310.311551][ T6489] loop3: detected capacity change from 0 to 512
[  310.373946][ T6494] binder: 6492:6494 ioctl c0306201 200003c0 returned -14
[  310.422256][ T6497] netlink: 312 bytes leftover after parsing attributes in process `syz.4.709'.
[  310.437496][ T6497] netlink: 'syz.4.709': attribute type 1 has an invalid length.
[  310.454921][ T6497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.709'.
[  310.471419][ T6489] EXT4-fs (loop3): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  310.489878][ T6489] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  310.500239][ T6489] EXT4-fs (loop3): DAX unsupported by block device.
[  310.912669][ T6509] syz.4.711[6509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.912768][ T6509] syz.4.711[6509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.080405][ T6514] loop1: detected capacity change from 0 to 512
[  311.239808][ T6518] loop3: detected capacity change from 0 to 512
[  311.290614][ T6514] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  311.305214][ T6514] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  311.324709][ T6518] 9pnet: Insufficient options for proto=fd
[  311.348112][ T6514] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016c118, mo2=0002]
[  311.375725][ T6523] loop2: detected capacity change from 0 to 256
[  311.395017][ T6514] System zones: 1-12
[  311.405522][ T6514] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.713: corrupted in-inode xattr
[  311.415249][ T6518] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #16: comm syz.3.717: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  311.448897][ T6518] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.717: couldn't read orphan inode 16 (err -117)
[  311.463036][ T6518] EXT4-fs (loop3): mounted filesystem without journal. Opts: (null). Quota mode: writeback.
[  311.475933][ T6518] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038 (0x7fffffff)
[  311.486557][ T6514] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.713: couldn't read orphan inode 15 (err -117)
[  311.506605][ T6514] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue. Quota mode: writeback.
[  311.707590][ T6531] loop4: detected capacity change from 0 to 128
[  311.777287][ T6531] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  311.858745][ T6536] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  312.079362][ T5418] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff)
[  312.117504][ T5418] FAT-fs (loop4): Filesystem has been set read-only
[  312.200881][ T6540] netlink: 20 bytes leftover after parsing attributes in process `syz.2.722'.
[  312.224493][ T6544] loop3: detected capacity change from 0 to 512
[  312.341301][ T6544] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  312.378285][ T6544] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[  312.690232][ T6552] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  314.224886][ T6559] loop3: detected capacity change from 0 to 1024
[  314.988137][ T6559] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  315.156472][ T6559] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038 (0x7fffffff)
[  315.428711][ T6576] loop1: detected capacity change from 0 to 512
[  315.520666][ T6576] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  315.543418][ T6566] chnl_net:caif_netlink_parms(): no params data found
[  315.554494][ T6576] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  315.588477][ T6576] System zones: 0-2, 18-18, 34-35
[  315.600129][ T6576] EXT4-fs (loop1): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  315.844729][ T6566] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.853183][ T6566] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.861319][ T6566] device bridge_slave_0 entered promiscuous mode
[  316.171859][ T6572] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  316.551238][   T21] Bluetooth: hci3: command 0x0409 tx timeout
[  316.609820][ T6566] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.621319][ T6566] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.639829][ T6566] device bridge_slave_1 entered promiscuous mode
[  316.670282][ T6594] device pim6reg1 entered promiscuous mode
[  316.753765][ T6566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  316.762996][ T3612] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  316.778030][ T6596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'.
[  316.791356][ T6566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  316.822848][ T6566] team0: Port device team_slave_0 added
[  316.834155][ T6596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'.
[  316.852030][ T6566] team0: Port device team_slave_1 added
[  316.880595][ T6566] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.888161][ T6566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.914254][ T6566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.926920][ T6566] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.934061][ T6566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.967344][ T1393] ieee802154 phy0 wpan0: encryption failed: -22
[  316.974784][ T1393] ieee802154 phy1 wpan1: encryption failed: -22
[  316.982328][ T6566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.026399][ T6566] device hsr_slave_0 entered promiscuous mode
[  317.032670][ T3612] usb 2-1: Using ep0 maxpacket: 8
[  317.038726][ T6566] device hsr_slave_1 entered promiscuous mode
[  317.045320][ T4254] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  317.053854][ T6566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  317.061775][ T6566] Cannot create hsr debugfs directory
[  317.156386][ T6566] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.171333][ T3612] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  317.183374][ T3612] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  317.197826][ T3612] usb 2-1: config 0 has no interface number 0
[  317.207466][ T3612] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  317.226921][ T6566] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.227562][ T3612] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  317.250728][ T3612] usb 2-1: config 0 interface 52 has no altsetting 0
[  317.323346][ T6566] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.471449][ T6566] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.483540][ T3612] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  317.492992][ T3612] usb 2-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  317.507940][ T3612] usb 2-1: Product: syz
[  317.512279][ T3612] usb 2-1: Manufacturer: syz
[  317.516971][ T3612] usb 2-1: SerialNumber: syz
[  317.522130][ T4254] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  317.533351][ T4254] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  317.545785][ T3612] usb 2-1: config 0 descriptor??
[  317.651377][ T4254] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  317.683780][ T4254] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  317.732173][ T6606] loop0: detected capacity change from 0 to 127
[  317.748768][ T4254] usb 1-1: SerialNumber: syz
[  317.793428][ T6566] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  317.824449][ T3612] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input17
[  317.852596][ T6566] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  317.894920][ T6566] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  317.958029][ T6566] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  318.074152][ T4254] usb 1-1: 0:2 : does not exist
[  318.100702][ T4254] usb 1-1: unit 255 not found!
[  318.110142][   T21] usb 2-1: USB disconnect, device number 9
[  318.121191][    C0] synaptics_usb 2-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  318.238155][ T6566] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.268603][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  318.278070][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.312498][ T4254] usb 1-1: USB disconnect, device number 10
[  318.327805][ T6566] 8021q: adding VLAN 0 to HW filter on device team0
[  318.348208][ T3561] udevd[3561]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  318.410639][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  318.432355][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.451788][ T3715] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.458861][ T3715] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.551341][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  318.560374][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.595790][ T3715] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.603040][ T3715] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.651440][ T5547] Bluetooth: hci3: command 0x041b tx timeout
[  318.665066][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  318.760415][ T6566] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  318.821192][ T6566] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  318.834606][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  318.858673][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  318.890972][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  318.939973][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  318.976395][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  318.993621][ T6618] loop1: detected capacity change from 0 to 512
[  319.025895][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  319.059344][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  319.090924][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  319.118965][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  319.147064][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.191502][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  319.222876][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  319.475629][ T6626] loop0: detected capacity change from 0 to 16
[  319.551764][ T6626] erofs: (device loop0): mounted with root inode @ nid 36.
[  320.594977][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  320.664823][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  320.674211][ T6618] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  320.711472][   T21] Bluetooth: hci3: command 0x040f tx timeout
[  320.730983][ T6566] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.809049][ T6618] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038 (0x7fffffff)
[  320.834774][ T6639] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  323.708308][ T1077] Bluetooth: hci3: command 0x0419 tx timeout
[  323.843937][ T6658] loop3: detected capacity change from 0 to 128
[  324.183880][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  324.269124][ T6668] loop1: detected capacity change from 0 to 512
[  324.552263][ T1077] Bluetooth: hci0: command 0x0406 tx timeout
[  324.623761][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  324.976333][ T6668] EXT4-fs (loop1): orphan cleanup on readonly fs
[  324.987509][ T6668] __quota_error: 64 callbacks suppressed
[  324.987524][ T6668] Quota error (device loop1): v2_read_file_info: Can't read info structure
[  325.002543][ T6668] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  325.017083][ T6668] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  325.027058][ T6668] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.754: bg 0: block 64: padding at end of block bitmap is not set
[  325.045800][ T6668] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6185: Corrupt filesystem
[  325.055617][ T6668] EXT4-fs (loop1): 1 orphan inode deleted
[  325.061917][ T6668] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  325.133012][ T6671] loop3: detected capacity change from 0 to 512
[  325.162286][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  325.179268][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  325.215196][ T6566] device veth0_vlan entered promiscuous mode
[  325.232331][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  325.251875][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  325.305412][ T6671] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  325.332568][ T6671] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  325.340647][ T6671] System zones: 0-2
[  325.340663][ T6566] device veth1_vlan entered promiscuous mode
[  325.366507][ T6671] , 18-18, 34-35
[  325.377523][ T6671] EXT4-fs (loop3): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  325.478102][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  325.532005][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  325.574682][ T6566] device veth0_macvtap entered promiscuous mode
[  325.616437][ T6566] device veth1_macvtap entered promiscuous mode
[  325.675734][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.696860][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.707645][ T6686] loop1: detected capacity change from 0 to 512
[  325.717457][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.741677][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.761249][ T3616] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  325.784613][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.818628][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.850453][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.890353][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.910879][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.931219][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.941363][ T3646] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  325.961696][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.991752][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.012814][ T6686] EXT4-fs (loop1): Test dummy encryption mode enabled
[  326.021431][ T3616] usb 4-1: Using ep0 maxpacket: 8
[  326.022168][ T6566] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.049643][ T6686] EXT4-fs error (device loop1): __ext4_iget:4872: inode #11: block 1: comm syz.1.761: invalid block
[  326.062784][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  326.074364][ T6686] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.761: couldn't read orphan inode 11 (err -117)
[  326.074894][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  326.099232][ T6686] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000002000,jqfmt=vfsv0,delalloc,usrjquota=,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  326.122264][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  326.143233][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  326.191437][ T3616] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  326.221198][ T3646] usb 1-1: Using ep0 maxpacket: 32
[  326.297650][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.331726][ T3616] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  326.351188][ T3616] usb 4-1: config 0 has no interface number 0
[  326.358653][ T3616] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  326.379951][ T3646] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  326.895095][ T3616] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  326.908994][ T3646] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  326.919389][ T3646] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  326.928648][ T3616] usb 4-1: config 0 interface 52 has no altsetting 0
[  326.928662][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.928678][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.935900][ T3646] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  326.969241][ T3646] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.983348][ T3646] usb 1-1: config 0 descriptor??
[  326.990194][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.000734][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.020804][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.031152][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.043906][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.054238][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.065398][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.075582][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.092066][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.102405][ T3616] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  327.112689][ T6677] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  327.125039][ T6566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.127946][ T3616] usb 4-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  327.138441][ T6566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.160528][ T3616] usb 4-1: Product: syz
[  327.164046][ T6566] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.169380][ T3616] usb 4-1: Manufacturer: syz
[  327.176854][ T3616] usb 4-1: SerialNumber: syz
[  327.214759][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  327.240077][ T3616] usb 4-1: config 0 descriptor??
[  327.258850][ T5746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  327.268390][ T6684] netlink: 28 bytes leftover after parsing attributes in process `syz.0.760'.
[  327.313828][ T6566] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.323231][ T6566] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.332444][ T6566] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.341522][ T6566] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.391239][   T13] usb 1-1: USB disconnect, device number 11
[  327.533698][ T3840] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.557419][ T3840] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.587639][ T3616] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input18
[  327.613787][ T3813] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  327.845678][   T13] usb 4-1: USB disconnect, device number 9
[  327.997731][ T3813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.019554][ T3813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.091182][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  328.239486][ T6721] loop4: detected capacity change from 0 to 512
[  328.356405][ T6721] EXT4-fs (loop4): Ignoring removed oldalloc option
[  328.407555][ T6721] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.729: Parent and EA inode have the same ino 15
[  328.467790][ T6718] loop1: detected capacity change from 0 to 8192
[  328.591127][ T6721] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.729: Parent and EA inode have the same ino 15
[  328.664397][ T6718] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option ""
[  328.766560][ T6721] EXT4-fs (loop4): 1 orphan inode deleted
[  328.775258][ T6732] loop3: detected capacity change from 0 to 128
[  328.790544][ T6721] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,lazytime,oldalloc,resuid=0x000000000000ee01,,errors=continue. Quota mode: none.
[  333.186440][   T26] audit: type=1326 audit(1726259007.620:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6756 comm="syz.3.776" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1648486ef9 code=0x0
[  333.293637][ T6780] netlink: 'syz.0.780': attribute type 10 has an invalid length.
[  333.342961][ T6780] device geneve0 entered promiscuous mode
[  333.396521][ T6780] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  333.512961][ T6783] loop2: detected capacity change from 0 to 4096
[  334.055140][ T6813] loop0: detected capacity change from 0 to 64
[  334.112295][   T26] audit: type=1800 audit(1726259008.550:171): pid=6783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.781" name="bus" dev="loop2" ino=33 res=0 errno=0
[  334.162265][   T26] audit: type=1800 audit(1726259008.580:172): pid=6783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.781" name="bus" dev="loop2" ino=33 res=0 errno=0
[  334.227521][ T6813] hfs: unable to locate alternate MDB
[  334.243648][ T6813] hfs: continuing without an alternate MDB
[  335.060719][ T3663] Bluetooth: hci2: command 0x0406 tx timeout
[  336.248670][ T6850] loop4: detected capacity change from 0 to 256
[  337.684168][ T3613] kernel write not supported for file [eventfd] (pid: 3613 comm: kworker/1:4)
[  339.807555][ T6885] loop4: detected capacity change from 0 to 1024
[  339.986371][ T6885] hfsplus: xattr searching failed
[  340.026891][ T6890] loop0: detected capacity change from 0 to 1024
[  340.287784][ T6890] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  342.570711][ T6902] loop0: detected capacity change from 0 to 512
[  342.596049][ T6906] netlink: 'syz.4.802': attribute type 20 has an invalid length.
[  342.647590][ T6902] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  342.666029][ T6902] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  342.677335][ T6902] System zones: 0-2, 18-18, 34-35
[  342.681205][ T3696] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  342.690301][ T6902] EXT4-fs (loop0): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  343.201814][ T3663] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  343.442541][ T6893] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  343.481290][ T3663] usb 1-1: Using ep0 maxpacket: 8
[  343.741422][ T3663] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  343.761122][ T3663] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  343.787799][ T3663] usb 1-1: config 0 has no interface number 0
[  343.816794][ T6913] netlink: 45 bytes leftover after parsing attributes in process `syz.4.805'.
[  343.840351][ T3663] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  343.871430][ T3696] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  343.881760][ T3663] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  343.895072][ T3696] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.907231][ T3696] usb 4-1: config 0 descriptor??
[  343.914010][ T3663] usb 1-1: config 0 interface 52 has no altsetting 0
[  343.962349][ T3696] cp210x 4-1:0.0: cp210x converter detected
[  344.152373][ T3663] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  344.261455][ T3663] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  344.269968][ T3663] usb 1-1: Product: syz
[  344.381171][ T3663] usb 1-1: Manufacturer: syz
[  344.381772][ T6898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.810'.
[  344.385808][ T3663] usb 1-1: SerialNumber: syz
[  344.421415][ T3696] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: 2
[  344.461888][ T3663] usb 1-1: config 0 descriptor??
[  344.793092][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  344.989219][ T3696] usb 4-1: cp210x converter now attached to ttyUSB0
[  345.067273][ T3663] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input19
[  345.191640][ T3612] usb 4-1: USB disconnect, device number 10
[  345.215171][ T3612] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  345.300572][ T3612] cp210x 4-1:0.0: device disconnected
[  345.336370][   T13] usb 1-1: USB disconnect, device number 12
[  346.092856][ T6948] loop2: detected capacity change from 0 to 16
[  346.270240][ T6954] loop1: detected capacity change from 0 to 512
[  346.642215][ T6948] erofs: (device loop2): mounted with root inode @ nid 36.
[  346.775063][ T6954] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue. Quota mode: writeback.
[  346.873241][ T6954] ext4 filesystem being mounted at /72/bus supports timestamps until 2038 (0x7fffffff)
[  347.921107][   T26] audit: type=1326 audit(1726259022.350:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.4.819" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b895a0ef9 code=0x0
[  348.151497][   T21] Bluetooth: hci3: command 0x1407 tx timeout
[  348.272927][ T6965] loop0: detected capacity change from 0 to 16
[  348.557711][ T6965] erofs: (device loop0): mounted with root inode @ nid 36.
[  348.717784][ T6981] ubi: mtd0 is already attached to ubi0
[  351.947466][ T6995] loop1: detected capacity change from 0 to 128
[  352.086949][ T6995] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  352.098248][ T6995] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  352.339608][ T7006] loop4: detected capacity change from 0 to 512
[  353.495796][ T7006] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  353.516837][ T7006] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  353.581151][ T7020] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  353.667682][ T7006] System zones: 0-2, 18-18, 34-35
[  353.739008][ T3579] Bluetooth: hci5: sending frame failed (-49)
[  353.913251][ T7006] EXT4-fs (loop4): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  355.320649][ T7026] loop0: detected capacity change from 0 to 256
[  355.405094][ T3616] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  356.087697][ T3696] Bluetooth: hci5: command 0x1003 tx timeout
[  356.109607][ T3579] Bluetooth: hci5: sending frame failed (-49)
[  356.168098][ T7038] loop1: detected capacity change from 0 to 1764
[  356.248787][ T7041] loop2: detected capacity change from 0 to 164
[  357.035988][ T7040] rock: directory entry would overflow storage
[  357.042406][ T7042] loop4: detected capacity change from 0 to 256
[  357.042632][ T7040] rock: sig=0x4f50, size=4, remaining=3
[  357.054556][ T7040] iso9660: Corrupted directory entry in block 4 of inode 1792
[  357.241383][   T26] audit: type=1800 audit(1726259031.550:174): pid=7042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.837" name="bus" dev="loop4" ino=1048644 res=0 errno=0
[  358.573622][   T13] Bluetooth: hci5: command 0x1001 tx timeout
[  358.579829][ T3579] Bluetooth: hci5: sending frame failed (-49)
[  358.685448][ T7062] loop4: detected capacity change from 0 to 512
[  358.833972][ T7062] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  358.858724][ T7062] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  359.545457][ T7070] loop0: detected capacity change from 0 to 64
[  359.653309][ T7062] System zones: 0-2, 18-18, 34-35
[  359.696314][ T7062] EXT4-fs (loop4): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  360.171200][ T3696] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  360.451244][ T3696] usb 5-1: Using ep0 maxpacket: 8
[  360.571541][ T3696] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  360.595893][ T3696] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  360.650955][ T3696] usb 5-1: config 0 has no interface number 0
[  360.705955][ T3696] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  360.913290][ T3696] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  360.927046][ T3696] usb 5-1: config 0 interface 52 has no altsetting 0
[  360.941455][ T2988] Bluetooth: hci5: command 0x1009 tx timeout
[  360.989469][ T7091] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  361.101819][ T7091] loop1: detected capacity change from 0 to 1024
[  361.111490][ T3696] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  361.124489][ T7093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  361.130851][ T3696] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  361.151237][ T3696] usb 5-1: Product: syz
[  361.155649][ T3696] usb 5-1: Manufacturer: syz
[  361.160262][ T3696] usb 5-1: SerialNumber: syz
[  361.162381][ T7093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  361.177805][ T3696] usb 5-1: config 0 descriptor??
[  361.190845][ T7093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  361.218893][ T7091] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  361.248607][ T7091] EXT4-fs (loop1): orphan cleanup on readonly fs
[  361.269019][ T7091] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.853: bg 0: block 10: padding at end of block bitmap is not set
[  361.295978][ T7091] Quota error (device loop1): write_blk: dquota write failed
[  361.311872][ T7091] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  361.329639][ T7091] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  361.341134][ T7091] EXT4-fs error (device loop1): ext4_acquire_dquot:6196: comm syz.1.853: Failed to acquire dquot type 0
[  361.362685][ T7091] EXT4-fs error (device loop1): ext4_free_blocks:6225: comm syz.1.853: Freeing blocks not in datazone - block = 0, count = 4096
[  361.394400][ T7091] EXT4-fs (loop1): 1 truncate cleaned up
[  361.400543][ T7091] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  361.465065][ T3696] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.52/input/input20
[  361.708648][ T2988] usb 5-1: USB disconnect, device number 11
[  361.721117][    C0] synaptics_usb 5-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  363.933184][ T3840] wlan1: Trigger new scan to find an IBSS to join
[  364.203757][ T7128] loop1: detected capacity change from 0 to 2048
[  364.234736][ T7112] chnl_net:caif_netlink_parms(): no params data found
[  365.056334][   T13] Bluetooth: hci6: command 0x0409 tx timeout
[  366.960175][ T3840] wlan1: Creating new IBSS network, BSSID 82:d5:bc:94:d9:49
[  367.322501][ T3612] Bluetooth: hci6: command 0x041b tx timeout
[  368.063354][ T7145] loop4: detected capacity change from 0 to 2048
[  368.158972][ T7145] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  368.214400][ T7145] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  369.072808][ T7159] loop0: detected capacity change from 0 to 512
[  369.262698][ T7159] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  369.287627][ T7159] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  369.327497][ T7159] System zones: 0-2, 18-18, 34-35
[  369.342094][ T7159] EXT4-fs (loop0): mounted filesystem without journal. Opts: data=journal,journal_dev=0x0000000000000005,,errors=continue. Quota mode: none.
[  369.777429][ T1077] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  370.060940][ T1077] usb 1-1: Using ep0 maxpacket: 8
[  370.191388][ T1077] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  370.210780][ T1077] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  370.242888][ T1077] usb 1-1: config 0 has no interface number 0
[  370.249020][ T1077] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  370.290820][ T1077] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  370.325499][ T1077] usb 1-1: config 0 interface 52 has no altsetting 0
[  370.527481][ T1077] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  370.546912][ T1077] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  370.576029][ T1077] usb 1-1: Product: syz
[  370.590479][ T1077] usb 1-1: Manufacturer: syz
[  370.606422][ T1077] usb 1-1: SerialNumber: syz
[  370.631956][ T1077] usb 1-1: config 0 descriptor??
[  370.963108][ T1077] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input21
[  372.311303][ T7161] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  378.471788][ T1393] ieee802154 phy0 wpan0: encryption failed: -22
[  378.478102][ T1393] ieee802154 phy1 wpan1: encryption failed: -22
[  378.951288][ T1077] Bluetooth: hci4: command 0x0409 tx timeout
[  380.391284][ T1077] Bluetooth: hci5: command 0x0409 tx timeout
[  380.871268][ T1077] Bluetooth: hci7: command 0x0409 tx timeout
[  381.031118][ T1077] Bluetooth: hci4: command 0x041b tx timeout
[  381.991111][ T1077] Bluetooth: hci8: command 0x0409 tx timeout
[  382.471267][ T1077] Bluetooth: hci5: command 0x041b tx timeout
[  382.951214][ T1077] Bluetooth: hci7: command 0x041b tx timeout
[  383.111206][ T1077] Bluetooth: hci4: command 0x040f tx timeout
[  384.071308][ T3613] Bluetooth: hci8: command 0x041b tx timeout
[  384.551366][ T1077] Bluetooth: hci5: command 0x040f tx timeout
[  385.031253][ T3613] Bluetooth: hci7: command 0x040f tx timeout
[  385.191287][ T3613] Bluetooth: hci4: command 0x0419 tx timeout
[  386.151126][ T1077] Bluetooth: hci8: command 0x040f tx timeout
[  386.631250][ T3613] Bluetooth: hci5: command 0x0419 tx timeout
[  387.111139][ T3613] Bluetooth: hci7: command 0x0419 tx timeout
[  388.231234][ T1077] Bluetooth: hci8: command 0x0419 tx timeout
[  397.046413][ T3813] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  424.951184][ T5547] Bluetooth: hci9: command 0x0409 tx timeout
[  427.031221][ T5547] Bluetooth: hci9: command 0x041b tx timeout
[  429.111292][ T5547] Bluetooth: hci9: command 0x040f tx timeout
[  431.191157][ T5547] Bluetooth: hci9: command 0x0419 tx timeout
[  431.959055][ T3027] udevd[3027]: worker [3669] /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input21/event4 is taking a long time
[  436.801085][ T5547] Bluetooth: hci3: command 0x0406 tx timeout
[  439.041345][ T3613] Bluetooth: hci10: command 0x0409 tx timeout
[  440.471435][ T5547] Bluetooth: hci11: command 0x0409 tx timeout
[  440.951200][ T5547] Bluetooth: hci12: command 0x0409 tx timeout
[  441.111350][ T5547] Bluetooth: hci10: command 0x041b tx timeout
[  442.471115][ T5547] Bluetooth: hci13: command 0x0409 tx timeout
[  442.551292][ T5547] Bluetooth: hci11: command 0x041b tx timeout
[  443.031424][ T5547] Bluetooth: hci12: command 0x041b tx timeout
[  443.191212][ T5547] Bluetooth: hci10: command 0x040f tx timeout
[  444.551268][ T5547] Bluetooth: hci13: command 0x041b tx timeout
[  444.631408][ T5547] Bluetooth: hci11: command 0x040f tx timeout
[  445.121415][ T5547] Bluetooth: hci12: command 0x040f tx timeout
[  445.271134][ T5547] Bluetooth: hci10: command 0x0419 tx timeout
[  446.631240][ T5547] Bluetooth: hci13: command 0x040f tx timeout
[  446.711322][ T5547] Bluetooth: hci11: command 0x0419 tx timeout
[  447.191228][ T5547] Bluetooth: hci12: command 0x0419 tx timeout
[  448.711182][ T5547] Bluetooth: hci13: command 0x0419 tx timeout
[  485.031139][ T5547] Bluetooth: hci14: command 0x0409 tx timeout
[  487.111111][ T5547] Bluetooth: hci14: command 0x041b tx timeout
[  489.191176][ T5547] Bluetooth: hci14: command 0x040f tx timeout
[  491.271173][ T5547] Bluetooth: hci14: command 0x0419 tx timeout
[  499.031161][ T5547] Bluetooth: hci15: command 0x0409 tx timeout
[  500.551208][ T3613] Bluetooth: hci16: command 0x0409 tx timeout
[  501.114471][ T5547] Bluetooth: hci15: command 0x041b tx timeout
[  501.671178][ T5547] Bluetooth: hci17: command 0x0409 tx timeout
[  502.631282][ T5547] Bluetooth: hci16: command 0x041b tx timeout
[  503.111165][ T5547] Bluetooth: hci18: command 0x0409 tx timeout
[  503.191251][ T5547] Bluetooth: hci15: command 0x040f tx timeout
[  503.351237][ T5547] Bluetooth: hci4: command 0x0406 tx timeout
[  503.357353][ T5547] Bluetooth: hci5: command 0x0406 tx timeout
[  503.371047][ T5547] Bluetooth: hci7: command 0x0406 tx timeout
[  503.388013][ T5547] Bluetooth: hci8: command 0x0406 tx timeout
[  503.751130][ T5547] Bluetooth: hci17: command 0x041b tx timeout
[  504.711518][ T3613] Bluetooth: hci16: command 0x040f tx timeout
[  505.191130][ T3613] Bluetooth: hci18: command 0x041b tx timeout
[  505.271314][ T3613] Bluetooth: hci15: command 0x0419 tx timeout
[  505.831170][ T3613] Bluetooth: hci17: command 0x040f tx timeout
[  506.791252][ T3613] Bluetooth: hci16: command 0x0419 tx timeout
[  507.271263][ T5547] Bluetooth: hci18: command 0x040f tx timeout
[  507.911119][ T5547] Bluetooth: hci17: command 0x0419 tx timeout
[  509.351321][ T5547] Bluetooth: hci18: command 0x0419 tx timeout
[  523.031301][   T27] INFO: task kworker/u4:2:154 blocked for more than 143 seconds.
[  523.039067][   T27]       Not tainted 5.15.167-syzkaller #0
[  523.062896][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  523.080346][   T27] task:kworker/u4:2    state:D stack:23032 pid:  154 ppid:     2 flags:0x00004000
[  523.109897][   T27] Workqueue: phy18 ieee80211_iface_work
[  523.194554][   T27] Call Trace:
[  523.197881][   T27]  <TASK>
[  523.200831][   T27]  __schedule+0x12c4/0x45b0
[  523.211195][   T27]  ? release_firmware_map_entry+0x190/0x190
[  523.217143][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  523.235499][   T27]  ? kthread_data+0x4e/0xc0
[  523.240064][   T27]  ? wq_worker_sleeping+0x5d/0x200
[  523.252856][   T27]  schedule+0x11b/0x1f0
[  523.257060][   T27]  schedule_preempt_disabled+0xf/0x20
[  523.272410][   T27]  __mutex_lock_common+0xe34/0x25a0
[  523.277667][   T27]  ? synchronize_rcu_expedited+0x350/0x740
[  523.295618][   T27]  ? mutex_lock_io_nested+0x60/0x60
[  523.300863][   T27]  ? do_raw_spin_lock+0x14a/0x370
[  523.313169][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  523.318440][   T27]  mutex_lock_nested+0x17/0x20
[  523.331280][   T27]  synchronize_rcu_expedited+0x350/0x740
[  523.336962][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  523.352535][   T27]  ? sta_info_hash_del+0xa8b/0xc80
[  523.357697][   T27]  ? __might_sleep+0xc0/0xc0
[  523.371414][   T27]  ? rcu_is_watching+0x11/0xa0
[  523.376238][   T27]  ? trace_drv_return_void+0x85/0x1d0
[  523.393727][   T27]  ? __sta_info_destroy_part1+0x7e8/0xdb0
[  523.399502][   T27]  __sta_info_destroy+0x33/0x50
[  523.413338][   T27]  ieee80211_ibss_work+0x6d3/0x1480
[  523.418589][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  523.435704][   T27]  ? _raw_spin_unlock+0x40/0x40
[  523.440604][   T27]  ? ieee80211_ibss_rx_queued_mgmt+0x2af0/0x2af0
[  523.458193][   T27]  ? preempt_schedule+0xd9/0xe0
[  523.466898][   T27]  ? skb_dequeue+0x10f/0x140
[  523.478691][   T27]  ? ieee80211_iface_work+0x9c6/0xcc0
[  523.487806][   T27]  ? ieee80211_iface_work+0xbdf/0xcc0
[  523.501719][   T27]  ? preempt_schedule_thunk+0x16/0x18
[  523.507154][   T27]  process_one_work+0x8a1/0x10c0
[  523.521131][   T27]  ? worker_detach_from_pool+0x260/0x260
[  523.526826][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  523.542615][   T27]  ? kthread_data+0x4e/0xc0
[  523.547172][   T27]  ? wq_worker_running+0x97/0x170
[  523.560411][   T27]  worker_thread+0xaca/0x1280
[  523.568088][   T27]  kthread+0x3f6/0x4f0
[  523.580249][   T27]  ? rcu_lock_release+0x20/0x20
[  523.587776][   T27]  ? kthread_blkcg+0xd0/0xd0
[  523.600710][   T27]  ret_from_fork+0x1f/0x30
[  523.608910][   T27]  </TASK>
[  523.621196][   T27] INFO: task acpid:3012 blocked for more than 143 seconds.
[  523.628431][   T27]       Not tainted 5.15.167-syzkaller #0
[  523.644570][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  523.659711][   T27] task:acpid           state:D stack:21504 pid: 3012 ppid:     1 flags:0x00004002
[  523.674446][   T27] Call Trace:
[  523.677752][   T27]  <TASK>
[  523.680694][   T27]  __schedule+0x12c4/0x45b0
[  523.698338][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  523.707179][   T27]  ? print_irqtrace_events+0x210/0x210
[  523.721750][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  523.727009][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  523.743756][   T27]  ? release_firmware_map_entry+0x190/0x190
[  523.749694][   T27]  ? __might_sleep+0xc0/0xc0
[  523.761171][   T27]  ? prepare_to_wait_event+0x3aa/0x3e0
[  523.766675][   T27]  schedule+0x11b/0x1f0
[  523.770850][   T27]  synchronize_rcu_expedited+0x671/0x740
[  523.786783][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  523.795955][   T27]  ? init_wait_entry+0xd0/0xd0
[  523.800767][   T27]  ? mark_lock+0x98/0x340
[  523.812707][   T27]  ? __lock_acquire+0x1295/0x1ff0
[  523.818208][   T27]  synchronize_rcu+0x107/0x1a0
[  523.833118][   T27]  ? kvfree_call_rcu+0x8a0/0x8a0
[  523.838190][   T27]  ? mousedev_release+0x13a/0x180
[  523.853522][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  523.858619][   T27]  ? do_raw_spin_lock+0x14a/0x370
[  523.871351][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  523.876636][   T27]  mousedev_release+0x13f/0x180
[  523.891644][   T27]  ? mousedev_open+0x470/0x470
[  523.896461][   T27]  __fput+0x3fe/0x8e0
[  523.900483][   T27]  task_work_run+0x129/0x1a0
[  523.919965][   T27]  exit_to_user_mode_loop+0x106/0x130
[  523.926029][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  523.942779][   T27]  syscall_exit_to_user_mode+0x5d/0x240
[  523.948392][   T27]  do_syscall_64+0x47/0xb0
[  523.961078][   T27]  ? clear_bhb_loop+0x15/0x70
[  523.965803][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  523.981037][   T27] RIP: 0033:0x7f19621770a8
[  523.985495][   T27] RSP: 002b:00007ffc59398cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  524.005795][   T27] RAX: 0000000000000000 RBX: 00007ffc59398f38 RCX: 00007f19621770a8
[  524.019139][   T27] RDX: 0000000000000000 RSI: 000000000000001e RDI: 000000000000000a
[  524.038786][   T27] RBP: 000000000000000a R08: 00000000ffffffff R09: 00007ffc59398e38
[  524.049515][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc59398e38
[  524.069879][   T27] R13: 0000000000000040 R14: 00007ffc59398f38 R15: 00007ffc59398e38
[  524.090992][   T27]  </TASK>
[  524.094094][   T27] INFO: task kworker/u4:6:3645 blocked for more than 144 seconds.
[  524.111002][   T27]       Not tainted 5.15.167-syzkaller #0
[  524.116768][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  524.135905][   T27] task:kworker/u4:6    state:D stack:21752 pid: 3645 ppid:     2 flags:0x00004000
[  524.150433][   T27] Workqueue: events_unbound linkwatch_event
[  524.172757][   T27] Call Trace:
[  524.176082][   T27]  <TASK>
[  524.179030][   T27]  __schedule+0x12c4/0x45b0
[  524.191000][   T27]  ? release_firmware_map_entry+0x190/0x190
[  524.201249][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  524.206749][   T27]  ? kthread_data+0x4e/0xc0
[  524.221338][   T27]  ? wq_worker_sleeping+0x5d/0x200
[  524.226975][   T27]  schedule+0x11b/0x1f0
[  524.241281][   T27]  schedule_preempt_disabled+0xf/0x20
[  524.246706][   T27]  __mutex_lock_common+0xe34/0x25a0
[  524.261029][   T27]  ? linkwatch_event+0xa/0x50
[  524.265760][   T27]  ? mutex_lock_io_nested+0x60/0x60
[  524.282820][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  524.288853][   T27]  ? print_irqtrace_events+0x210/0x210
[  524.305099][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  524.310353][   T27]  mutex_lock_nested+0x17/0x20
[  524.331169][   T27]  linkwatch_event+0xa/0x50
[  524.335740][   T27]  process_one_work+0x8a1/0x10c0
[  524.340728][   T27]  ? worker_detach_from_pool+0x260/0x260
[  524.358029][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  524.367438][   T27]  ? kthread_data+0x4e/0xc0
[  524.379316][   T27]  ? wq_worker_running+0x97/0x170
[  524.388407][   T27]  worker_thread+0xaca/0x1280
[  524.401184][   T27]  kthread+0x3f6/0x4f0
[  524.405303][   T27]  ? rcu_lock_release+0x20/0x20
[  524.410190][   T27]  ? kthread_blkcg+0xd0/0xd0
[  524.425592][   T27]  ret_from_fork+0x1f/0x30
[  524.430090][   T27]  </TASK>
[  524.439943][   T27] INFO: task udevd:3669 blocked for more than 144 seconds.
[  524.452354][   T27]       Not tainted 5.15.167-syzkaller #0
[  524.458099][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  524.477937][   T27] task:udevd           state:D stack:22624 pid: 3669 ppid:  3027 flags:0x00004002
[  524.498325][   T27] Call Trace:
[  524.504208][   T27]  <TASK>
[  524.507189][   T27]  __schedule+0x12c4/0x45b0
[  524.521067][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  524.527098][   T27]  ? print_irqtrace_events+0x210/0x210
[  524.543871][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  524.549127][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  524.566689][   T27]  ? release_firmware_map_entry+0x190/0x190
[  524.577776][   T27]  ? __might_sleep+0xc0/0xc0
[  524.588607][   T27]  ? prepare_to_wait_event+0x3aa/0x3e0
[  524.599114][   T27]  schedule+0x11b/0x1f0
[  524.609310][   T27]  synchronize_rcu_expedited+0x671/0x740
[  524.621179][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  524.626681][   T27]  ? init_wait_entry+0xd0/0xd0
[  524.643635][   T27]  ? mark_lock+0x98/0x340
[  524.648020][   T27]  ? __lock_acquire+0x1295/0x1ff0
[  524.660868][   T27]  synchronize_rcu+0x107/0x1a0
[  524.669662][   T27]  ? kvfree_call_rcu+0x8a0/0x8a0
[  524.681129][   T27]  ? evdev_release+0x1f5/0x7c0
[  524.685934][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  524.700722][   T27]  ? do_raw_spin_lock+0x14a/0x370
[  524.706224][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  524.723036][   T27]  evdev_release+0x1fa/0x7c0
[  524.727678][   T27]  ? evdev_open+0x600/0x600
[  524.741102][   T27]  __fput+0x3fe/0x8e0
[  524.745246][   T27]  task_work_run+0x129/0x1a0
[  524.749869][   T27]  exit_to_user_mode_loop+0x106/0x130
[  524.765849][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  524.776688][   T27]  syscall_exit_to_user_mode+0x5d/0x240
[  524.789022][   T27]  do_syscall_64+0x47/0xb0
[  524.799601][   T27]  ? clear_bhb_loop+0x15/0x70
[  524.810420][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  524.821117][   T27] RIP: 0033:0x7f4e688410a8
[  524.825686][   T27] RSP: 002b:00007fff53999bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  524.846893][   T27] RAX: 0000000000000000 RBX: 00007f4e68715ae0 RCX: 00007f4e688410a8
[  524.860730][   T27] RDX: 00007fff53999c68 RSI: 0000000080184541 RDI: 0000000000000008
[  524.874915][   T27] RBP: 00005640da9932c0 R08: 0000000000000000 R09: 00007f4e6891bb10
[  524.889966][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  524.902955][   T27] R13: 0000000000000000 R14: 00005640d3a120d0 R15: 0000000000000000
[  524.919705][   T27]  </TASK>
[  524.925654][   T27] INFO: task syz-executor:5407 blocked for more than 145 seconds.
[  524.941092][   T27]       Not tainted 5.15.167-syzkaller #0
[  524.947224][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  524.975944][   T27] task:syz-executor    state:D stack:20096 pid: 5407 ppid:     1 flags:0x00004006
[  524.990149][   T27] Call Trace:
[  524.999926][   T27]  <TASK>
[  525.008096][   T27]  __schedule+0x12c4/0x45b0
[  525.019058][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  525.030053][   T27]  ? print_irqtrace_events+0x210/0x210
[  525.041181][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  525.046945][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  525.062839][   T27]  ? release_firmware_map_entry+0x190/0x190
[  525.068790][   T27]  ? __might_sleep+0xc0/0xc0
[  525.086877][   T27]  ? prepare_to_wait_event+0x3aa/0x3e0
[  525.098125][   T27]  schedule+0x11b/0x1f0
[  525.108695][   T27]  synchronize_rcu_expedited+0x671/0x740
[  525.121115][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  525.126109][   T27]  ? init_wait_entry+0xd0/0xd0
[  525.130895][   T27]  ? mark_lock+0x98/0x340
[  525.146970][   T27]  ? up_write+0x19d/0x580
[  525.156990][   T27]  ? __up_read+0x690/0x690
[  525.167784][   T27]  ? shrink_dentry_list+0x68c/0x6a0
[  525.178304][   T27]  namespace_unlock+0x297/0x4d0
[  525.191549][   T27]  ? put_mnt_ns+0xd3/0x120
[  525.196014][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  525.211176][   T27]  ? umount_tree+0xee0/0xee0
[  525.215830][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  525.231070][   T27]  ? free_nsproxy+0x49/0x3b0
[  525.235798][   T27]  put_mnt_ns+0xd8/0x120
[  525.240069][   T27]  free_nsproxy+0x49/0x3b0
[  525.255132][   T27]  do_exit+0x69e/0x2480
[  525.259457][   T27]  ? put_task_struct+0x80/0x80
[  525.270825][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  525.282847][   T27]  do_group_exit+0x144/0x310
[  525.287484][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  525.303156][   T27]  get_signal+0xc66/0x14e0
[  525.307630][   T27]  ? kasan_quarantine_put+0xd4/0x220
[  525.323676][   T27]  arch_do_signal_or_restart+0xc3/0x1890
[  525.329366][   T27]  ? rcu_is_watching+0x11/0xa0
[  525.341424][   T27]  ? kmem_cache_free+0x146/0x1f0
[  525.346407][   T27]  ? fd_install+0x2b1/0x4c0
[  525.363050][   T27]  ? do_sys_openat2+0x202/0x4f0
[  525.367966][   T27]  ? get_sigframe_size+0x10/0x10
[  525.381253][   T27]  ? do_unlinkat+0x885/0x950
[  525.385893][   T27]  ? __x64_sys_openat+0x243/0x290
[  525.401041][   T27]  ? exit_to_user_mode_loop+0x39/0x130
[  525.406544][   T27]  exit_to_user_mode_loop+0x97/0x130
[  525.424666][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  525.430266][   T27]  syscall_exit_to_user_mode+0x5d/0x240
[  525.451086][   T27]  do_syscall_64+0x47/0xb0
[  525.456017][   T27]  ? clear_bhb_loop+0x15/0x70
[  525.460728][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  525.477481][   T27] RIP: 0033:0x7f80ad4c7890
[  525.485936][   T27] RSP: 002b:00007fffe7c5e270 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  525.501209][   T27] RAX: 0000000000000006 RBX: 0000000000000000 RCX: 00007f80ad4c7890
[  525.509215][   T27] RDX: 0000000000000000 RSI: 00007fffe7c5e3a0 RDI: 00000000ffffff9c
[  525.532442][   T27] RBP: 00007fffe7c5e3a0 R08: 0000000000000000 R09: 0000000000000000
[  525.540462][   T27] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fffe7c5f490
[  525.557857][   T27] R13: 00007f80ad53ba14 R14: 00005555908b34a8 R15: 0000000000000006
[  525.570453][   T27]  </TASK>
[  525.580781][   T27] INFO: task kworker/u4:13:5746 blocked for more than 145 seconds.
[  525.601103][   T27]       Not tainted 5.15.167-syzkaller #0
[  525.606952][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  525.626440][   T27] task:kworker/u4:13   state:D stack:21560 pid: 5746 ppid:     2 flags:0x00004000
[  525.648922][   T27] Workqueue: phy24 ieee80211_iface_work
[  525.660143][   T27] Call Trace:
[  525.664241][   T27]  <TASK>
[  525.667203][   T27]  __schedule+0x12c4/0x45b0
[  525.681056][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  525.687095][   T27]  ? print_irqtrace_events+0x210/0x210
[  525.703571][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  525.708830][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  525.726148][   T27]  ? release_firmware_map_entry+0x190/0x190
[  525.737138][   T27]  ? __might_sleep+0xc0/0xc0
[  525.748118][   T27]  ? wq_worker_sleeping+0x5d/0x200
[  525.760302][   T27]  schedule+0x11b/0x1f0
[  525.771223][   T27]  synchronize_rcu_expedited+0x671/0x740
[  525.776910][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  525.791294][   T27]  ? init_wait_entry+0xd0/0xd0
[  525.796132][   T27]  ? sta_info_hash_del+0xa8b/0xc80
[  525.811096][   T27]  ? __might_sleep+0xc0/0xc0
[  525.815734][   T27]  ? rcu_is_watching+0x11/0xa0
[  525.820515][   T27]  ? trace_drv_return_void+0x85/0x1d0
[  525.838134][   T27]  ? __sta_info_destroy_part1+0x7e8/0xdb0
[  525.849069][   T27]  __sta_info_destroy+0x33/0x50
[  525.860322][   T27]  ieee80211_ibss_work+0x6d3/0x1480
[  525.879760][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  525.888958][   T27]  ? _raw_spin_unlock+0x40/0x40
[  525.901085][   T27]  ? ieee80211_ibss_rx_queued_mgmt+0x2af0/0x2af0
[  525.907459][   T27]  ? skb_dequeue+0x10f/0x140
[  525.921063][   T27]  ? ieee80211_iface_work+0x9c6/0xcc0
[  525.928191][   T27]  ? ieee80211_iface_work+0xbdf/0xcc0
[  525.941299][   T27]  process_one_work+0x8a1/0x10c0
[  525.946302][   T27]  ? worker_detach_from_pool+0x260/0x260
[  525.963046][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  525.969047][   T27]  ? kthread_data+0x4e/0xc0
[  525.983120][   T27]  ? wq_worker_running+0x97/0x170
[  525.988203][   T27]  worker_thread+0xaca/0x1280
[  526.007532][   T27]  kthread+0x3f6/0x4f0
[  526.012128][   T27]  ? rcu_lock_release+0x20/0x20
[  526.017009][   T27]  ? kthread_blkcg+0xd0/0xd0
[  526.032483][   T27]  ret_from_fork+0x1f/0x30
[  526.036981][   T27]  </TASK>
[  526.040105][   T27] INFO: task syz.3.829:7003 blocked for more than 146 seconds.
[  526.056578][   T27]       Not tainted 5.15.167-syzkaller #0
[  526.067600][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  526.089393][   T27] task:syz.3.829       state:D stack:24832 pid: 7003 ppid:  3575 flags:0x00004006
[  526.103635][   T27] Call Trace:
[  526.106956][   T27]  <TASK>
[  526.109906][   T27]  __schedule+0x12c4/0x45b0
[  526.126087][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  526.137146][   T27]  ? print_irqtrace_events+0x210/0x210
[  526.148780][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  526.161130][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  526.167084][   T27]  ? release_firmware_map_entry+0x190/0x190
[  526.183893][   T27]  ? __might_sleep+0xc0/0xc0
[  526.188537][   T27]  ? wq_worker_last_func+0x40/0x40
[  526.201109][   T27]  ? prepare_to_wait_event+0x3aa/0x3e0
[  526.206625][   T27]  schedule+0x11b/0x1f0
[  526.210802][   T27]  synchronize_rcu_expedited+0x5c6/0x740
[  526.229603][   T27]  ? synchronize_rcu+0x1a0/0x1a0
[  526.246539][   T27]  ? rcu_exp_sel_wait_wake+0x1c00/0x1c00
[  526.259758][   T27]  ? __might_sleep+0xc0/0xc0
[  526.264784][   T27]  ? init_wait_entry+0xd0/0xd0
[  526.269584][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  526.286559][   T27]  unregister_netdevice_many+0xa5d/0x18f0
[  526.297696][   T27]  ? mark_lock+0x98/0x340
[  526.308401][   T27]  ? alloc_netdev_mqs+0xc10/0xc10
[  526.319408][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  526.331539][   T27]  ? print_irqtrace_events+0x210/0x210
[  526.337047][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  526.353132][   T27]  unregister_netdevice_queue+0x2e6/0x350
[  526.358909][   T27]  ? delayed_work_timer_fn+0x80/0x80
[  526.375855][   T27]  ? list_netdevice+0x450/0x450
[  526.386590][   T27]  ? linkwatch_fire_event+0x2f2/0x3c0
[  526.399070][   T27]  __tun_detach+0x6b6/0x1600
[  526.408805][   T27]  tun_chr_close+0x104/0x1b0
[  526.419615][   T27]  ? tun_chr_open+0x4d0/0x4d0
[  526.429510][   T27]  __fput+0x3fe/0x8e0
[  526.439590][   T27]  task_work_run+0x129/0x1a0
[  526.449181][   T27]  do_exit+0x6a3/0x2480
[  526.459576][   T27]  ? put_task_struct+0x80/0x80
[  526.466598][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  526.480984][   T27]  do_group_exit+0x144/0x310
[  526.485625][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  526.490858][   T27]  get_signal+0xc66/0x14e0
[  526.506337][   T27]  arch_do_signal_or_restart+0xc3/0x1890
[  526.517370][   T27]  ? get_sigframe_size+0x10/0x10
[  526.528616][   T27]  ? kick_process+0xd8/0x150
[  526.538240][   T27]  ? exit_to_user_mode_loop+0x39/0x130
[  526.550052][   T27]  exit_to_user_mode_loop+0x97/0x130
[  526.560634][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  526.579917][   T27]  syscall_exit_to_user_mode+0x5d/0x240
[  526.590113][   T27]  do_syscall_64+0x47/0xb0
[  526.601056][   T27]  ? clear_bhb_loop+0x15/0x70
[  526.605774][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  526.621004][   T27] RIP: 0033:0x7f1648486ef9
[  526.625466][   T27] RSP: 002b:00007f16468ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  526.644260][   T27] RAX: 0000000000000000 RBX: 00007f164863ef80 RCX: 00007f1648486ef9
[  526.659561][   T27] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000009
[  526.678278][   T27] RBP: 00007f16484f9b76 R08: 0000000000000000 R09: 0000000000000000
[  526.699298][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  526.708899][   T27] R13: 0000000000000000 R14: 00007f164863ef80 R15: 00007ffe7fd2f9c8
[  526.727106][   T27]  </TASK>
[  526.730171][   T27] INFO: task syz-executor:7112 blocked for more than 147 seconds.
[  526.749096][   T27]       Not tainted 5.15.167-syzkaller #0
[  526.757636][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  526.774745][   T27] task:syz-executor    state:D stack:21208 pid: 7112 ppid:     1 flags:0x00004004
[  526.790339][   T27] Call Trace:
[  526.800652][   T27]  <TASK>
[  526.809835][   T27]  __schedule+0x12c4/0x45b0
[  526.819423][   T27]  ? release_firmware_map_entry+0x190/0x190
[  526.831109][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  526.836624][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  526.852126][   T27]  schedule+0x11b/0x1f0
[  526.856325][   T27]  schedule_preempt_disabled+0xf/0x20
[  526.870256][   T27]  __mutex_lock_common+0xe34/0x25a0
[  526.890992][   T27]  ? rtnetlink_rcv_msg+0x94c/0xee0
[  526.896322][   T27]  ? mutex_lock_io_nested+0x60/0x60
[  526.911044][   T27]  mutex_lock_nested+0x17/0x20
[  526.915869][   T27]  rtnetlink_rcv_msg+0x94c/0xee0
[  526.920841][   T27]  ? reacquire_held_locks+0x660/0x660
[  526.938042][   T27]  ? rtnetlink_bind+0x80/0x80
[  526.946953][   T27]  ? stack_trace_save+0x1c0/0x1c0
[  526.959594][   T27]  ? __kernel_text_address+0x94/0x100
[  526.968955][   T27]  ? unwind_get_return_address+0x49/0x80
[  526.981281][   T27]  ? reacquire_held_locks+0x660/0x660
[  526.986692][   T27]  ? arch_stack_walk+0xf3/0x140
[  527.002670][   T27]  ? mark_lock+0x98/0x340
[  527.007061][   T27]  ? mark_lock+0x98/0x340
[  527.022080][   T27]  ? __lock_acquire+0x1295/0x1ff0
[  527.027196][   T27]  netlink_rcv_skb+0x1cf/0x410
[  527.046758][   T27]  ? rtnetlink_bind+0x80/0x80
[  527.052067][   T27]  ? netlink_ack+0xb10/0xb10
[  527.056705][   T27]  netlink_unicast+0x7b6/0x980
[  527.072481][   T27]  ? netlink_detachskb+0x90/0x90
[  527.077483][   T27]  ? __virt_addr_valid+0x3bb/0x460
[  527.091277][   T27]  ? 0xffffffff81000000
[  527.095896][   T27]  ? __check_object_size+0x300/0x410
[  527.110975][   T27]  ? bpf_lsm_netlink_send+0x5/0x10
[  527.116142][   T27]  netlink_sendmsg+0xa30/0xd60
[  527.133311][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  527.138570][   T27]  ? aa_sock_msg_perm+0x91/0x150
[  527.153656][   T27]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  527.158983][   T27]  ? security_socket_sendmsg+0x7d/0xa0
[  527.175975][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  527.186520][   T27]  __sys_sendto+0x564/0x720
[  527.200991][   T27]  ? __ia32_sys_getpeername+0x80/0x80
[  527.206536][   T27]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  527.221003][   T27]  ? trace_hardirqs_on+0x30/0x80
[  527.226002][   T27]  __x64_sys_sendto+0xda/0xf0
[  527.230712][   T27]  do_syscall_64+0x3b/0xb0
[  527.246908][   T27]  ? clear_bhb_loop+0x15/0x70
[  527.256888][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  527.270380][   T27] RIP: 0033:0x7fe0f1a9dd8c
[  527.281105][   T27] RSP: 002b:00007ffd9d884570 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  527.289572][   T27] RAX: ffffffffffffffda RBX: 00007fe0f2782620 RCX: 00007fe0f1a9dd8c
[  527.309146][   T27] RDX: 0000000000000028 RSI: 00007fe0f2782670 RDI: 0000000000000003
[  527.318855][   T27] RBP: 0000000000000000 R08: 00007ffd9d8845c4 R09: 000000000000000c
[  527.336698][   T27] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  527.350400][   T27] R13: 0000000000000000 R14: 00007fe0f2782670 R15: 0000000000000000
[  527.371051][   T27]  </TASK>
[  527.374126][   T27] INFO: task syz.2.872:7156 blocked for more than 147 seconds.
[  527.391064][   T27]       Not tainted 5.15.167-syzkaller #0
[  527.396821][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  527.417710][   T27] task:syz.2.872       state:D stack:26336 pid: 7156 ppid:  5570 flags:0x00004004
[  527.431024][   T27] Call Trace:
[  527.434346][   T27]  <TASK>
[  527.437305][   T27]  __schedule+0x12c4/0x45b0
[  527.451967][   T27]  ? release_firmware_map_entry+0x190/0x190
[  527.457929][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  527.474902][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  527.480173][   T27]  schedule+0x11b/0x1f0
[  527.491315][   T27]  schedule_preempt_disabled+0xf/0x20
[  527.496734][   T27]  __mutex_lock_common+0xe34/0x25a0
[  527.514536][   T27]  ? __netlink_dump_start+0x12e/0x6d0
[  527.520016][   T27]  ? mutex_lock_io_nested+0x60/0x60
[  527.536545][   T27]  ? __netlink_lookup+0x614/0x680
[  527.546736][   T27]  mutex_lock_nested+0x17/0x20
[  527.557467][   T27]  __netlink_dump_start+0x12e/0x6d0
[  527.568470][   T27]  rtnetlink_rcv_msg+0xbfe/0xee0
[  527.579835][   T27]  ? nla_put_uid_range+0x260/0x260
[  527.591558][   T27]  ? rtnetlink_bind+0x80/0x80
[  527.596288][   T27]  ? __local_bh_enable_ip+0x164/0x1f0
[  527.611273][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  527.616530][   T27]  ? __local_bh_enable_ip+0x164/0x1f0
[  527.632473][   T27]  ? local_bh_enable+0x5/0x20
[  527.637196][   T27]  ? _local_bh_enable+0xa0/0xa0
[  527.650296][   T27]  ? __dev_queue_xmit+0x1c56/0x3230
[  527.658433][   T27]  ? __copy_skb_header+0x47b/0x600
[  527.671776][   T27]  ? dev_queue_xmit+0x20/0x20
[  527.676485][   T27]  ? memcpy+0x3c/0x60
[  527.680480][   T27]  ? nla_put_uid_range+0x260/0x260
[  527.697450][   T27]  netlink_rcv_skb+0x1cf/0x410
[  527.707540][   T27]  ? rtnetlink_bind+0x80/0x80
[  527.718786][   T27]  ? netlink_ack+0xb10/0xb10
[  527.728405][   T27]  netlink_unicast+0x7b6/0x980
[  527.739426][   T27]  ? netlink_detachskb+0x90/0x90
[  527.749579][   T27]  ? __virt_addr_valid+0x3bb/0x460
[  527.760995][   T27]  ? 0xffffffff81000000
[  527.765181][   T27]  ? __check_object_size+0x300/0x410
[  527.770489][   T27]  ? bpf_lsm_netlink_send+0x5/0x10
[  527.770956][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  527.782194][    C0] rcu: 	0-....: (10499 ticks this GP) idle=1f1/1/0x4000000000000000 softirq=22754/22754 fqs=5168 
[  527.786082][   T27]  netlink_sendmsg+0xa30/0xd60
[  527.795050][    C0] 	(t=10500 jiffies g=28765 q=969)
[  527.795070][    C0] NMI backtrace for cpu 0
[  527.809272][    C0] CPU: 0 PID: 7145 Comm: syz.4.868 Not tainted 5.15.167-syzkaller #0
[  527.817330][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  527.827366][    C0] Call Trace:
[  527.830627][    C0]  <IRQ>
[  527.833456][    C0]  dump_stack_lvl+0x1e3/0x2d0
[  527.838211][    C0]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  527.843842][    C0]  ? panic+0x860/0x860
[  527.847900][    C0]  ? read_lock_is_recursive+0x10/0x10
[  527.853258][    C0]  nmi_cpu_backtrace+0x46a/0x4a0
[  527.858184][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  527.864321][    C0]  ? vprintk_emit+0xf5/0x150
[  527.868893][    C0]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  527.874334][    C0]  ? _raw_spin_lock+0x40/0x40
[  527.878993][    C0]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  527.885046][    C0]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  527.891014][    C0]  rcu_dump_cpu_stacks+0x223/0x390
[  527.896131][    C0]  print_cpu_stall+0x320/0x600
[  527.900878][    C0]  rcu_sched_clock_irq+0x8d9/0x1150
[  527.906059][    C0]  ? rcutree_dead_cpu+0x20/0x20
[  527.910892][    C0]  ? hrtimer_run_queues+0x163/0x450
[  527.916069][    C0]  ? account_process_tick+0x232/0x3a0
[  527.921423][    C0]  update_process_times+0x196/0x200
[  527.926610][    C0]  tick_sched_timer+0x386/0x550
[  527.931447][    C0]  ? tick_setup_sched_timer+0x2d0/0x2d0
[  527.936976][    C0]  __hrtimer_run_queues+0x55b/0xcf0
[  527.942169][    C0]  ? hrtimer_interrupt+0x980/0x980
[  527.947258][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  527.953310][    C0]  hrtimer_interrupt+0x392/0x980
[  527.958246][    C0]  __sysvec_apic_timer_interrupt+0x139/0x470
[  527.964208][    C0]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  527.969826][    C0]  </IRQ>
[  527.972744][    C0]  <TASK>
[  527.975657][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  527.981621][    C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[  527.987411][    C0] Code: 51 67 f6 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 4e ed 24 f7 48 89 df e8 26 41 26 f7 e8 f1 f4 48 f7 fb bf 01 00 00 00 <e8> 06 87 19 f7 65 8b 05 87 89 c4 75 85 c0 74 02 5b c3 e8 54 a6 c2
[  528.007013][    C0] RSP: 0018:ffffc900031cfbc0 EFLAGS: 00000282
[  528.013088][    C0] RAX: 70c5676db5f7c300 RBX: ffff88802843e5c0 RCX: ffffffff96868f03
[  528.021044][    C0] RDX: dffffc0000000000 RSI: ffffffff8a8b2b00 RDI: 0000000000000001
[  528.028996][    C0] RBP: 0000000000000000 R08: ffffffff8186db50 R09: ffffed1005087cb9
[  528.036951][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000021
[  528.044909][    C0] R13: dffffc0000000000 R14: ffff88802843ea58 R15: ffff88802843e5c0
[  528.052865][    C0]  ? trace_hardirqs_on+0x30/0x80
[  528.057794][    C0]  get_signal+0x13ee/0x14e0
[  528.062309][    C0]  arch_do_signal_or_restart+0xc3/0x1890
[  528.067952][    C0]  ? __do_compat_sys_x32_rt_sigreturn+0x250/0x250
[  528.074373][    C0]  ? __might_fault+0xb4/0x110
[  528.079056][    C0]  ? _copy_from_user+0x10f/0x170
[  528.083977][    C0]  ? restore_altstack+0x274/0x400
[  528.088986][    C0]  ? get_sigframe_size+0x10/0x10
[  528.093910][    C0]  ? __ia32_sys_sigaltstack+0x60/0x60
[  528.099305][    C0]  ? __do_sys_rt_sigreturn+0x19d/0x250
[  528.104745][    C0]  ? exit_to_user_mode_loop+0x39/0x130
[  528.110188][    C0]  exit_to_user_mode_loop+0x97/0x130
[  528.115456][    C0]  exit_to_user_mode_prepare+0xb1/0x140
[  528.120987][    C0]  syscall_exit_to_user_mode+0x5d/0x240
[  528.126521][    C0]  do_syscall_64+0x47/0xb0
[  528.130928][    C0]  ? clear_bhb_loop+0x15/0x70
[  528.135586][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  528.141459][    C0] RIP: 0033:0x7f2b895a0ef7
[  528.145857][    C0] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  528.165441][    C0] RSP: 002b:00007f2b87a190e8 EFLAGS: 00000246
[  528.171489][    C0] RAX: 00000000000000ca RBX: 00007f2b89758f88 RCX: 00007f2b895a0ef9
[  528.179473][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2b89758f88
[  528.187438][    C0] RBP: 00007f2b89758f80 R08: 0000000000000000 R09: 0000000000000000
[  528.195402][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2b89758f8c
[  528.203360][    C0] R13: 0000000000000000 R14: 00007ffe4047ece0 R15: 00007ffe4047edc8
[  528.211331][    C0]  </TASK>
[  528.234375][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  528.239635][   T27]  ? aa_sock_msg_perm+0x91/0x150
[  528.251070][   T27]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  528.256395][   T27]  ? security_socket_sendmsg+0x7d/0xa0
[  528.280970][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  528.286341][   T27]  sock_write_iter+0x39b/0x530
[  528.300289][   T27]  ? sock_read_iter+0x480/0x480
[  528.305317][   T27]  ? common_file_perm+0x17d/0x1d0
[  528.310361][   T27]  ? iov_iter_init+0x4a/0x170
[  528.330976][   T27]  vfs_write+0xacd/0xe50
[  528.335289][   T27]  ? file_end_write+0x250/0x250
[  528.340164][   T27]  ? __fget_files+0x413/0x480
[  528.353910][   T27]  ? __fdget_pos+0x1e9/0x380
[  528.358537][   T27]  ? ksys_write+0x77/0x2c0
[  528.369852][   T27]  ksys_write+0x1a2/0x2c0
[  528.377799][   T27]  ? print_irqtrace_events+0x210/0x210
[  528.389858][   T27]  ? __ia32_sys_read+0x80/0x80
[  528.399246][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  528.412395][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  528.417639][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  528.433167][   T27]  do_syscall_64+0x3b/0xb0
[  528.437649][   T27]  ? clear_bhb_loop+0x15/0x70
[  528.452922][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  528.458859][   T27] RIP: 0033:0x7f47bcb6bef9
[  528.471092][   T27] RSP: 002b:00007f47bafe4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  528.479622][   T27] RAX: ffffffffffffffda RBX: 00007f47bcd23f80 RCX: 00007f47bcb6bef9
[  528.497936][   T27] RDX: 0000000000000026 RSI: 0000000020000140 RDI: 0000000000000005
[  528.508366][   T27] RBP: 00007f47bcbdeb76 R08: 0000000000000000 R09: 0000000000000000
[  528.527069][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  528.538863][   T27] R13: 0000000000000000 R14: 00007f47bcd23f80 R15: 00007ffc2dfa15b8
[  528.559271][   T27]  </TASK>
[  528.562489][   T27] INFO: task syz.0.873:7159 blocked for more than 148 seconds.
[  528.570038][   T27]       Not tainted 5.15.167-syzkaller #0
[  528.585881][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  528.599148][   T27] task:syz.0.873       state:D stack:24984 pid: 7159 ppid:  5279 flags:0x00004004
[  528.614066][   T27] Call Trace:
[  528.617362][   T27]  <TASK>
[  528.620305][   T27]  __schedule+0x12c4/0x45b0
[  528.635999][   T27]  ? release_firmware_map_entry+0x190/0x190
[  528.646767][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  528.658376][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  528.670625][   T27]  schedule+0x11b/0x1f0
[  528.674943][   T27]  schedule_preempt_disabled+0xf/0x20
[  528.680328][   T27]  __mutex_lock_common+0xe34/0x25a0
[  528.696307][   T27]  ? nl80211_pre_doit+0x28/0x540
[  528.706175][   T27]  ? mutex_lock_io_nested+0x60/0x60
[  528.717290][   T27]  ? __nla_parse+0x3c/0x50
[  528.726663][   T27]  mutex_lock_nested+0x17/0x20
[  528.737874][   T27]  nl80211_pre_doit+0x28/0x540
[  528.747458][   T27]  genl_rcv_msg+0xf6a/0x14a0
[  528.758528][   T27]  ? genl_bind+0x420/0x420
[  528.767685][   T27]  ? local_bh_enable+0x5/0x20
[  528.780277][   T27]  ? mark_lock+0x98/0x340
[  528.789496][   T27]  ? __lock_acquire+0x1295/0x1ff0
[  528.801305][   T27]  ? nl80211_register_mgmt+0x3c0/0x3c0
[  528.806825][   T27]  netlink_rcv_skb+0x1cf/0x410
[  528.821003][   T27]  ? genl_bind+0x420/0x420
[  528.825480][   T27]  ? netlink_ack+0xb10/0xb10
[  528.830212][   T27]  ? down_read+0x1b3/0x2e0
[  528.844761][   T27]  ? genl_rcv+0x9/0x40
[  528.848873][   T27]  genl_rcv+0x24/0x40
[  528.858974][   T27]  netlink_unicast+0x7b6/0x980
[  528.868603][   T27]  ? netlink_detachskb+0x90/0x90
[  528.880127][   T27]  ? __virt_addr_valid+0x3bb/0x460
[  528.897659][   T27]  ? 0xffffffff81000000
[  528.901949][   T27]  ? __check_object_size+0x300/0x410
[  528.907260][   T27]  ? bpf_lsm_netlink_send+0x5/0x10
[  528.922569][   T27]  netlink_sendmsg+0xa30/0xd60
[  528.927389][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  528.941375][   T27]  ? futex_wait+0x634/0x740
[  528.945919][   T27]  ? aa_sock_msg_perm+0x91/0x150
[  528.950903][   T27]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  528.966790][   T27]  ? security_socket_sendmsg+0x7d/0xa0
[  528.981014][   T27]  ? netlink_getsockopt+0x5b0/0x5b0
[  528.986273][   T27]  ____sys_sendmsg+0x59e/0x8f0
[  529.002338][   T27]  ? iovec_from_user+0x300/0x390
[  529.007350][   T27]  ? __sys_sendmsg_sock+0x30/0x30
[  529.026738][   T27]  ___sys_sendmsg+0x252/0x2e0
[  529.051965][   T27]  ? __sys_sendmsg+0x260/0x260
[  529.056820][   T27]  ? __fdget+0x191/0x220
[  529.077700][   T27]  __se_sys_sendmsg+0x19a/0x260
[  529.086817][   T27]  ? __x64_sys_sendmsg+0x80/0x80
[  529.098860][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  529.109150][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  529.121138][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  529.127156][   T27]  do_syscall_64+0x3b/0xb0
[  529.141642][   T27]  ? clear_bhb_loop+0x15/0x70
[  529.146629][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  529.161281][   T27] RIP: 0033:0x7f3346b9aef9
[  529.165736][   T27] RSP: 002b:00007f3345013038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  529.184754][   T27] RAX: ffffffffffffffda RBX: 00007f3346d52f80 RCX: 00007f3346b9aef9
[  529.198708][   T27] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  529.218519][   T27] RBP: 00007f3346c0db76 R08: 0000000000000000 R09: 0000000000000000
[  529.239032][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  529.250102][   T27] R13: 0000000000000000 R14: 00007f3346d52f80 R15: 00007ffec0bc9f38
[  529.266725][   T27]  </TASK>
[  529.269794][   T27] 
[  529.269794][   T27] Showing all locks held in the system:
[  529.290984][   T27] 4 locks held by kworker/u4:0/9:
[  529.296157][   T27]  #0: ffff88807dacd138 ((wq_completion)phy5){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.317478][   T27]  #1: ffffc90000ce7d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.343315][   T27]  #2: ffff888060570d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  529.370971][   T27]  #3: ffff88807b0d97b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  529.391013][   T27] 4 locks held by kworker/0:1/13:
[  529.396068][   T27] 1 lock held by khungtaskd/27:
[  529.400920][   T27]  #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  529.420490][   T27] 4 locks held by kworker/u4:1/144:
[  529.439097][   T27]  #0: ffff88807c097138 ((wq_completion)phy23){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.462989][   T27]  #1: ffffc9000138fd20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.484124][   T27]  #2: ffff8880235e8d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  529.501076][   T27]  #3: ffff888073f097b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  529.522241][   T27] 5 locks held by kworker/u4:2/154:
[  529.527474][   T27]  #0: ffff88807b755938 ((wq_completion)phy18){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.549141][   T27]  #1: ffffc90002037d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.563941][   T27]  #2: ffff888074c20d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  529.582991][   T27]  #3: ffff888065a997b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  529.604849][   T27]  #4: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740
[  529.626633][   T27] 4 locks held by kworker/u4:3/669:
[  529.636914][   T27]  #0: ffff88807a848938 ((wq_completion)phy7){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.658395][   T27]  #1: ffffc90003897d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.680514][   T27]  #2: ffff888061594d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_rx_queued_mgmt+0xff/0x2af0
[  529.702826][   T27]  #3: ffff8880759217b0 (&local->sta_mtx){+.+.}-{3:3}, at: sta_info_destroy_addr+0x4d/0xc0
[  529.723767][   T27] 3 locks held by kworker/1:2/1077:
[  529.729001][   T27]  #0: ffff888017071938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.751223][   T27]  #1: ffffc90004b9fd20 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.771044][   T27]  #2: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x8d/0xc70
[  529.780690][   T27] 2 locks held by kworker/u4:4/1364:
[  529.796232][   T27]  #0: ffff8880b913a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  529.818841][   T27]  #1: ffff8880b9127848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x53d/0x810
[  529.841176][   T27] 3 locks held by kworker/0:3/2988:
[  529.846408][   T27] 2 locks held by getty/3325:
[  529.861058][   T27]  #0: ffff88814b0bc098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  529.870855][   T27]  #1: ffffc9000209b2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0
[  529.900523][   T27] 4 locks held by kworker/u4:5/3619:
[  529.906244][   T27]  #0: ffff888024104138 ((wq_completion)phy22){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  529.927331][   T27]  #1: ffffc90003317d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  529.944458][   T27]  #2: ffff88805f224d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_rx_queued_mgmt+0xff/0x2af0
[  529.963429][   T27]  #3: ffff8880764c97b0 (&local->sta_mtx){+.+.}-{3:3}, at: sta_info_destroy_addr+0x4d/0xc0
[  529.981080][   T27] 3 locks held by kworker/u4:6/3645:
[  529.986384][   T27]  #0: ffff888017079138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.007393][   T27]  #1: ffffc90003797d20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.021611][   T27]  #2: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50
[  530.030625][   T27] 4 locks held by kworker/u4:7/3650:
[  530.048373][   T27]  #0: ffff888076bdf138 ((wq_completion)phy20){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.064570][   T27]  #1: ffffc900037b7d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.083956][   T27]  #2: ffff888062d54d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  530.100729][   T27]  #3: ffff88805ba517b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  530.121107][   T27] 4 locks held by kworker/u4:8/3715:
[  530.126427][   T27]  #0: ffff8880171d5938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.146805][   T27]  #1: ffffc900012ffd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.169931][   T27]  #2: ffffffff8da261d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  530.183465][   T27]  #3: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1b/0x1d0
[  530.200031][   T27] 3 locks held by kworker/u4:10/3840:
[  530.209445][   T27]  #0: ffff88807e6f4138 ((wq_completion)phy21){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.231058][   T27]  #1: ffffc900033b7d20 ((work_completion)(&(&local->scan_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.251086][   T27]  #2: ffff888022eba9c8 (&local->mtx){+.+.}-{3:3}, at: ieee80211_scan_work+0xb7/0x1d00
[  530.272204][   T27] 4 locks held by kworker/u4:11/3841:
[  530.277607][   T27]  #0: ffff888024cdf938 ((wq_completion)phy26){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.300527][   T27]  #1: ffffc900033c7d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.321226][   T27]  #2: ffff888056fe8d40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  530.330902][   T27]  #3: ffff8880774c97b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  530.360863][   T27] 4 locks held by kworker/u4:12/4303:
[  530.367819][   T27]  #0: ffff888074e41138 ((wq_completion)phy27){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.388462][   T27]  #1: ffffc90002e17d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.413119][   T27]  #2: ffff888056fecd40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_rx_queued_mgmt+0xff/0x2af0
[  530.436184][   T27]  #3: ffff88807e5c17b0 (&local->sta_mtx){+.+.}-{3:3}, at: sta_info_destroy_addr+0x4d/0xc0
[  530.450878][   T27] 4 locks held by kworker/u4:13/5746:
[  530.466604][   T27]  #0: ffff88807afb9138 ((wq_completion)phy24){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  530.486075][   T27]  #1: ffffc900030b7d20 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  530.503534][   T27]  #2: ffff8880749acd40 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0xa0/0x1480
[  530.520350][   T27]  #3: ffff88807f0717b0 (&local->sta_mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x4be/0x1480
[  530.536173][   T27] 2 locks held by syz.3.829/7003:
[  530.548221][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0
[  530.570969][   T27]  #1: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x280/0x740
[  530.590970][   T27] 1 lock held by syz-executor/7112:
[  530.596210][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.616517][   T27] 1 lock held by syz.4.868/7145:
[  530.626484][   T27] 1 lock held by syz.2.872/7156:
[  530.642881][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: __netlink_dump_start+0x12e/0x6d0
[  530.660968][   T27] 2 locks held by syz.0.873/7159:
[  530.666027][   T27]  #0: ffffffff8da8f550 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[  530.684866][   T27]  #1: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x28/0x540
[  530.700148][   T27] 1 lock held by syz-executor/7164:
[  530.710284][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.728648][   T27] 1 lock held by syz-executor/7167:
[  530.738702][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.760630][   T27] 1 lock held by syz-executor/7170:
[  530.768413][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.786990][   T27] 1 lock held by syz-executor/7173:
[  530.796111][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.816296][   T27] 1 lock held by syz-executor/7176:
[  530.827057][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.847559][   T27] 1 lock held by syz-executor/7179:
[  530.856639][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.878251][   T27] 1 lock held by syz-executor/7182:
[  530.889057][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.908932][   T27] 1 lock held by syz-executor/7185:
[  530.915700][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.936190][   T27] 1 lock held by syz-executor/7188:
[  530.946405][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  530.966410][   T27] 1 lock held by dhcpcd/7190:
[  530.976230][   T27]  #0: ffff88802490e120 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd50
[  530.994637][   T27] 1 lock held by dhcpcd/7191:
[  530.999358][   T27]  #0: ffff888077016120 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd50
[  531.015513][   T27] 1 lock held by dhcpcd/7192:
[  531.020215][   T27]  #0: ffff88807996c120 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd50
[  531.036405][   T27] 1 lock held by dhcpcd/7193:
[  531.046253][   T27]  #0: ffff8880572d6120 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd50
[  531.067051][   T27] 1 lock held by dhcpcd/7194:
[  531.076816][   T27]  #0: ffff88805c21c120 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd50
[  531.093439][   T27] 1 lock held by syz-executor/7196:
[  531.098675][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  531.120799][   T27] 1 lock held by syz-executor/7199:
[  531.128757][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  531.146841][   T27] 1 lock held by syz-executor/7202:
[  531.157155][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  531.172846][   T27] 1 lock held by syz-executor/7205:
[  531.178075][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  531.196541][   T27] 1 lock held by syz-executor/7208:
[  531.207006][   T27]  #0: ffffffff8da31d88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0
[  531.223847][   T27] 
[  531.226292][   T27] =============================================
[  531.226292][   T27] 
[  531.247854][   T27] NMI backtrace for cpu 1
[  531.252304][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0
[  531.260309][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  531.270367][   T27] Call Trace:
[  531.273651][   T27]  <TASK>
[  531.276591][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  531.281279][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  531.286919][   T27]  ? panic+0x860/0x860
[  531.291022][   T27]  ? nmi_cpu_backtrace+0x23b/0x4a0
[  531.296142][   T27]  nmi_cpu_backtrace+0x46a/0x4a0
[  531.301089][   T27]  ? __wake_up_klogd+0xd5/0x100
[  531.305950][   T27]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  531.312116][   T27]  ? _printk+0xd1/0x120
[  531.316295][   T27]  ? panic+0x860/0x860
[  531.320392][   T27]  ? __wake_up_klogd+0xcc/0x100
[  531.325256][   T27]  ? panic+0x860/0x860
[  531.329340][   T27]  ? __rcu_read_unlock+0x92/0x100
[  531.334382][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  531.340457][   T27]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  531.346455][   T27]  watchdog+0xe72/0xeb0
[  531.350630][   T27]  kthread+0x3f6/0x4f0
[  531.354705][   T27]  ? hungtask_pm_notify+0x50/0x50
[  531.359734][   T27]  ? kthread_blkcg+0xd0/0xd0
[  531.364333][   T27]  ret_from_fork+0x1f/0x30
[  531.368789][   T27]  </TASK>
[  531.373043][   T27] Sending NMI from CPU 1 to CPUs 0:
[  531.378276][    C0] NMI backtrace for cpu 0
[  531.378286][    C0] CPU: 0 PID: 7145 Comm: syz.4.868 Not tainted 5.15.167-syzkaller #0
[  531.378304][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  531.378314][    C0] RIP: 0010:fpregs_assert_state_consistent+0x57/0xe0
[  531.378339][    C0] Code: 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 00 17 9b 00 49 8b 2f bb 00 40 00 00 be 00 40 00 00 48 21 ee 31 ff e8 a9 50 51 00 <48> 21 eb 75 24 49 81 c7 40 19 00 00 e8 68 53 05 09 89 c5 65 48 8b
[  531.378354][    C0] RSP: 0018:ffffc900031cfec0 EFLAGS: 00000097
[  531.378369][    C0] RAX: 0000000000000002 RBX: 0000000000004000 RCX: ffff88802848bb80
[  531.378381][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  531.378390][    C0] RBP: 0000000000000000 R08: ffffffff812f0da7 R09: ffffed1005091771
[  531.378402][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  531.378413][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88802848bb80
[  531.378430][    C0] FS:  00007f2b87a196c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  531.378445][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  531.378456][    C0] CR2: 000000002006b000 CR3: 000000001f69f000 CR4: 00000000003506f0
[  531.378471][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  531.378480][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  531.378490][    C0] Call Trace:
[  531.378495][    C0]  <NMI>
[  531.378502][    C0]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  531.378522][    C0]  ? read_lock_is_recursive+0x10/0x10
[  531.378541][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  531.378559][    C0]  ? unknown_nmi_error+0xd0/0xd0
[  531.378584][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  531.378602][    C0]  ? nmi_handle+0xf7/0x370
[  531.378619][    C0]  ? fpregs_assert_state_consistent+0x57/0xe0
[  531.378637][    C0]  ? default_do_nmi+0x62/0x150
[  531.378657][    C0]  ? exc_nmi+0xa8/0x100
[  531.378673][    C0]  ? end_repeat_nmi+0x16/0x31
[  531.378691][    C0]  ? fpregs_assert_state_consistent+0x57/0xe0
[  531.378711][    C0]  ? fpregs_assert_state_consistent+0x57/0xe0
[  531.378729][    C0]  ? fpregs_assert_state_consistent+0x57/0xe0
[  531.378748][    C0]  ? fpregs_assert_state_consistent+0x57/0xe0
[  531.378767][    C0]  </NMI>
[  531.378771][    C0]  <TASK>
[  531.378778][    C0]  exit_to_user_mode_prepare+0x58/0x140
[  531.378796][    C0]  syscall_exit_to_user_mode+0x5d/0x240
[  531.378817][    C0]  do_syscall_64+0x47/0xb0
[  531.378832][    C0]  ? clear_bhb_loop+0x15/0x70
[  531.378847][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  531.378867][    C0] RIP: 0033:0x7f2b89597ea7
[  531.378881][    C0] Code: 0b e9 68 fe ff ff 48 83 c4 18 48 8d 3d f2 79 cf 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 33 f5 fb ff 0f 1f 00 b8 27 00 00 00 0f 05 <c3> 0f 1f 84 00 00 00 00 00 b8 66 00 00 00 0f 05 c3 0f 1f 84 00 00
[  531.378894][    C0] RSP: 002b:00007f2b87a18b08 EFLAGS: 00000202 ORIG_RAX: 0000000000000027
[  531.378910][    C0] RAX: 000000000000003c RBX: 00007f2b87a18c70 RCX: 00007f2b89597ea7
[  531.378934][    C0] RDX: 00007f2b87a18b40 RSI: 00007f2b87a18c70 RDI: 0000000000000021
[  531.378944][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  531.378953][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f2b89758f8c
[  531.378963][    C0] R13: 0000000000000000 R14: 00007ffe4047ece0 R15: 00007ffe4047edc8
[  531.378981][    C0]  </TASK>
[  531.718951][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  531.725917][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0
[  531.733913][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  531.743975][   T27] Call Trace:
[  531.747260][   T27]  <TASK>
[  531.750194][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  531.754887][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  531.760543][   T27]  ? panic+0x860/0x860
[  531.764644][   T27]  panic+0x318/0x860
[  531.768557][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  531.774200][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  531.780368][   T27]  ? fb_is_primary_device+0xd0/0xd0
[  531.785582][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  531.791671][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  531.797857][   T27]  ? nmi_trigger_cpumask_backtrace+0x281/0x2a0
[  531.804042][   T27]  ? nmi_trigger_cpumask_backtrace+0x286/0x2a0
[  531.810219][   T27]  watchdog+0xeb0/0xeb0
[  531.814406][   T27]  kthread+0x3f6/0x4f0
[  531.818487][   T27]  ? hungtask_pm_notify+0x50/0x50
[  531.823526][   T27]  ? kthread_blkcg+0xd0/0xd0
[  531.828142][   T27]  ret_from_fork+0x1f/0x30
[  531.832590][   T27]  </TASK>
[  531.835943][   T27] Kernel Offset: disabled
[  531.848398][   T27] Rebooting in 86400 seconds..