last executing test programs:

7.634016883s ago: executing program 1 (id=4900):
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000340), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
epoll_create(0x47f)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0))
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, 0x0)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x20)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x118)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff, 0x3})
close_range(r6, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x8000000000080001, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)

5.947422163s ago: executing program 1 (id=4911):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000c314611803000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90)

5.559991754s ago: executing program 1 (id=4917):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x442}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1a)
syz_emit_ethernet(0x46, &(0x7f00000020c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x10, 0x3a, 0x0, @local, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {0x2, 0x14}, [@FRA_DST={0x8, 0x1, @private}]}, 0x24}}, 0x0)

5.485599505s ago: executing program 4 (id=4918):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x6000000, [{0xfffffffd, 0x40000000}]}]}}, &(0x7f0000000f40)=""/4096, 0x2e, 0x1000, 0xa}, 0x20)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f00000006c0)=@mgmt_frame=@reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x8}, @device_b, @device_b, @initial, {0x0, 0xe3}, @value=@ver_80211n={0x0, 0x81, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x0, 0xbf, @broadcast, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0xc}, {0x48, 0x1}, {0x16}, {0x12}, {0x36}, {0x6, 0x1}, {0x1b, 0x1}]}, @void, [{0xdd, 0x4e, "1651b24f03e185e2062bdf7ad2b7f8478ba1e4e93241ed1e38615d984f546f4fdda2106b9aac26574e8213bd0b4977736b0000008919d52971762e749e11b5721f5b1fed10de25a1db77d8f181a2"}]}, 0x87)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000540)={<r3=>0x0, @in6={{0xa, 0x4e20, 0x81, @empty, 0x3f}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000600)={0x2, 0x0, 0x800c, 0x4, 0xb8, 0x67c, 0x1, 0x39, r3}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000000)={'wg2\x00', <r7=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001000)={0x4c, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r7}, @WGDEVICE_A_PEERS={0x30, 0x8, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}]}, 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b7020000000be9ffbe0200000000000007000000000000009500000000000a0600f08a000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x23)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000240)={&(0x7f0000000480)=@ipv6_newnexthop={0x28, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_OIF={0x8, 0x5, r8}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x28}}, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

4.171239783s ago: executing program 1 (id=4923):
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
pipe2$9p(0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x8, 0x10001, 0x9, 0x1}, 0x48)
close(r2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='ext4_writepages\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000000), 0x9)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x0, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x0, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x4, 0x4d, &(0x7f0000000040)=ANY=[], 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000008500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
rmdir(0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000020c0)="c6cfdab7e6f83fe5e44dd3a8d886a720a29cfb7e50ef99fcf38be6c3b9a9f8c9fdb7b1332c99b85247977ad2d66a577e6f0853366c7561476cb35cf07e6fc1c21d33853a21771a8835a50d941d35a4ccb511cb67ed64259c99811f0e6f176fba1e0fa45fefe030a588f0cf64895fb12a794fd0bd176a38440328d3c6c24c85f50e95c5190eb03fb04f1eb34cae287ed75c8ca8fab2c04dc1fafa14ef93e2a721a12238700dfdabd057e94e697534e1af81921756270313d22a185c146852a5e94300bc8de9904e8c6948d5d2aed05337b9572ee74b77209c6b4710e87fa6661b19283079a46f70a538d96f484b63171bdc3622fcbab6d9bafeaacd755923209c07b8c2f39c04ea713020bcd9e6f1120ea3fbc8dd0b55986c05aa0c0b13ad52f250e9505ba53a887ed7c857e0f56282d6dd5932930efe384bbb198c50aae4b9a65e6a6ccc2904a9121a28df865011c39a54fb0f890cc1f7ef5f5172754f1c2aa8e8acf8c754f22efa88ffea91f2a14133e0a7a8a06bc80d042ce1affa2ebc74b49b48169404b33c62915e54c554d10bc432ec988f7081a8690335d58d0a819d33296db1377af876d84fd557f9a2018ee91f7d39819fc72b0a9bbdd05d6efe6cc459cd42e16f955dcb1a6a2b8b2a71b3a7e1bfa82816abf8c7d3688d53decbc480eaa3821cef557290284d9c504a63768852e15b39841ef3648f14c7edab006a30c7bd518f300df6ff307c0740150dddfdab1e408edb96b2e6ed612b0bc2fca570fa1813d86160a766fe6c11cdbc7a67014fa7645b4b1d3aad378bcce27aa4725ecf7675b2682cc5a15673136e7181ed5ef122017dc72df65af147dcb9ac702f8a6a2eb3f6824ba7db3c32fa4bfbf63dcd45e42a49b6edee22856fc2a43aeb6a3eea91dbd53a231b559ca7b38564853be3bdee7f820966faa916ed4fd335159328f8b727ba068b0ade0e11c9f2c2af4d5244f5d49f9c9f94105a6fe4c71112bcacf9c3dd2861d06cb3fa6b2159bc2028e513298b594ca7da60f4ed30edd7b066c23ca7d9b7d9555b47e687b43b7b5ca3210d939e34dd3d176d8b3d3d2f32f28518aa8b5169362fee4a4ede7d3d218db0ecc3de14789344df20188d907093bbf621fe67ab2a1f29221b2ec334dadc15345fc829005f4f81fc13ad0f5590742295812a7f2108cbbbc37387a7d4174592bf4f94f272306942e6c44b23e96d92911ef416b4159e81b19f267aad20c2aabf7fd285330cbf4c1bb8ac86493e0ef84de88eb7953fcf833e6cc5ebdd50b706bcc148971d24e9d3736ed66e28f75e6a1e2c9a4e2abba887b27815d2f5739fe5f8afe7240841337bfe7a69308186180fed5736fe3cbc2892cb991d0f4400d66952459c54a16448f06fd49995aa65501631d5c42e2abd8f0d890a6bbe49b384bfe27599afd536493981be5f7dbb15bfbc198fcd8ebfca182c53156742e237df31c1dca495e40cf030623a8a081e3bec3b8e5109ba05c0830ef00ff98a4419bae14762d8e0a790c1d517f1f683bb1712a6a0951f024a46efb5c2122460495fa0f4ebaae86286b8a626be2052874f947f18b0c2860ce681a33d5f4217415363fe7a6f8fca125742f03433988d88a5b8e2bf4f3079eb990b6e1ff381b7199717fb885f4f37351bf18bedbeeca351b7bfca5b791b91be0dcf8d169914c449829669e0577d1ebc4fa783d57e0c695cafae201014831a16d8fec47f22d9b79c2acc820f4dba9d1a2986731681ed1f8dd1e83bc2d491302d2f769e6b0bc470404930cad6511492b3adadc6f5073220590d1ce89a520b6d51d6903dd54360cd7047aed76e0a6cd3c3625e67b7c1636fd627aa48f1ee6dd567730c6ec19d1634f62a77f70c64736532455f0d2ae85003e7bb32f06b480a9f7fba5e6917305fd77e38f6936e49c1a3b2a07e242ccc2f9d629d7992937a035574b3efefd515096e30058cb60cc89d8565205f15e71d805ba5d1c4f7b971918e32bd81611a574fc651bc8094f7f3aef8a3ebf95aef1c062ec66e288b1d1ee17ab75723bc46b031744a25cf055c1bc8b083313e38d0fd5d60e832ef28fbff4c93d2d2ed283575a486167c7158e08fe7094d23984bdf38cf6000db39c5d0f7db72325af909b18247d8fddd89eff8831c294d52194a11dae2339938a79ae903eb63bc6e5535796e1c0416cdad01e1493a3075930a0b3b50ad904ff760bec5c6406b10808bf13251df73b4d6fd149a378ac277ccbbfddd9536abdf5c7a8d29e128a290f0d56c9635540f4c9a3ff1d3e0e2b974b50497ebd690dc9393f8b3acfd1650627db8ab784233727f997dab536f1e993980a41f510fa0128d6bf2c8445ed1578b25a36e05f7170b9fbe8ca63e1b4a7235c27f56790c4dd38168ce26358d12b143e9dbae1d01406778250f1c77c80643016ffd4a7a6703b9c3dfa4e7b51fa1d59605d57c9712159eb34c306a988ac95eeb15c3225ccd022d2ccf5f31a81009d2a25891b83e60efe8f718d6c124202f108d23e5e6c89e269890bda8e5681315db361cdf30e4269f2cb530a188f26621a8b263f22bb385d779b3c4eebd16656451087457892e15074abb1c796f0b7f635b9496f3a17220716c449c11c0e82b67b8f1ee6a2709a20676f40f2751df3d74db503db6cb73c955ae1d6983da44de4d349004f3d9db4ba40124416a67bd18d1d9b3c1e4706ddbb2099a2ae16e99c144860d46ef66bc6844963c0563fe2cb8c4049dea32ce5656fbfec6d1aff7ef48bac92c932c9787d9e4cb0c78fc3d70f730c452c20d077b4d9ea304f1b8a2967b1e7af7f05fd35f84d633bf5095b1af53a506f6f61abc99186eba707843e9db2a18fc1c6c77dd79ab9353eaad6457245709acbe9cb381d4458eb5571fa4f4df069ae668b1df2c97f91271be5fc2040031c3980c7555af2d4186875ea4599c873ffaf47aa08c27a0580ceef6251dce4cfd6eb175a1bf36c1fd750826f4e14966e6f196b68da0a524baf86f49ce8c09430554b50a0b387c02ebd59fae9caa1054cba1304aa6732f3990ce6b7bca6b65237f0fc3c79a102e2989dcf3f884002f2efe83e25a3fb217c24c4f66e0973e7ca62483bb52c943ccfbf31324f2b7938de0555a54f47256c903ab65489906c382d7d1022f7f302b186d18b5775e042ba83b874793420a6d854aaec01e3c819d0b11b51558fb9c10b1e2ff96639fb119d90f80aa302c9a6420b4b1230d79fd1e8105259c4ebf9cc3f1eac67f15bcb9d49ae537084c96994ad08214ac07db663c1bbce6499b5665fb5a949ab3d65062467824a2065a9de2f1edc243e03ad38f0ef227519de50a3dc2e8f4a38538be5557c5de56d0110a0759fe96b0e66d20fcb6066995f77fba9c7468434a53892cf2b3f41d58e08bd2ea3b1da2a1178acf50249d77757353943cd126b511098230698782ca88d018381f233f4331d3980f72f30caf915a18794de1253734b89303f25826a80ddd75a9bdf14c6f01690833190872ca5431ab92ab3dca92595983b11de0076125059234720906641119dab9c96be9c10d60fb54267bda61fcb85a491df037cd563b229eea02cd192796d36803b04691d385471a5f68bb76afafe9df28f50dcabfefc8e2eb334bcace928b8eb8f6449116fb5a0fa4a0c51e21b8b1f99308d396db60418cb5385bdf6bce7227e514f6cbc9a9fc50b79e8b0530fd51b21679ea1c404dba52811b3c9487f670e622ac7b1ce8028eadbd882d4325663d8dc4f0960c047c5f3099c90c6256bc11e8eef6b325e0f1ed00279a695f2828762f28ecacdc726aedf42064727ec100ffa74d38d47f383946b9f856e53cb939f98df1bb5af2a12810a619f205e030a302628ffb9b2cfcc2e881e239f33844a118a4de2a5c3d6b857c5105db775a61c5d54d1d82048670e8cd2c44a032904005125eb9f999e845efba3a063e3e26b06298f28799975b51118eece2b7fec02d4b888bfb90919bec287aba71296c66dcf749efa3abcddfccee6ef80d03a1638045f18fb96131cbd9a93e657c29eb74de40f433969e1988ac335bdd9c671b5b75ce6e2440be247775f9d597b4d8523c283e774ed0987e10b88e0c5616720502149db329babc91b225359927f88e0b42f02d41a4c9e0ad7c55a0d2c52cf45da6152c0c742f661b562c3a8ecff1145cac3f63fc053e1a14fe7a57742ab709581604fabe54ff13172b5049434d12f6ed9623265af643f725efea21e2ac1b82365033b9cff4158318f40c8894d2bcffdc954fcf7068c97ca2d2b1bf19b9232b918864e3f63fd59f4c8c578821ec5083e46363d9158451c5a92b425e68081b2c7572df44658a4aae41a439c6bb4bdd2f26ff2a357fa2946e5be5cd97ba25f73bbcc6c05fa966d0aa0cf2e45f22e0021468b37d5afebbfba3233e2cd4fd64e1578be72c38891224cd6c70c4cfd146df6a8142f1493772d48650f8fcbd1435ff704e02ec121e9f43de623eff8070f88a623cd395a02b6b1ffe4ea7ae7f443dc8bdac2cfaa126d4ac9d7788dc972c88fd87d3c8758853f1882532e4ff298b466e7d198daa9015127f2937544b34aaf545f39ee00d74e0e1017a30ff2edff701d53f3a13fc61b31fe7d9032a6c4a517c7527e48c0c44a2beebc9a9f9e6f989bc6c255e05bec5ff99547658143d9eb43a1d96aa5288638b4477aa1f84c59d41194335c09d9d5d660640acb84b53520482fb200ca616e1a6f486e6da3e6721479e85d0676ba142d95ecdf1acc76a49e9bf016f951d8b95adc7e8d4317ddbb28b678135a4a9b98fb8b8b5948b682ee70e04a31f7e3c49c52a11acbb29bd8152bbb4fedd2aae8e7ad5330365213d207677855e6cd72bf93502c14b11bd2f2d6e797efc2cc5bc198730e5cc51c92751ece5c167b3328a6deed4bd73c62623bb3874c9ef18e24997e3ac93b0ad9ca7ddd4c0401ec1b942cb21dfe6abfd3aefe2588ac1684bf6b37dc09d9b9d932d5534c707ef8fe0812a403e057d00955559ca3e0f7e70d3cdfab918b8d125061fd53374c97bd0c9d19e68bacb3db46974d36cb1c96b4475acaf4d46b88a578ed570ce09eb540f30cce4c3f853a9fd669ca36c36ff1f0432713f60e6d6bc789fdae7c7fcf4049e6166b63a12aaa3da6fc35d8783020ceb92f7f90082d4826735618905fc9fdbeb65990882ce130a7e5ebfcdc796ef293019925e80af5074bfed5f62833d9d98e324dd54e30e1d69a15e4beed5da9c6ec01a32978aa29cd26c5703a28e504e7c9264e0421718422b88ef90f6fb4e51c619f29b5fc2f600f88be036eaf28d7f5433715bd493ce55811901a59964f20ac0b06dc3a555eac123c40d3b397053501523a51e8b53a92bbd99ec3bdcd57904cfac3c0d7bcc6613b11a771d32f0f6c60c05449b42820c0a41f757ea1efebebb37f8ea567b2f7dcc4a67ebbdc00716a70f5fe255b9232e27ba05888e034fc50ac0934a43c84577183b83019008edbeb27546e8be7d8402a4c1852198c0e050b96129fd66247c39abff19338300fc3cbe20a395e5805d8bc64c2d87ba27264716e211ab023765e8d454b637aa1320cb18eb4a3dbfa94027a4d75a9a2cc784cbdc22694a8f7e97bd6cea5a4e26b538be9a9dde5637be2d386a85a79ed4df541ab7d0b1370d99d2cfd1f7bf1458bedd0a53f5e6972ee424ed08acb4b49db83cae427d315d1fea4e680258e73b3fc50fdb77692c8798bcda57ac0c34823d69a8ead14c41e9613813838ef80f63138cc9ba3a6b83dfc77b6aa1248678409bd96b64c0b625e88e33262fa0bbee94fec8f3bffedaf8b12d229d0f637848a1dba01892d80f5a5596d37ac1c9c54d32dec3ca56b49aa1157583074af418d0d95a5a46fc3c234814e377963dd4c9c8a5f7cc35aacc892afb9bcede477760688e06f0b2c5a702954f4532c715151eda02f78830129b2612de8fc62fb992d1ba52da164920eb1d1dbc7d1f8f16e31c763581f4c478cf7a84cf01ca904160475a1eabae393bcb852fd550374002bad1ba0827dadcf3f6a2354a3f8f67e6da4f567fe21f55cc34840e79f6af947561c79a141721f6da4625a20fb203f96bd1a3b7322a14a0ab4a38835e1f235f772a18643824cbb9f76664b1212c785055ae17e89f590fdb1b81535e1e3e8a726a9aaf67ae2a8e67eab8f32781bc21027cb1babd932d63bafe7faf48bc57820c5e32288583db4cf369a7fbb479e1e97ca67f63b1880fb33ccf2661d7af9041ea1afc0e90ee0b4b510d094268e4576584a17fcb21b3c3f68bf1e1c4748177cb4cab92df4c254e0d0759d507e5eb096861efcf1aa66805474e3bd32f7055a7d53d47f416d24a5ac7d5fc953206db3a012234d8693e0ff662457ddaf977eaf37d043c407a7ade1fa8eaf85b6e1b1456aec3064ee858742f4e22f2d6084e3881a4783b3a9086009202eb6eb77fc1ce2236d6384cbc62c7db9cecd2fdb06f328d49c066562cf1dee863d33b48288fbb1d4d5bcafcd1b6391879e670c7189bbebafe48214d6e2b405e36192e1067eb8d0363777a174e630467673ca968ea51476b0b8a04d598f6fc593d3f3267ab37e17831dab86a67aac3ec8336c5b6e9e416b1f46d0a9e8ec6c515d86e773baa409e2afae30ea1744f2bc777af11c42f2bf6177e95245c6d601f7cb7b589ccda76a2a314dab023da8128c667a0df682f5c7bbf842a2bb51d4d842cd09d02d67444e5d8ae1f3260c4ef2da5a1c4121fdd47e953d03ff6fea10e35db2c0c110704f513b9d1c57c9da80881ced16d92faf1be60471dc4d82529ea50fd6060be18e8e6deffb15e0a0df4e36117dc22d78bd43b3fedb24cba54c2f2e3bba015bc4c817f70fc1e8b21adb04a9d8c229e9ec178fee0f35d4f169bb7dadd14f46ddc13fc62da4e21e42270a4ed0d60b4034db31ee1e13c97d8d941b2627b255d4283cf0af9044a65765ba88dcb2010fae98a6aeb0a5605d8a904d1cfa0cf8fa67a9d29670a108f014a1b21862e20d4f0f3f0cb99c97f289c657dbd08237aba2f616804ebb0e71819fa46df1a018d8336b534391596cd24b0720dd8a95e5c74b9d047da1da93d653b2aa98e67a65c3868a0c464ad24d427c3c81b41f0b2fb78f6aecd5487c29f4fd871bec21f54d22b661eeed67c866cdf057d585beace568ed52a4399dfdcc8c9a80c94f3cb92f0974b9b33ed893e8db33cf95220e03f3d28edd8b80991b0754010e7252392d1e846011defb6c46c73ee015bcb9b288f6945771af90ddd8c548eb6649efff32b0a2b36e743e46135e47fc65d1eb3f7a580104c22bbcc75ec041813cf2496a4793d17112f40333e3c874e0bcbcd889a6bb484e43632b2f9a628a461a2a5d58808b848751642b5c426c50fd82398894dc78c56ed1f0358b626cde2a0167dcb210c8ae2f6d9c95356331cf2a21ed0dfd5165bcac2681ce070f60ffffe69dd75836c4be0aa7f8630bf345a32d246c838552cbb35a6dfdb6ea54c4ecf0ad16990901b7a72280872fc807eda1de4fdce2c223fd089e0f0eac84c1e2980b9b5a032dd1294bd2eb49372f55b9b4cf4d3c1b14050bec1344d71a8316e173bd36f5917100de4dfedfff896517a04468006e5c632c8ad15521324f3abd72545b47df874a4a95d3bb30915ebcc3ed371528f89c7e943286a8cf4ff2cca3f3496ded16b139658bd5d3323ae9007b4dab665cd24e7888735de2cce7bc1b3af39a6d92d787dd237f8d72283f7aab1d99985f3783e5cb0661cadb552293f189f75e7f3fa933c775a27415a3ad22239986364ba7a582f2d9c31e7247aa8d44d5a7e8169fec65daaf62756b34dd307ebc7fbe8a8023aac1553fbf15b48a8ee3bd0c35c7ced684f667500ab2997aa75382475eb35888e72b30ad5aad3910c5ead6797f4182adce92dafc2073f1529ff5f1a42daf3c78e499039864e8e768fb11b33c0d7779e6128579d882761f9b21fcc0696da03eeb049c90b86da8dba548058f0caddb83ec9051a04f3133341e9a17a17b72ac20cd9e242fb383365f6a2f5c795087c7ee682555adadb7305bfe2886a57f3718f30f24b52d481aa35eb2c40417df5ea9d8af1b7b871ce37fb1c84402d269e3a01a5c9a00d3c7d6ff21c90d437066850ea92773288ba925294f9368b74fd1f3c4512ae8be2f86b73641507480f3db07634df10fca86bb4431664ade710d5a8894c368660c95f7a0b8ce5ffcdae136b5c8b4ed8c3b4cd9b71079dfd6d1501df9b7f1477b516f3cceecb2def619c05061502b253af7e3deccc839de56292c95a3912e809b100897a85705cf59af66e194143d13c12b6dc1a31cd15a74fe57666931e3fd6b75512d22f063c68576b1bd6a1ab6d7f4065447daee300b7d4fe330daeda866beb44eb8ed4041d0a36bfa49871e0623eb6f5d7b967e8f969985063e2fc4f4097c2a5189b10c1776713f78193c6e0e847025936b36eaa2e817ebb45c375f18350247f6586214a200f2f17536b52b8fa196d4a6a77317807075d130a77badf745a6076b1241e47942501cba893fd0db02545e49f559e9712a60ffce9f3154459c69984de49e11192266196497c81b7c5b45997c1369c8e8490b1a748985fd4c9ab8929d17a51c331dc160c8ae8d2961351ef103e3427299e4f28faff6ac1905be2814cb02511472c7232bd104ac438d846b4a727df2ed24364e061f157c2447e7d5265b1cd75797603e220a9d2e280868f3c2c56befbc6b1b1a07be1070b293adf324b3aee5140ef5f643c952726d9b770989b07f2cdea2e1d6951027e8b386faccff07b2547dd78aa85cc113b599ab168ef602e40fc097396341a8e5b97b59032110ddf114129feaed96e85237bb4bb886b287279b96234c18947ce7d2d5e92dd5c68829edd271bfccff21b87f6a061c9b43b51252add291c8f59be1a222d00fb7719664a8b89c452e78cf1d491a036107f0a521545fd96d2548735847e278065c196153028b91f59c7b70f9883f14cfb3343bb230f4af9bd51132cc62ee5459e34e77bb2983d30e65e65ab769fa0a0578bed01f33c76f4138208659a97fbbf380f1321336c14d21012f3cc4ee2101d42321f0123d51377e319e4ff4551f7f83ca62ff9448a28b6134da582f609be7dea5d70370772ef2552f12e97cf390ee2697022168d622ae0c813d86a43c25c758162ab0aadf25c84c790fb32a459997068be01325e473871cb024ff030070434d197558b8df442e1d2ad0c7b33fe021fa6cd57b7477dd76c6a802ddf405e909d48d23321e986d791b44d32d417d63638246fcdd661e6a1453d1411ec85fa0b750354aecdd4f4b90a420d2d4f67c514f15a8fe590735f660dc5eaa7f2873c7841edaf2c0d46a92fc07c6cd22fc978f74bac72e468d96ba370fb88f9a629d4de0a8a83d43c1949aae33fe24859c1bbf8663adc6936e305cf9c56aacc84e7515caf18d0d049bec2f0a484b75a8c2c23abbca66b039a52e606f08df0a3cdd2dc6449e84ce463206d2878de0e4d0f438764a0fe360e95494e9e61581001785b081254971197024460a68ec029052f2d8841dac7e714798027696067e739cd1525df28ac9514c02e25f8ea1146e356fc5941e4661cd244dccee4a1450e4334a20cb572b842d44a8431abf4d5bb82ac6b78ce3c6d394e5969c6fe8216805f6e2db2889f27849e0dd26a5a387958a36c833a8b3d861033c00ffef267e4b09350ca1b819d5c83025e4ad69328970db92520e6ce569d5632caeb6dc42c8f6f8759256ad9c1ffe8c30a92b795bf00544714c957d5d982a4e91ec7a30dfdcacbd41ceb61f208e5442f7f7ce19ba2f0dddf50020ed1c271afe5007277e2496c3bc7f3101d6fa7f0ea2627a99de0c441a11c6afbb721037dcfc897fc5d9e0ed644b9c3aee328bc2beb3801d2bf43b1e360759c1056c74a63aa33cb6e5933b7a0b4f654113ea5830de7e8374e939e4c794be77f1f0c1e1bcedc8f584a56db0c38b6c8da60bad62b41d754d9b6cbf3379374a6126db0ef1ee2da5862acaf117408ad26c66ec8ee4f9f1844fb4cc64bc61212b303c7c622f05d29b7fd540bdc253bc948d373886e5cd4dc9bc1b551dfc514f12cc64ecc3b276ab43a4adc2142fea9c5ecf983b0841729d1771b51c2ff787ac2439f305ca3fe31cdbe24f034fcd3d41141cc0ed5cdd82e3171be1381ad4f0bf81b3be200524c98cad5a3dee3ee618c97d0678c7b4fbf729dbc2baaa2385fb63e6b906b08681c19d55200924c0edb4c3b48463fd9c2ac86510ce1e0a641def11e9e7b7fa74a629895221b06a15c995cafe55dee6c06e01b34f4f18e5ffeb76ffb412277bdfa4cee10823a1e55832c3d1d19ba5b84560668b33fafc672cfba1a85c60c61c45bd562506d9d28542c4b4795ed011a8005862f7add9dc2533dd29d0ddd534eb0a3b537b391c423b527b3ae4ce0c829a6efcf8671e9e5224df6ed6c1f20452cb46cd578a620788f9af325d45825ced3043ef3693ffebf7b881518ba2c71587251edf150772ae1e24f4415f9d9307151b8fbcb83d0da908f4b6c762b777dc406991353e962f181bc06e892ff9e49e557639dafd09b291f79720b866e46bcf14d5bd1ed15a468a8996ecec8ce3d9890fb45c96804dddfe5b7280c0e30934f129e14b344506f70d484eea40baac63b89dc71b030a6c8149ffca2434c773bffe76bbf2e778f0034666970a96bf336ee5240e765ea3715382bd8fe19c5ce5a8814717d87d4d6304a3b0d6581a6fed44975ef8a8186c19a513f5c6c0610acbd31fd58e2cb683162464cf7f50ade879461ee91f433b09d1febe058c101a0ff96cbffd547c2beab15ca343cfe592ea435f980ff03e0aeadcc80d64383d287997a6a937fc22221cec2a1aa6e8dfc1dc6e0f2e02060a18c09957376a72e165728acddf73873a958f43bcd2e9c6c71a83f744bf14c75f5e8308523a7d39bcbfd832c6597b2928b07630ae50540bb71b44b5b4040a1d172fabe8dbfb96a99e7498b12dcc8ed9e43fb36c202d019b4fbe11f715f5de76bede175c22d8355323eb004c5021d892fbe48fa7b6bf382eb03d0e447a38c63bb7fa1154c2cdf08a1cf5fa95ec75a5aa9037ebf8916cb78e6da650016a0c7ed34290e25e2122be24e4373c49c4fc81c39ec1a1ce4b658e1b80562bf911a1f6a5fc2e69d2554d4abf5ad79d9c9b7d9ac8c4122c11f590a35dcee3fbe185027832b4e2a71ebc591a60bb874b36b415b455bd942fe1a69a92b70ce1a1c867c85138449529cab5f63feab609a2ba3344191c416d8409b59962bcee1c4a40874069e28432fcade20f07c9259dec75fb978a6b84b6e8f50fdb341c7c19f55a8fa389cf085f44661c9618d56d32be0bdb3b2928fc2c372e86ea109afaee022bb832e80e869c7cb1053921b862b27599d3665f7fabfd6436743ea893ec43e4e4daa598127df8ee3249be4668d717117a038f0e734a894457df4c64dd76a9d9d42efc29f2311085c9e6fcef385f40af94f283edca078797e96b79719875aed3900252c3acc6a92e23083b3fa24057d9ebf7886df99d652e7d18cbd445560a0afc81bf7c011777837f94b32094fa1bc99472cc2a40bff245abb27d3f628b1b649fd", 0x2000, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
syz_usb_ep_write(r1, 0x81, 0x1, &(0x7f0000000000)='B')
close_range(r0, 0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)

3.79134825s ago: executing program 4 (id=4924):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffa, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"})

3.232870493s ago: executing program 3 (id=4927):
mkdir(0x0, 0x0)
chdir(0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

3.226421463s ago: executing program 4 (id=4928):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00'})
sendmsg$can_raw(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x0)

2.894606567s ago: executing program 4 (id=4930):
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0285628, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8, r3, 0x5})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0xc018aec0, &(0x7f0000000140)={0x1ffff})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902"], 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x6e40b000)

2.082365969s ago: executing program 3 (id=4934):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x6000000, [{0xfffffffd, 0x40000000}]}]}}, &(0x7f0000000f40)=""/4096, 0x2e, 0x1000, 0xa}, 0x20)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f00000006c0)=@mgmt_frame=@reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x8}, @device_b, @device_b, @initial, {0x0, 0xe3}, @value=@ver_80211n={0x0, 0x81, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x0, 0xbf, @broadcast, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0xc}, {0x48, 0x1}, {0x16}, {0x12}, {0x36}, {0x6, 0x1}, {0x1b, 0x1}]}, @void, [{0xdd, 0x4e, "1651b24f03e185e2062bdf7ad2b7f8478ba1e4e93241ed1e38615d984f546f4fdda2106b9aac26574e8213bd0b4977736b0000008919d52971762e749e11b5721f5b1fed10de25a1db77d8f181a2"}]}, 0x87)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000540)={<r3=>0x0, @in6={{0xa, 0x4e20, 0x81, @empty, 0x3f}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000600)={0x2, 0x0, 0x800c, 0x4, 0xb8, 0x67c, 0x1, 0x39, r3}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000000)={'wg2\x00', <r7=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001000)={0x4c, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r7}, @WGDEVICE_A_PEERS={0x30, 0x8, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}]}, 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b7020000000be9ffbe0200000000000007000000000000009500000000000a0600f08a000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x23)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000240)={&(0x7f0000000480)=@ipv6_newnexthop={0x28, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_OIF={0x8, 0x5, r8}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x28}}, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

2.042980756s ago: executing program 0 (id=4935):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, 0x5c)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)

1.880113289s ago: executing program 2 (id=4936):
write(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = socket$inet(0x2, 0x0, 0x0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, 0x0, &(0x7f0000000100)=0x1e)
ioctl$KVM_CHECK_EXTENSION(r0, 0x40049409, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000040)="08000000010001", 0x7)
io_setup(0x0, &(0x7f0000000500))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000008300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, &(0x7f0000000700))
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8924, &(0x7f00000000c0)={'wlan0\x00', 0x1})
syncfs(r3)

1.76442237s ago: executing program 0 (id=4937):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg2\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @random="000415020200"}]}, 0x28}}, 0x0)

1.552587615s ago: executing program 0 (id=4938):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000000040)=0x84)

1.448932122s ago: executing program 2 (id=4939):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x1c)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time={0x1, 0x81}, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time={0xfffffff9, 0x1005}, {}, {}, @raw8={"13e661fefa8c7d0d9a4be91e"}}, {0x0, 0x3f, 0x0, 0x0, @tick, {0x10}, {}, @time}, {0x0, 0x0, 0x0, 0x10, @time={0xbf9e}, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x3, 0x0, 0x0, @time, {}, {}, @control={0x0, 0x8000, 0x4ee8}}], 0x8c)
ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f00000018c0))
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={0x0, 0x14c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)='?', 0x1, 0x0, 0x0, 0x0)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)={0x842, 0x10}, 0x18)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0), 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000400)=ANY=[@ANYBLOB="0500000001050000", @ANYRES64=0x0, @ANYRES64, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0100006001"], 0x48}}, 0x0)
write$binfmt_script(r4, &(0x7f0000000340)={'#! ', '', [{}, {}, {}, {}, {0x20, 'nl80211\x00'}], 0xa, "d50d3d2af862"}, 0x17)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r6}, &(0x7f0000004200))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
memfd_create(&(0x7f0000001c80)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83Uz\xc0W\xc1\xcc\x97\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P9(\xe1-q \xb3\x80\xb9\xdfj\xed\xc2_o\xe6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x16=q\x93u\xf1\xde\xef\xac\x171\x13r\xc49\x80\x86\x1a\xbf\xaa&\xf0\xe8Gwm\x80]\xe8\xc2\x90w\xf8H\xe8Cc\x84\xa6y\xb7\xbe\xcbX\x891\xae\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcIv\xe6\xd1\xb5\xbf\xacw\xda\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfd\x05\x00\x00\x00Q\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89b,8X\xee\rSJQ\x94{}\xd5\xaf\xa9mX0\x94T\x95\x9dx@\xce:]\xb68\xa2W\xcb\x86\b#s\xb4q6\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4b\xfc\xf9\xb1\xe0\xdd2\xfd\xda\x84\xbd\xaf\x88\xb3\x91P6t\xf3\xcc\x03\xb8\x9a\x043|A\f\xd4\x1a?h \f\x7f\x92\xb5\x98/J\xd1\x8eW\xfd\xf4o\xd4[\x90\xb3\xc3\xf9\x18\x86\xd1\xeb\x13PIwg\xbe\xbb\"\xfce:\xae\xa9\xc57\xe7\xf6G\x93\xe1X\x9f\xfb\xa5\xe4$>L\xe5]\xc3\x88\xca\xb7\x8b\xfcCn\xcc7>\xa7\xf6mF\xc2\x96q\xc48\xeeP%\x89d\x942\x84r]S\x18{\xd8\xbfT\x0f\xcb\xf7\x84D\xac\x03F+Nj\xd5\x81\x10\xfe\xa6\xf9l\x96N\x1f\xae\xab\xf67\xf1e4v*\x8et\xd3}}\xee\xaf5\x123\x15\xa0\x05\xf4B\x9c\x127\xc42\xab\xf2\xcd\x9a\xcdu\xa9A\xa4\x1f?y\xf0p\x9a\xd7o\xcd\xd0X.\xfa\x15(\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00S\xe8\x97\xb7\xb6:\aD\x92\x007\xf0\xe2\x1e\xbf9%\x10\xdb\xd69\xfa6e\xef\xf3\xbf{!H1\xd6+\xde\x7f\xe9\x98\xe4\x1do\xfc\xa3\x9b@z\xe5\xbf\xbce\xdd4d\\\x97\x17\xec\x8c\xc0;\xb9\x17`-\x1d\xc4~\x1f\xbcW\"\xb9\x8e~\xc8|\xeb.\x90\x8f\xe5\xf8\x8fM\x1a\xb3\x12j\xae\xffX\xca\xd3\xa4[]\xfe\xc1<B\xa7-\xca\x919\xd0\xf2\xb9\x9ak\xf9\x9dv\xc4\xdd\x9a\x87\xa9L\xd0#\x94c>\x01\x14\xd7\xcdb\xff\b4`\xcd$\x81R\xe5\xbf\xe1\v\xcf,\xd9&\x1a\xfc\x134\xf40P\xd5J\xec\x15-\f\xf0ls9{\xb1\x8f\xb2\xa5', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="f5bc378c492453b26eb6e9fa1c67faffffffffffffff5c94299e316e1029fe068219816bbc8dfe3e12984addb123b152a7d8418f24ee64666cfe6197ef6a", @ANYRES16, @ANYBLOB="00022cbd7000fbdbdf2500"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x1, 0x4, 0x2, 0x0, 0x1}, 0x48)

1.326081168s ago: executing program 0 (id=4940):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00'})
sendmsg$can_raw(r0, &(0x7f0000000400)={&(0x7f0000000300), 0x10, &(0x7f00000003c0)={0x0, 0x10}}, 0x0)

1.254453368s ago: executing program 1 (id=4941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f00000004c0), 0x9)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r4=>0x0})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
getresuid(&(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000500), &(0x7f0000000380))
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000700)={{{@in=@broadcast, @in6=@private0, 0x4e24, 0x1cf, 0x4e21, 0x0, 0x0, 0x20, 0x0, 0x2c, 0x0, r6}, {0x6, 0x7, 0x8, 0x6, 0x1, 0xffffffffffffffff, 0x4, 0x2}, {0x1, 0x0, 0x1f, 0x800}, 0xfffffffa, 0x6e6bbd, 0x0, 0x0, 0x4, 0x1}, {{@in=@dev, 0x4d6, 0x33}, 0x0, @in=@empty, 0x0, 0x2, 0x0, 0x12, 0x9, 0x9}}, 0xe8)
write$tun(r5, &(0x7f0000000040)=ANY=[@ANYRESDEC=r5], 0x15)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x0, 0x81, 0x7fffffff, 0x8, r3, 0x2, '\x00', r4, r5, 0x0, 0x3, 0x5}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000200)={0x0, 0x1})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffbb}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x100)
faccessat(r8, &(0x7f0000000000)='./file0\x00', 0x3)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))

1.160723715s ago: executing program 2 (id=4942):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@delsa={0x4c, 0x11, 0x0, 0x0, 0x0, {@in=@empty}, [@lifetime_val={0x24}]}, 0x4c}}, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc020aa00, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4009})

1.110998962s ago: executing program 4 (id=4943):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r0, &(0x7f0000000600)={@val={0x1c}, @val={0x1, 0x5, 0x0, 0x2, 0x0, 0x6}, @ipv6=@udp={0x0, 0x6, "272cc3", 0xf8c, 0x11, 0x0, @private0, @ipv4={'\x00', '\xff\xff', @empty}, {[@srh={0x0, 0x12, 0x4, 0x9, 0x0, 0x0, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast1, @private2, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @local}, @private2]}, @dstopts={0x0, 0x39, '\x00', [@generic={0x0, 0x64, "0db03ea3bd8f208022ef1f11491402f734a29e3c0841ecd327aa6a9c30abb5448d8bb14f80e148f0728b157b8e111585bec79d7cf6c2fb33ab036f90d161d5012d89dfc1d2a571aeb57febf6a0ae704cd6be5f7d049f530c8c978d359b6d35521881c3f4"}, @calipso={0x7, 0x28, {0x0, 0x8, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}}, @hao={0xc9, 0x10, @mcast1}, @ra, @generic={0x0, 0x87, "b7bfba386d7fea31b72243042d69de8dc6e3b2f51ed71dcdc5e19104999541106435e833f5d8484b35eb436701b65dd54bc3d2f30b473c612c523fe466342bb43085c5c5e08a0096e38715ff4234b45bea5bafd5efd233339d5b319fd0e9b2caddfbb922dd600423959217c53b8d457f0bae82563e1cfab4bcb7c64c9a352f6b9aaed117cf1769"}, @generic={0x0, 0x8e, "4883fbe06b3a451e1e2f688a6a26ee057456352913e67eb1126b3d4f9132d9ae9cb665704dbae305eec15feef80ba33e9044c72a5fc44842c4331ff01260cc198566b028fd692f62a1db63743be96a3a5995ea739e2aa3e8aafb2b46b5ef08cb914d5325ea757483401eca7beebbe5e4f286224258af579d88fc6ed4b8c4cf05202266349766b1bd2edf5b128684"}, @jumbo, @ra]}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@mcast2, @ipv4={'\x00', '\xff\xff', @local}]}, @dstopts={0x0, 0x19b, '\x00', [@generic={0x0, 0xb8, "f80b5136d66ffd1236bde1571d57c5932112442efe83e749d630561d415d6bdcdfd4108a010e93c89b2c913a850a871ed77d240f5945d2676148f3e1527ec5a348e26fb2df7dfc84ba1e74c479a375a30d4124174771a5c1bde25f3ef188ff73cf81ea1a7af98f601d222ddd1ef1b52c651c7d198cc62db055103f61bc7de5636f2832ff34f3c4f002e1d3b3adbdee522ae45584dadcc56f107884b4af61af47772209b022b3ce00de2587bf77a10d1fdf9d2160699b63de"}, @calipso={0x7, 0x50, {0x0, 0x12, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, @pad1, @enc_lim, @generic={0x0, 0xbc5, "2f6b6428982d742ef668db3b107ea0b5fdc3f6e8b2002f3b258a75b317dec43f944c7fbf634cf58aa9a1c7223b12415ee4de8b6d1f9c82c16cb37116628a4485fa02ed270ed46c5314a82a5de2b1e693d9e7e069f36396acd713fe3fe0f500fa3c83bc76043c9ff5ab9405e64726a8c0799a0e9f786bfa19a672e42c68174fbc31c75e27270e782505160d979df1917c77c0d06e1b18d2cbed56dd950b448a4e32fb98235e0365c2ccec970954e25fbe6a34712bdf6ac565636c0dd8a9c49efadf2a09dc86390bc0607bd88cd3402555c24ed6566ad12f5aa4a26510e3adea6e4d7822064d47bfc27ef96f4bf9e3f176e26d2121ee5ad6db83c16609e062f2083a1cd34f3b1532d6b481b5066e56121e7595a0fc8f4aeaa20d527b61c03ee9abbae4d8aaf5857eb707deb49fff217d7b704a2d76a574949be196499671d3ff8c100df32a40a18cee1f1ad3c33ad432f82a6862ad1c51991e0c0cb47b94b821e3a50fa4c1c111bb5b40f926436ede79e84312b31394459a0bd28b69157148343b8814c79fdafd7681377def083bc25c2123931051097a8c3dc94ef87c497d6f8e0132de443295bc486ffa9701ad53b63010efddf862508b65359b6e8123cfdcef1e88569e08fe5c7b92c9888af1368acbaa353b493d43b6f023d0a40b8b0834ea45c530a90a188e1daccf86bb95bd89b0de5df1a7bbfda96f0af61b78fc1c96bf76c093a8e165fbe3fa625f876a4afd55e7b7dec41837428ebe2ef429123fb2afcdce9641c948142994e24cbe11d5f6785b22087c810d084ce09de98fc5e4b59776a8c313c940d98b86fbbcc5a48786fa1d079ab0c08e5a9ecf6dc55acf382661648f91fbda91809086e747c4fa356e1fa79cf856c1f14ce0e6b6ad3d21321e0d34c3d1175f89cf43ac9aaea428b3a619191481e63b5cbfe235a89452937f47572311bb1e2675cda1e6f3abdb2e30104875e19cd1a8c842935c6d3a78f7ad4df2b3cc66e135014636fa3a82b5a7cb8f558a2c27cf09031702ed76f5f1a240f2bc93085c6258b669bc06306842fd1d84acaa16334bc2dce47b73896592001f0cbcac76814fab21bf755ca2ff705b5bda01f4e8eb7213a7cb5f4f083a094b0845dc80f09365fd24f7a30a96bac869389574fea3240112f8a2b9cbf9f22f6bfc4443f07e2855c441cf87454fe9e372b75a980598cab26ea01b5c4ced059d27968fc016f157d6c5f3640f1f847433b1e2579cf7048b2045c5348de301480803e3e028038046eddc40a954be9b56ac5f9fad8f586239778cf424b0daf5301f77273fb6270d3fc288c74bdffd086cce27c57871bf86bed770bf93d9ad9b6f40945014b65819a35ee36324828d82b1a8577096910567dffb27d00d18c26350f4fddc06186951cc02cd80854f80dd7e30b3ff62164fa35a66dce4f4320affadb1bf6cab85de885b66e17e2553760b8b12e5b64f1cac8a6fe3a03686f511ca24223f374af9894b86f4706f225e28d8932c3fd6d4ef12bb3ad1a9b4141b74afa246d09e22db392e4d2e19a1164f8852b587ecf5ad22a0e225e3536db0da7e60c8e5ff0977d1589840ab186a8416beac746fe724ec7678f5b6700d0881223d13ad87736491246a8d46546959eec8702fbf5addf95c3c4a0bfdc8fbe48c89f2a82a1b90143724381b7603b7657fabac96bbd4a6fd215dbec1bdff50e2661a4dc2633c074d27dc0150819869f0501ac0f5606a75026fbb525070644f2f440b393ac0d3db767dcb55d77f3f84f714b9b2700778a7a4f6202deb37085f8d62baf8143012b0fb5685270ac281dbaa85db26b6dadce1cfb520677b5a032e231281c0b08482bf33a903e9136ca4e5e66d802f9480cbeecf8cd426b11a90f7887210d41dca356d319268f86f1e928712701b4bdcf19f63544acdf26d7a0f0bfd1d8ad8ede4b5a7f9b159992231d10413e30c7c7dd12341da0b6bb9440b5452e4c9d41ef9b5c0782c016d670c5bb49405ac8cb9f7db17bf08d990c88e8e584d0c12b9c2625e2a57223c4dba7361c109cb6cd1d9db8b9dd2ebad3dbc02cee5a4d3c1cc98b233e26b36be384e169783f2b5f1859fc2f5151e5eea1ee18c71c75e9d7e331c09fd634d562b733b993e4ca5f98302a68fe61f728806d62e8f4e0b33a9a8eeafe28f7f9fe65b1d2d6dadbfd0ab6c5fc364e357d8296d160be5e233416f83337796f66e2cf5860d3a0ad93d6753a69f047259dbf356c5af6ac80e9375f2fe2fe37f887da8f5e8f525f2b4e7107dd7f3ed534e7d35cf47e20b53d5fb767b457a1af98eb00b0eda29554dd35b8e3050939664ffca6cf6155de30806d1078b08f5d6a0a0105a8cd394b640397cc37542f2acb126f5964c1c1429a1dd0568a920213b5b3dabb6e2e412be15bda7fa645b9b0b77ea4b1f0444dd2fe057b52fb9a5ea32a1c18ba749bd05d6fdaee64f28ea80790d221b0757ac372e0587a48c74d82e994d496979b08354ac27e1da204c66ee62db63db5da992757e38613931328276abd1ab7734aaad3ef1a4920570b35554856ab7357dc14319deeb6dfea136c5ba2126a0eaa500056e678d7e4c23918a4429d7006c719bb1d85eaa6f296cab5fdfdac545345171221a86ea08928a89acb09febf82f229e1515e15dfa13747238d0071e66ff788c546fedced4b1a6fc576b31f5d57080c02f41a4af51027ea0b210441ae6bffe16f9fe7150adebb7750b3789576c8fe0e761f945d0d031043685171076e7932628b4158347336517d8c46cfe2cfaa00001afd6803825c9a517ee3489f02d9144d15edeff60b15cc812c6216804c50265b2b5774ae15101ca19fc087a2ecd9a4809c414438ab91baa390192257565097152404be33b802fe633062851c106bafd99f64ce9e0fa6a049d035b51366e7e62e1e76a41c08937d93280ed07b94d226c3cf99230756f60b393bc657c173cbe498f1ee6fbd854dceaa2c5a64d263b4dc29c0eec729df61422f0ae056ec0e5b8bd574750aad5f53c3c32785b932f6a98167dbb43828e1ccbbee1d2fb34eb753e28e5a36054d00116202930ce012863016606ce694c7dedb9562540b6829ef5da16c4c564c77fe322deb6a5efb712d51584c8dd87ebf9b8e1aedc2a736b5ef41d626e0bc0695843aae15c53df658cdd06afdb2a05235394b3faf5ab849888bb99875a2f42e60532b8e8d0079dc209151f8f38466bb7845e15770c0ba9baa02363e7651deeb6208f21c5ca5a3ded63201beb5565fe61a1e37a9341cf12a03b0d26bf4276252d41952924aa8836fd12c115c820e7be67f0a6d95fc3b2f9fa29d5557a18732898b71afbd48bc155b2c580b56fcce4cb0edcb2752950912881b10299f755128d25d3d72746a46659d61a3819626a9639f53cdb66ef9187fec64a65e8595a979a2fef8cbe01849bf322d5d51b3e2d540aeed31c25a7ab6e59a60194d59d17df2d13bba75964b5041a7bc8d2474b38df4b4ed0126eac8b6644dbb042f7b49adebee4e60d2d54e6ad3292d15d6daab7def88e3e09e9a738c884d43afd5ec7df1dcfb475561354ac06f09f7f48b9af8158a09293f1ea2ef30891f42f98f507f0318c3c88b5624cfd241b20a2334a8c9c7ba035ea85a7fa8936586ae804211c9b2be537866b889282755802cdcd51f71e207686de9e5e3bebccf13ac21526c77d97329fb9f171f25ccc2d27c8c41d5e3f2db6b251d3c434d61de7ca18cef207af17c7078e0c99a92f79e2e9886c0032eea2fb6e1f3edcc54a00b89045989bfb4ad5d7f97e73b498707f8fb7146dd12453edc70f9e4f3f51bdea180b5e941eaa5d144fe242b007c76c51bc80e14f5671ac0452ca09cfc94a13bb73db6080909f92888920430c4ea124e7fa744548587470dd614c01b1cc0f26e2e11d070f85534d1733c890542a13d806c9ac383c63659548694da12eac389563898e94595e7e74e5202076b6cfa0d3e3c0a3c9441cbee4781d86f56a643f76718f7a15bf95b9975ce4f8799566034e689ce547efb3fc47a04f39cb3a657d3d070ee0be6754ac2760077bb997862f43888efb4fe2a55e0ee94fb6fdce697efe0687cd4b2bac837b2de3d64173988f8f130b4beb34ba476cae7969ea09a0db7841191ef7ae2c42a914cf3d044863864d81fdcb515b60bbe3083dc7a058d3784b6979b98d69e7ea977c857e2a9a24cb13139cdd8b1303ea8f29232c95b7d9575895d36d827b47ac833a2925a131166eb16d928e137ae3fa35cc7dc6fbaafce0"}]}], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}, 0xfc2)

1.109519949s ago: executing program 3 (id=4944):
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0)
socket$inet6(0xa, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.096054531s ago: executing program 0 (id=4945):
mkdir(0x0, 0x0)
chdir(0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

767.838859ms ago: executing program 2 (id=4946):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x1}, 0x1c)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
readv(r1, &(0x7f00000002c0)=[{0xfffffffffffffffc}], 0x1)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x29, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0xfc, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c266"}, 0x50)

767.231511ms ago: executing program 3 (id=4947):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="7000000002060508000000000000000000070000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3000000000240007800c00028008000140000000020c00018008000140000000060800064000000010"], 0x70}}, 0x0)

698.110503ms ago: executing program 4 (id=4948):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000001c0))
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0xc018aa06, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
keyctl$read(0xb, 0x0, 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r3 = socket(0x10, 0x2, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000300)=0x20000)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
keyctl$setperm(0x5, 0x0, 0x21081c22)
keyctl$KEYCTL_RESTRICT_KEYRING(0xb, 0x0, 0x0, 0x0)
keyctl$read(0xb, 0x0, 0x0, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000000)={0xffffffffffffffff, 0x7})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x8}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJREF_SET_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
getsockopt$inet_int(r0, 0x10d, 0x5, &(0x7f0000001040), &(0x7f00000000c0)=0x4)

401.845217ms ago: executing program 3 (id=4949):
openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@ipv4})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000))

323.675267ms ago: executing program 2 (id=4950):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000000040)=0x84)

99.262857ms ago: executing program 3 (id=4951):
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e3502020001ffffffff685f1158e2fafc0e1f00020000000c00009c70baa363"], 0x38)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r0 = creat(0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r1, @ANYBLOB="000000000000000079000000000000009500000000000000d76308169ee21111195776829ec2e78d67d31574f60d0c9721c6f3cdb030a7d7089d2187197a6bbf80afe390572cd7b6e9dd118f4578d40227a4f78a08999cb2ab817c11558c28c45f758d48a8cfdc29bd41ebe84aa16840f78f43423f6f8bedec3f00999d77806837d4f95c364d7788a7083afa94ab87120da4d6a7fb85a0b2efae0d633247e1e699a17665f4f71f43128051da72ffd64ebbfc64faff363beb56ded1f386e9301291b69c3cda075e500c583b802f67b2bac4cd8b1d99a9fa43dc6315e260ea90c400f1f797f67d12422e21799ff5cd34da"], &(0x7f0000000d40)='syzkaller\x00'}, 0x90)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r3 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x6, 0x0, 0x3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1e, 0x59827034, 0x17, 0x80, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, r0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000180)=ANY=[@ANYRESHEX=r2, @ANYRES32=r4, @ANYRES64], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x2c0, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x1f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @local, [], [], 'vlan0\x00', 'wlan1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'hsr0\x00', 'veth1_to_hsr\x00'}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
pipe(&(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$binfmt_script(r7, 0x0, 0x4e)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
tee(r6, r8, 0x3, 0x0)
vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000140)='b', 0x1}], 0x1, 0x0)

82.066601ms ago: executing program 1 (id=4952):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002a00)={0xd, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f35006c090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

76.661843ms ago: executing program 2 (id=4953):
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)

0s ago: executing program 0 (id=4954):
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0285628, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8, r3, 0x5})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0xc018aec0, &(0x7f0000000140)={0x1ffff})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902"], 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x6e40b000)

kernel console output (not intermixed with test programs):

 18
[  774.692392][T17405] loop0: detected capacity change from 0 to 32768
[  774.867406][T17415] vivid-002: disconnect
[  774.894903][T17415] loop3: detected capacity change from 0 to 1024
[  774.965292][T17415] hfsplus: found bad thread record in catalog
[  775.030983][T17417] vivid-002: reconnect
[  775.042603][ T5141] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[  775.220344][ T5095] usb 2-1: USB disconnect, device number 52
[  775.595290][T17423] loop0: detected capacity change from 0 to 2048
[  775.616615][T17423] udf: Unknown parameter 'ÿ'
[  775.675172][T17423] loop0: detected capacity change from 0 to 736
[  775.727294][T17423] netlink: 830 bytes leftover after parsing attributes in process `syz.0.4021'.
[  775.756058][T17423] fuse: Bad value for 'fd'
[  775.812650][T11951] hfsplus: b-tree write err: -5, ino 4
[  776.304964][T17443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4031'.
[  776.429119][ T5141] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  776.464921][T17446] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4032'.
[  776.619095][ T5141] usb 4-1: Using ep0 maxpacket: 8
[  776.625749][ T5141] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  776.638892][ T5141] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[  776.648107][ T5141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.672976][ T5141] usb 4-1: config 0 descriptor??
[  776.684741][ T5141] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  776.699787][ T5141] usb 4-1: Detected SIO
[  776.709097][ T5141] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  776.869136][ T5095] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  776.894680][    T9] usb 4-1: USB disconnect, device number 39
[  776.913015][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  776.933481][    T9] ftdi_sio 4-1:0.0: device disconnected
[  776.984608][T17459] input: syz0 as /devices/virtual/input/input20
[  777.076208][ T5095] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  777.144871][ T5095] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  777.178361][ T5095] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  777.188555][ T5095] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  777.205314][ T5095] usb 2-1: Manufacturer: syz
[  777.221234][ T5095] usb 2-1: config 0 descriptor??
[  777.234025][ T5095] igorplugusb 2-1:0.0: incorrect number of endpoints
[  778.337039][T17479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4046'.
[  778.347510][T17479] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4046'.
[  778.778464][T17485] loop3: detected capacity change from 0 to 1764
[  778.780080][T17486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4048'.
[  778.913926][T17485] loop3: detected capacity change from 0 to 64
[  778.925931][    T9] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  779.144770][    T9] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  779.153976][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  779.188559][    T9] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  779.205014][    T9] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  779.226600][    T9] usb 1-1: Manufacturer: syz
[  779.241355][    T9] usb 1-1: config 0 descriptor??
[  779.255155][    T9] igorplugusb 1-1:0.0: incorrect number of endpoints
[  779.483865][    T9] usb 1-1: USB disconnect, device number 60
[  779.586610][ T5509] usb 2-1: USB disconnect, device number 53
[  779.671539][T17495] loop4: detected capacity change from 0 to 128
[  779.690787][T17495] VFS: Found a Xenix FS (block size = 512) on device loop4
[  779.698578][T17495] sysv_free_block: trying to free block not in datazone
[  779.706089][   T46] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  779.715379][T17495] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  779.787725][T17495] overlayfs: failed to resolve '/Ýñp<5eNÔá
[  779.787725][T17495] O?á1
[  779.787725][T17495] äH': -2
[  779.899043][   T46] usb 3-1: Using ep0 maxpacket: 8
[  779.910754][   T46] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  779.936043][   T46] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[  779.949124][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.962951][   T46] usb 3-1: config 0 descriptor??
[  779.972280][   T46] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  779.984946][   T46] usb 3-1: Detected SIO
[  779.991579][   T46] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  779.999716][T17502] tc_dump_action: action bad kind
[  780.075341][   T29] audit: type=1326 audit(1719427409.110:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17499 comm="syz.3.4055" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe05dd75ae9 code=0x0
[  780.172026][   T46] usb 3-1: USB disconnect, device number 53
[  780.192438][   T46] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  780.207313][   T46] ftdi_sio 3-1:0.0: device disconnected
[  780.614754][T17513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  780.633690][T17514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4059'.
[  780.642902][T17514] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4059'.
[  780.677462][T17513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  780.747142][T17513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  781.025782][T17518] loop4: detected capacity change from 0 to 128
[  781.848017][   T29] audit: type=1800 audit(1719427410.880:307): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4060" name="bus" dev="loop4" ino=1048638 res=0 errno=0
[  781.871642][   T29] audit: type=1800 audit(1719427410.890:308): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4060" name="bus" dev="loop4" ino=1048638 res=0 errno=0
[  781.896479][   T29] audit: type=1800 audit(1719427410.940:309): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4060" name="bus" dev="loop4" ino=1048638 res=0 errno=0
[  783.452041][T17542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  784.048199][T17542] team0: Port device virt_wifi0 added
[  784.759017][T17560] mkiss: ax0: crc mode is auto.
[  785.628354][T17585] loop0: detected capacity change from 0 to 1764
[  785.727761][T17585] loop0: detected capacity change from 0 to 64
[  785.820186][ T5095] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  786.023969][ T5095] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  786.043264][ T5095] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  786.049927][T17594] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4089'.
[  786.068016][ T5095] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  786.096886][ T5095] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  786.112314][ T5095] usb 2-1: Manufacturer: syz
[  786.128688][ T5095] usb 2-1: config 0 descriptor??
[  786.141889][ T5095] igorplugusb 2-1:0.0: incorrect number of endpoints
[  786.509949][   T29] audit: type=1326 audit(1719427415.550:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.541995][   T29] audit: type=1326 audit(1719427415.550:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.573219][   T29] audit: type=1326 audit(1719427415.550:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.598071][   T29] audit: type=1326 audit(1719427415.550:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.621090][    C0] vkms_vblank_simulate: vblank timer overrun
[  786.638581][   T29] audit: type=1326 audit(1719427415.550:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.668060][   T29] audit: type=1326 audit(1719427415.550:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.692799][   T29] audit: type=1326 audit(1719427415.550:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.719358][   T29] audit: type=1326 audit(1719427415.550:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  786.744061][   T29] audit: type=1326 audit(1719427415.550:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17599 comm="syz.4.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  787.179043][ T5141] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  787.399062][ T5141] usb 3-1: Using ep0 maxpacket: 16
[  787.412247][ T5141] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  787.426637][ T5141] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  787.436446][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.459354][T17613] mkiss: ax0: crc mode is auto.
[  787.474411][ T5141] usb 3-1: config 0 descriptor??
[  788.071515][T17625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.080826][T17625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.092418][ T5141] hid (null): unknown global tag 0xa5
[  788.097798][ T5141] hid (null): unknown global tag 0xd
[  788.110835][ T5141] hid (null): unknown global tag 0xc
[  788.252205][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  788.618193][T17626] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4103'.
[  788.860713][ T5141] hid-generic 0003:0158:0100.0030: unknown main item tag 0x1
[  788.876642][ T5141] hid-generic 0003:0158:0100.0030: unknown main item tag 0x0
[  788.884775][ T5141] hid-generic 0003:0158:0100.0030: unexpected long global item
[  788.893444][ T5141] hid-generic 0003:0158:0100.0030: probe with driver hid-generic failed with error -22
[  788.906910][ T5141] usb 3-1: USB disconnect, device number 54
[  788.967998][ T5139] usb 2-1: USB disconnect, device number 54
[  789.154500][T17631] loop0: detected capacity change from 0 to 1764
[  789.215617][   T29] audit: type=1326 audit(1719427418.240:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17629 comm="syz.4.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cc4775ae9 code=0x7ffc0000
[  789.229886][T17631] loop0: detected capacity change from 0 to 64
[  791.064986][T17670] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.098850][   T46] wlan1: No basic rates, using min rate instead
[  791.111902][   T46] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  791.122250][   T46] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  791.240520][T11951] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  791.273142][T17677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.336398][T17677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.349184][T11951] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  791.396579][T17682] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4126'.
[  791.407271][T17677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.459986][  T131] wlan1: authentication with 08:02:11:00:00:00 timed out
[  792.855188][T17715] loop1: detected capacity change from 0 to 2048
[  792.872909][T17715] udf: Unknown parameter 'ÿ'
[  792.932383][T17715] loop1: detected capacity change from 0 to 736
[  793.046246][T17722] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4140'.
[  793.076047][T17722] fuse: Bad value for 'fd'
[  793.262226][T17725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  793.303994][T17725] team0: Port device virt_wifi0 added
[  794.242246][T17745] 9pnet_virtio: no channels available for device syz
[  794.550430][T17753] loop2: detected capacity change from 0 to 1764
[  794.632042][T17753] loop2: detected capacity change from 0 to 64
[  794.975725][T17765] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  795.242104][T17772] netlink: 208 bytes leftover after parsing attributes in process `syz.3.4165'.
[  796.262882][T17799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4174'.
[  796.398678][T17801] syzkaller1: entered promiscuous mode
[  796.404708][T17801] syzkaller1: entered allmulticast mode
[  796.422683][T17801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4175'.
[  796.698422][ T4488] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  796.761063][T17810] syz.1.4178 (17810): attempted to duplicate a private mapping with mremap.  This is not supported.
[  797.070778][T17816] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4180'.
[  797.149148][  T928] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  797.341153][  T928] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  797.471555][  T928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.508553][  T928] usb 3-1: config 0 descriptor??
[  797.639074][ T5139] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  797.770947][  T928] pegasus 3-1:0.0: probe with driver pegasus failed with error -71
[  797.869253][ T5139] usb 4-1: Using ep0 maxpacket: 16
[  797.884078][  T928] usb 3-1: USB disconnect, device number 55
[  797.991482][ T5139] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  798.017864][ T5139] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  798.044778][ T5139] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.055344][ T5139] usb 4-1: config 0 descriptor??
[  798.423814][T17831] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4183'.
[  798.481618][ T5139] usbhid 4-1:0.0: can't add hid device: -71
[  798.553117][ T5139] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  798.613249][ T5139] usb 4-1: USB disconnect, device number 40
[  799.166170][T17833] loop2: detected capacity change from 0 to 1024
[  799.278389][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.344596][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.416047][T17834] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.424684][T17834] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.441458][T17836] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.453816][T17836] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.482126][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.509200][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.545569][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.554946][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.573126][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.583841][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.596841][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.608098][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.635216][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.642819][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.663157][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.673089][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.725126][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.736480][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.758003][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.766708][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.774211][ T5139] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  799.787268][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.812385][T17833] hfsplus: request for non-existent node 33423360 in B*Tree
[  799.959116][ T5139] usb 4-1: Using ep0 maxpacket: 8
[  799.971784][ T5139] usb 4-1: config 0 has no interfaces?
[  799.978333][ T5139] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  799.989716][ T5139] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.031098][ T5139] usb 4-1: config 0 descriptor??
[  800.218352][T17810] syz.1.4178: vmalloc error: size 4198400, failed to allocated page array size 8200, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  800.237193][T17810] CPU: 1 UID: 0 PID: 17810 Comm: syz.1.4178 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
[  800.247453][T17810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  800.253325][T17840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4185'.
[  800.257493][T17810] Call Trace:
[  800.269731][T17810]  <TASK>
[  800.272650][T17810]  dump_stack_lvl+0x241/0x360
[  800.277330][T17810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  800.282522][T17810]  ? __pfx__printk+0x10/0x10
[  800.287105][T17810]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  800.293526][T17810]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  800.300046][T17810]  warn_alloc+0x278/0x410
[  800.304386][T17810]  ? __pfx_warn_alloc+0x10/0x10
[  800.309243][T17810]  ? vb2_vmalloc_alloc+0xf2/0x340
[  800.314277][T17810]  ? __get_vm_area_node+0x23d/0x270
[  800.319488][T17810]  __vmalloc_node_range_noprof+0x69f/0x1460
[  800.325413][T17810]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  800.331751][T17810]  ? vb2_vmalloc_alloc+0xf2/0x340
[  800.336780][T17810]  ? __get_vm_area_node+0x23d/0x270
[  800.341991][T17810]  __vmalloc_node_range_noprof+0x5bf/0x1460
[  800.347889][T17810]  ? vb2_vmalloc_alloc+0xf2/0x340
[  800.352933][T17810]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  800.359268][T17810]  ? __kasan_kmalloc+0x98/0xb0
[  800.364028][T17810]  ? vb2_vmalloc_alloc+0xb5/0x340
[  800.369055][T17810]  vmalloc_user_noprof+0x74/0x80
[  800.373989][T17810]  ? vb2_vmalloc_alloc+0xf2/0x340
[  800.379012][T17810]  vb2_vmalloc_alloc+0xf2/0x340
[  800.383865][T17810]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  800.389320][T17810]  __vb2_queue_alloc+0xa0f/0x16f0
[  800.394362][T17810]  vb2_core_create_bufs+0x825/0x1040
[  800.399665][T17810]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  800.405404][T17810]  ? vb2_verify_memory_type+0x1b/0x570
[  800.410873][T17810]  ? vb2_set_flags_and_caps+0x2f7/0x5e0
[  800.416422][T17810]  vb2_create_bufs+0x60e/0xdd0
[  800.421187][T17810]  ? __pfx_vb2_create_bufs+0x10/0x10
[  800.426470][T17810]  ? v4l_sanitize_format+0x5c7/0xa50
[  800.431765][T17810]  v4l_create_bufs+0x18b/0x2a0
[  800.436536][T17810]  __video_do_ioctl+0xc26/0xde0
[  800.441401][T17810]  ? __pfx___video_do_ioctl+0x10/0x10
[  800.446781][T17810]  ? __might_fault+0xc6/0x120
[  800.451467][T17810]  video_usercopy+0x89b/0x1180
[  800.456236][T17810]  ? __pfx___video_do_ioctl+0x10/0x10
[  800.461608][T17810]  ? __pfx_video_usercopy+0x10/0x10
[  800.466812][T17810]  ? __fget_files+0x29/0x470
[  800.471409][T17810]  ? __fget_files+0x3f6/0x470
[  800.476083][T17810]  ? __fget_files+0x29/0x470
[  800.480683][T17810]  v4l2_ioctl+0x18c/0x1e0
[  800.485012][T17810]  ? __pfx_v4l2_ioctl+0x10/0x10
[  800.489869][T17810]  __se_sys_ioctl+0xfc/0x170
[  800.494462][T17810]  do_syscall_64+0xf3/0x230
[  800.498964][T17810]  ? clear_bhb_loop+0x35/0x90
[  800.503642][T17810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.509543][T17810] RIP: 0033:0x7f49d8f75ae9
[  800.513958][T17810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  800.533559][T17810] RSP: 002b:00007f49d9dd8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  800.541977][T17810] RAX: ffffffffffffffda RBX: 00007f49d9104070 RCX: 00007f49d8f75ae9
[  800.549945][T17810] RDX: 0000000020004fc0 RSI: 00000000c100565c RDI: 0000000000000004
[  800.557911][T17810] RBP: 00007f49d8ff6746 R08: 0000000000000000 R09: 0000000000000000
[  800.565878][T17810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  800.573929][T17810] R13: 000000000000006e R14: 00007f49d9104070 R15: 00007ffc62fa98e8
[  800.581908][T17810]  </TASK>
[  800.584974][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.605106][T17810] Mem-Info:
[  800.608360][T17810] active_anon:2850 inactive_anon:0 isolated_anon:0
[  800.608360][T17810]  active_file:638 inactive_file:68401 isolated_file:0
[  800.608360][T17810]  unevictable:768 dirty:436 writeback:0
[  800.608360][T17810]  slab_reclaimable:11476 slab_unreclaimable:103574
[  800.608360][T17810]  mapped:14007 shmem:1363 pagetables:542
[  800.608360][T17810]  sec_pagetables:0 bounce:0
[  800.608360][T17810]  kernel_misc_reclaimable:0
[  800.608360][T17810]  free:1302706 free_pcp:356 free_cma:0
[  800.657255][T17810] Node 0 active_anon:12400kB inactive_anon:0kB active_file:2552kB inactive_file:273528kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:56028kB dirty:1736kB writeback:0kB shmem:3916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10256kB pagetables:2168kB sec_pagetables:0kB all_unreclaimable? no
[  800.690763][T17810] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  800.722295][T17810] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  800.756662][T17810] lowmem_reserve[]: 0 2571 2571 0 0
[  800.762466][T17810] Node 0 DMA32 free:1238200kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:13964kB inactive_anon:0kB active_file:2552kB inactive_file:273204kB unevictable:1536kB writepending:1736kB present:3129332kB managed:2659844kB mlocked:0kB bounce:0kB free_pcp:2608kB local_pcp:416kB free_cma:0kB
[  800.798758][T17810] lowmem_reserve[]: 0 0 0 0 0
[  800.823081][T17810] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  800.852453][T17810] lowmem_reserve[]: 0 0 0 0 0
[  800.857503][T17810] Node 1 Normal free:3953640kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:8kB present:4194304kB managed:4109116kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  800.888406][T17810] lowmem_reserve[]: 0 0 0 0 0
[  800.894156][T17810] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  800.908417][T17810] Node 0 DMA32: 37*4kB (UE) 25*8kB (ME) 34*16kB (E) 496*32kB (UME) 493*64kB (UME) 210*128kB (UME) 77*256kB (UME) 29*512kB (M) 6*1024kB (UM) 6*2048kB (ME) 268*4096kB (M) = 1225916kB
[  800.933427][T17810] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  800.959098][ T4488] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  800.968875][ T4488] Bluetooth: hci5: Injecting HCI hardware error event
[  800.978482][ T4488] Bluetooth: hci5: hardware error 0x00
[  801.003694][T17810] Node 1 Normal: 6*4kB (U) 8*8kB (UM) 11*16kB (UM) 7*32kB (UM) 8*64kB (U) 4*128kB (U) 4*256kB (UM) 3*512kB (UM) 1*1024kB (U) 2*2048kB (U) 963*4096kB (M) = 3953640kB
[  801.026039][T17810] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  801.030708][T17851] syzkaller1: entered promiscuous mode
[  801.039840][T17810] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  801.046812][T17851] syzkaller1: entered allmulticast mode
[  801.059771][T17810] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  801.075366][T17810] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  801.098317][T17853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4190'.
[  801.116442][T17810] 70196 total pagecache pages
[  801.130097][T17810] 0 pages in swap cache
[  801.153580][T17810] Free swap  = 124484kB
[  801.164284][T17810] Total swap = 124996kB
[  801.168776][T17810] 2097051 pages RAM
[  801.186116][T17810] 0 pages HighMem/MovableOnly
[  801.192906][T17810] 400881 pages reserved
[  801.210722][T17810] 0 pages cma reserved
[  802.692928][ T5094] usb 4-1: USB disconnect, device number 41
[  803.041454][ T4488] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  803.124536][T17877] vivid-001: disconnect
[  803.180758][T17877] loop0: detected capacity change from 0 to 1024
[  803.308751][T17877] hfsplus: found bad thread record in catalog
[  803.317523][T17880] loop1: detected capacity change from 0 to 1024
[  803.377215][T17884] vivid-001: reconnect
[  803.388361][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.402949][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.431648][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.447535][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.475775][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.488637][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.513734][T17889] syzkaller1: entered promiscuous mode
[  803.522307][T17889] syzkaller1: entered allmulticast mode
[  803.534903][T17889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4203'.
[  803.548010][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.555655][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.596540][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.617551][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.654084][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.682532][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.715006][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.722519][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.743738][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.776200][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.791038][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.798578][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.868165][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.886885][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.918623][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.937029][T17880] hfsplus: request for non-existent node 33423360 in B*Tree
[  803.971663][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  804.005728][T17894] hfsplus: request for non-existent node 33423360 in B*Tree
[  804.092035][  T131] hfsplus: b-tree write err: -5, ino 4
[  804.468069][T17908] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4206'.
[  805.017144][T17919] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4210'.
[  806.025504][T17931] syzkaller1: entered promiscuous mode
[  806.045851][T17931] syzkaller1: entered allmulticast mode
[  806.067048][T17931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4215'.
[  806.335147][T17938] loop1: detected capacity change from 0 to 1024
[  806.384738][T17940] vivid-000: disconnect
[  806.401756][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.414303][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.423894][T17940] loop2: detected capacity change from 0 to 1024
[  806.436840][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.446800][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.463729][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.472139][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.489696][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.516255][T17939] kvm: pic: single mode not supported
[  806.516444][T17939] kvm: pic: single mode not supported
[  806.519077][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.535363][T17940] hfsplus: found bad thread record in catalog
[  806.542083][T17939] kvm: pic: level sensitive irq not supported
[  806.546988][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.574327][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.588682][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.600282][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.622830][T17944] vivid-000: reconnect
[  806.638987][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.656243][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.670479][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.678718][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.688227][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.695725][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.705143][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.712700][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.721859][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.732108][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.742899][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  806.753724][T17938] hfsplus: request for non-existent node 33423360 in B*Tree
[  807.162642][T17955] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4224'.
[  807.296672][T11949] hfsplus: b-tree write err: -5, ino 4
[  808.376043][T17970] 9pnet_virtio: no channels available for device syz
[  808.697102][T17978] loop3: detected capacity change from 0 to 1024
[  808.733035][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  808.755938][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.763852][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.776914][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.784856][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.830284][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.839406][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.848666][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.860100][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.894388][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.901941][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.928339][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.939877][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.951612][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.965822][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.986395][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  808.996650][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.044981][T17988] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.059981][T17988] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.075161][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.092843][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.107848][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.119934][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.128532][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.136596][T17978] hfsplus: request for non-existent node 33423360 in B*Tree
[  809.871385][ T5139] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  809.999123][    T9] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  810.081063][ T5139] usb 5-1: Using ep0 maxpacket: 16
[  810.087718][ T5139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  810.099084][ T5139] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  810.108135][ T5139] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.118309][ T5139] usb 5-1: config 0 descriptor??
[  810.191711][    T9] usb 4-1: Using ep0 maxpacket: 8
[  810.204278][    T9] usb 4-1: config 0 has no interfaces?
[  810.217171][    T9] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  810.235209][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.247776][    T9] usb 4-1: config 0 descriptor??
[  810.354893][T18014] loop2: detected capacity change from 0 to 1024
[  810.395187][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.409899][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.428234][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.437458][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.446570][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.454130][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.466333][T18001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4239'.
[  810.480331][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.487857][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.506025][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.522087][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.544129][T17997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  810.557990][T17997] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  810.575112][ T5139] hid (null): report_id 0 is invalid
[  810.589264][T18018] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.601075][ T5139] hid (null): unknown global tag 0xa5
[  810.601183][T18018] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.615947][ T5139] hid (null): unknown global tag 0xd
[  810.622561][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.631557][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.647850][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.655782][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.659304][ T5139] hid (null): unknown global tag 0xc
[  810.674452][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.684241][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.704705][ T5139] hid-generic 0003:0158:0100.0031: unknown main item tag 0x1
[  810.704985][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.726756][ T5139] hid-generic 0003:0158:0100.0031: unexpected long global item
[  810.754478][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.758333][ T5139] hid-generic 0003:0158:0100.0031: probe with driver hid-generic failed with error -22
[  810.765403][T18018] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.830767][T18018] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.841540][ T5139] usb 5-1: USB disconnect, device number 48
[  810.907837][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  810.917354][T18014] hfsplus: request for non-existent node 33423360 in B*Tree
[  811.323821][T18034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4253'.
[  811.535076][T18036] mmap: syz.0.4254 (18036) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  811.753554][T18040] mkiss: ax0: crc mode is auto.
[  812.431802][T18054] kvm: pic: single mode not supported
[  812.431957][T18054] kvm: pic: single mode not supported
[  812.458039][T18054] kvm: pic: level sensitive irq not supported
[  812.890675][T11052] usb 4-1: USB disconnect, device number 42
[  813.355037][T18068] loop3: detected capacity change from 0 to 128
[  813.381309][T18068] VFS: Found a Xenix FS (block size = 512) on device loop3
[  813.390246][T18068] sysv_free_block: trying to free block not in datazone
[  813.398246][T18068] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  813.446782][T18071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4266'.
[  813.499149][T18068] overlayfs: failed to resolve '/Ýñp<5eNÔá
[  813.499149][T18068] O?á1
[  813.499149][T18068] äH': -2
[  813.620403][ T5139] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  813.809255][ T5139] usb 3-1: Using ep0 maxpacket: 16
[  813.825468][ T5139] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  813.839266][ T5139] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  813.867514][ T5139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.894830][ T5139] usb 3-1: config 0 descriptor??
[  814.308852][T18070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  814.335265][T18070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  814.362311][ T5139] hid (null): report_id 0 is invalid
[  814.393254][ T5139] hid (null): unknown global tag 0xa5
[  814.418190][ T5139] hid (null): unknown global tag 0xd
[  814.450318][ T5139] hid (null): unknown global tag 0xc
[  814.473919][ T5139] hid-generic 0003:0158:0100.0032: unknown main item tag 0x1
[  814.498977][ T5139] hid-generic 0003:0158:0100.0032: unexpected long global item
[  814.520000][ T5139] hid-generic 0003:0158:0100.0032: probe with driver hid-generic failed with error -22
[  814.572101][ T5509] usb 3-1: USB disconnect, device number 56
[  814.736931][T18088] netlink: 'syz.1.4272': attribute type 10 has an invalid length.
[  814.766037][T18088] batman_adv: batadv0: Adding interface: team0
[  814.779304][T18088] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  814.816272][T18088] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  814.862684][T18095] vivid-001: disconnect
[  814.910161][T18095] loop0: detected capacity change from 0 to 1024
[  815.133913][T18102] hfsplus: found bad thread record in catalog
[  815.231668][  T928] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  815.243412][T18106] vivid-001: reconnect
[  815.434048][T18104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4276'.
[  815.444932][  T928] usb 5-1: Using ep0 maxpacket: 8
[  815.455116][  T928] usb 5-1: config 0 has no interfaces?
[  815.460736][  T928] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  815.469847][  T928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.487521][  T928] usb 5-1: config 0 descriptor??
[  815.505982][T11949] hfsplus: b-tree write err: -5, ino 4
[  815.659042][ T5094] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  815.706832][T18093] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4274'.
[  815.809098][ T5094] usb 3-1: device descriptor read/64, error -71
[  815.979107][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  815.979123][   T29] audit: type=1800 audit(1719427445.010:328): pid=18118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4278" name="file0" dev="sda1" ino=1991 res=0 errno=0
[  816.048680][   T29] audit: type=1804 audit(1719427445.080:329): pid=18118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4278" name="/root/syzkaller.LTUG4I/313/file0" dev="sda1" ino=1991 res=1 errno=0
[  816.181078][ T5094] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  816.409309][ T5094] usb 3-1: device descriptor read/64, error -71
[  816.596151][ T5094] usb usb3-port1: attempt power cycle
[  817.109093][ T5094] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  817.139826][ T5094] usb 3-1: device descriptor read/8, error -71
[  817.217511][T18131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4282'.
[  817.422291][ T5094] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  817.469712][ T5094] usb 3-1: device descriptor read/8, error -71
[  817.545681][   T29] audit: type=1804 audit(1719427446.580:330): pid=18137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4286" name="/root/syzkaller.LTUG4I/315/bus" dev="sda1" ino=1991 res=1 errno=0
[  817.609599][ T5094] usb usb3-port1: unable to enumerate USB device
[  817.924616][  T928] usb 5-1: USB disconnect, device number 49
[  819.595953][T18169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4296'.
[  820.382597][  T928] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  820.561090][  T928] usb 4-1: device descriptor read/64, error -71
[  820.849115][  T928] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  821.070156][  T928] usb 4-1: device descriptor read/64, error -71
[  821.190382][T18192] loop2: detected capacity change from 0 to 32768
[  821.209271][  T928] usb usb4-port1: attempt power cycle
[  821.261577][T18192] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4304 (18192)
[  821.317091][T18192] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  821.337057][T18192] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  821.378654][T18192] BTRFS info (device loop2): using free-space-tree
[  821.481498][T18192] BTRFS info (device loop2): rebuilding free space tree
[  821.649204][  T928] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  821.676067][ T5662] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  821.696294][  T928] usb 4-1: device descriptor read/8, error -71
[  821.973974][T18220] vivid-001: disconnect
[  821.989002][  T928] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  822.019721][  T928] usb 4-1: device descriptor read/8, error -71
[  822.033605][T18220] loop0: detected capacity change from 0 to 1024
[  822.169576][  T928] usb usb4-port1: unable to enumerate USB device
[  822.255366][T18223] hfsplus: found bad thread record in catalog
[  822.325487][T18225] vivid-001: reconnect
[  822.859009][T18236] netlink: 120 bytes leftover after parsing attributes in process `syz.4.4316'.
[  822.958272][   T12] hfsplus: b-tree write err: -5, ino 4
[  823.160293][T18242] 9pnet_virtio: no channels available for device syz
[  823.551226][T18245] loop0: detected capacity change from 0 to 32768
[  823.585409][T18245] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4319 (18245)
[  823.630018][T18245] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  823.650810][T18245] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  823.662037][T18245] BTRFS info (device loop0): using free-space-tree
[  823.879538][T18245] BTRFS info (device loop0): rebuilding free space tree
[  824.089637][T13883] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  824.638100][T18286] vivid-002: disconnect
[  824.650470][T18288] cgroup: noprefix used incorrectly
[  824.761683][T18286] loop3: detected capacity change from 0 to 1024
[  824.819761][   T29] audit: type=1800 audit(1719427453.810:331): pid=18290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4329" name="file0" dev="sda1" ino=1997 res=0 errno=0
[  825.184743][T18294] hfsplus: found bad thread record in catalog
[  825.425099][T18297] vivid-002: reconnect
[  827.102193][  T131] hfsplus: b-tree write err: -5, ino 4
[  827.188848][T18278] warn_alloc: 1 callbacks suppressed
[  827.188861][T18278] syz.4.4327: vmalloc error: size 4198400, failed to allocated page array size 8200, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  827.219895][T18278] CPU: 0 UID: 0 PID: 18278 Comm: syz.4.4327 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
[  827.230163][T18278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  827.240235][T18278] Call Trace:
[  827.243530][T18278]  <TASK>
[  827.246482][T18278]  dump_stack_lvl+0x241/0x360
[  827.251186][T18278]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.256408][T18278]  ? __pfx__printk+0x10/0x10
[  827.261030][T18278]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  827.267466][T18278]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  827.273998][T18278]  warn_alloc+0x278/0x410
[  827.278361][T18278]  ? __pfx_warn_alloc+0x10/0x10
[  827.283249][T18278]  ? vb2_vmalloc_alloc+0xf2/0x340
[  827.288298][T18278]  ? __get_vm_area_node+0x23d/0x270
[  827.293511][T18278]  __vmalloc_node_range_noprof+0x69f/0x1460
[  827.299430][T18278]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  827.305770][T18278]  ? vb2_vmalloc_alloc+0xf2/0x340
[  827.310801][T18278]  ? __get_vm_area_node+0x23d/0x270
[  827.316005][T18278]  __vmalloc_node_range_noprof+0x5bf/0x1460
[  827.321907][T18278]  ? vb2_vmalloc_alloc+0xf2/0x340
[  827.326965][T18278]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  827.333301][T18278]  ? __kasan_kmalloc+0x98/0xb0
[  827.338061][T18278]  ? vb2_vmalloc_alloc+0xb5/0x340
[  827.343087][T18278]  vmalloc_user_noprof+0x74/0x80
[  827.348021][T18278]  ? vb2_vmalloc_alloc+0xf2/0x340
[  827.353044][T18278]  vb2_vmalloc_alloc+0xf2/0x340
[  827.357894][T18278]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  827.363353][T18278]  __vb2_queue_alloc+0xa0f/0x16f0
[  827.368393][T18278]  vb2_core_create_bufs+0x825/0x1040
[  827.373684][T18278]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  827.379411][T18278]  ? vb2_set_flags_and_caps+0x2f7/0x5e0
[  827.384963][T18278]  vb2_create_bufs+0x60e/0xdd0
[  827.389727][T18278]  ? __pfx_vb2_create_bufs+0x10/0x10
[  827.395009][T18278]  ? v4l_sanitize_format+0x5c7/0xa50
[  827.400299][T18278]  v4l_create_bufs+0x18b/0x2a0
[  827.405080][T18278]  __video_do_ioctl+0xc26/0xde0
[  827.409950][T18278]  ? __pfx___video_do_ioctl+0x10/0x10
[  827.415340][T18278]  ? __might_fault+0xc6/0x120
[  827.420035][T18278]  video_usercopy+0x89b/0x1180
[  827.424816][T18278]  ? __pfx___video_do_ioctl+0x10/0x10
[  827.430188][T18278]  ? __pfx_video_usercopy+0x10/0x10
[  827.435405][T18278]  ? __fget_files+0x29/0x470
[  827.439999][T18278]  ? __fget_files+0x3f6/0x470
[  827.444672][T18278]  ? __fget_files+0x29/0x470
[  827.449266][T18278]  v4l2_ioctl+0x18c/0x1e0
[  827.453593][T18278]  ? __pfx_v4l2_ioctl+0x10/0x10
[  827.458443][T18278]  __se_sys_ioctl+0xfc/0x170
[  827.463035][T18278]  do_syscall_64+0xf3/0x230
[  827.467537][T18278]  ? clear_bhb_loop+0x35/0x90
[  827.472218][T18278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.478114][T18278] RIP: 0033:0x7f0cc4775ae9
[  827.482529][T18278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.502141][T18278] RSP: 002b:00007f0cc546b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  827.510559][T18278] RAX: ffffffffffffffda RBX: 00007f0cc4904070 RCX: 00007f0cc4775ae9
[  827.518526][T18278] RDX: 0000000020004fc0 RSI: 00000000c100565c RDI: 0000000000000004
[  827.526489][T18278] RBP: 00007f0cc47f6746 R08: 0000000000000000 R09: 0000000000000000
[  827.534465][T18278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  827.542442][T18278] R13: 000000000000006e R14: 00007f0cc4904070 R15: 00007fff3d63f528
[  827.550434][T18278]  </TASK>
[  827.553511][    C0] vkms_vblank_simulate: vblank timer overrun
[  827.565536][T18278] Mem-Info:
[  827.568661][T18278] active_anon:2878 inactive_anon:0 isolated_anon:0
[  827.568661][T18278]  active_file:638 inactive_file:68740 isolated_file:0
[  827.568661][T18278]  unevictable:768 dirty:305 writeback:0
[  827.568661][T18278]  slab_reclaimable:11506 slab_unreclaimable:104154
[  827.568661][T18278]  mapped:14519 shmem:1395 pagetables:577
[  827.568661][T18278]  sec_pagetables:0 bounce:0
[  827.568661][T18278]  kernel_misc_reclaimable:0
[  827.568661][T18278]  free:1301430 free_pcp:549 free_cma:0
[  827.613665][    C0] vkms_vblank_simulate: vblank timer overrun
[  827.634406][T18278] Node 0 active_anon:13012kB inactive_anon:0kB active_file:2552kB inactive_file:274884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:58076kB dirty:1212kB writeback:0kB shmem:5444kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10248kB pagetables:2308kB sec_pagetables:0kB all_unreclaimable? no
[  827.666580][    C0] vkms_vblank_simulate: vblank timer overrun
[  827.692570][T18278] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  827.750906][T18278] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.787154][T18278] lowmem_reserve[]: 0 2571 2571 0 0
[  827.792561][T18278] Node 0 DMA32 free:1226688kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:20276kB inactive_anon:0kB active_file:2552kB inactive_file:274560kB unevictable:1536kB writepending:1212kB present:3129332kB managed:2659844kB mlocked:0kB bounce:0kB free_pcp:2600kB local_pcp:1260kB free_cma:0kB
[  827.826949][T18278] lowmem_reserve[]: 0 0 0 0 0
[  827.834769][T18278] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.868627][T18278] lowmem_reserve[]: 0 0 0 0 0
[  827.874394][T18278] Node 1 Normal free:3953640kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:8kB present:4194304kB managed:4109116kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.911915][T18278] lowmem_reserve[]: 0 0 0 0 0
[  827.916724][T18278] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  827.930650][T18278] Node 0 DMA32: 24*4kB (UME) 32*8kB (UME) 82*16kB (UME) 505*32kB (UME) 492*64kB (UME) 211*128kB (UME) 77*256kB (ME) 32*512kB (UME) 6*1024kB (ME) 8*2048kB (UME) 266*4096kB (M) = 1224480kB
[  827.949680][T18278] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  827.970304][T18278] Node 1 Normal: 6*4kB (U) 8*8kB (UM) 11*16kB (UM) 7*32kB (UM) 8*64kB (U) 4*128kB (U) 4*256kB (UM) 3*512kB (UM) 1*1024kB (U) 2*2048kB (U) 963*4096kB (M) = 3953640kB
[  828.012947][T18278] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  828.024312][T18278] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  828.034947][T18278] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  828.045852][T18278] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  828.057179][T18278] 74322 total pagecache pages
[  828.062231][T18278] 0 pages in swap cache
[  828.067109][T18278] Free swap  = 124484kB
[  828.072567][T18278] Total swap = 124996kB
[  828.081533][T18278] 2097051 pages RAM
[  828.085871][T18278] 0 pages HighMem/MovableOnly
[  828.092209][T18278] 400881 pages reserved
[  828.098174][T18278] 0 pages cma reserved
[  828.203848][T18310] loop1: detected capacity change from 0 to 32768
[  828.238148][T18310] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4339 (18310)
[  828.291611][T18310] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  828.310710][T18310] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  828.327671][T18310] BTRFS info (device loop1): using free-space-tree
[  828.528414][T18310] BTRFS info (device loop1): rebuilding free space tree
[  828.593389][T18310] overlay: ./bus is not a directory
[  828.601013][   T29] audit: type=1804 audit(1719427457.620:332): pid=18310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4339" name="/root/syzkaller.r9PeQd/93/bus/bus" dev="loop1" ino=263 res=1 errno=0
[  828.700506][T16878] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  829.766671][T18358] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4350'.
[  830.159272][    T9] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  830.359049][    T9] usb 5-1: Using ep0 maxpacket: 16
[  830.413483][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  830.458071][    T9] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  830.490803][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.526711][    T9] usb 5-1: config 0 descriptor??
[  830.956341][T18362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  830.989904][T18362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  831.014730][    T9] hid (null): unknown global tag 0xc
[  831.061392][    T9] hid-generic 0003:0158:0100.0033: unknown main item tag 0x1
[  831.078967][    T9] hid-generic 0003:0158:0100.0033: unknown main item tag 0x0
[  831.093258][    T9] hid-generic 0003:0158:0100.0033: unexpected long global item
[  831.112749][    T9] hid-generic 0003:0158:0100.0033: probe with driver hid-generic failed with error -22
[  831.215642][T18370] loop1: detected capacity change from 0 to 32768
[  831.224103][    T9] usb 5-1: USB disconnect, device number 50
[  831.250873][T18370] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4355 (18370)
[  831.286984][T18370] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  831.302590][T18370] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  831.312289][T18370] BTRFS info (device loop1): using free-space-tree
[  831.337924][T18370] BTRFS info (device loop1): rebuilding free space tree
[  831.389359][   T29] audit: type=1804 audit(1719427460.420:333): pid=18370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4355" name="/root/syzkaller.r9PeQd/96/bus/bus" dev="loop1" ino=263 res=1 errno=0
[  831.393264][T18370] overlay: ./bus is not a directory
[  831.513814][T16878] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  831.638263][   T29] audit: type=1326 audit(1719427460.670:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.3.4359" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe05dd75ae9 code=0x0
[  832.462787][   T29] audit: type=1800 audit(1719427461.480:335): pid=18420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4366" name="bus" dev="sda1" ino=1983 res=0 errno=0
[  833.727072][T18445] netlink: 'syz.3.4374': attribute type 1 has an invalid length.
[  833.767673][T18445] netlink: 9396 bytes leftover after parsing attributes in process `syz.3.4374'.
[  833.804610][T18447] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4375'.
[  833.988032][T18438] loop2: detected capacity change from 0 to 32768
[  834.037795][T18438] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4371 (18438)
[  834.075401][T18438] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  834.097014][T18438] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  834.127130][T18438] BTRFS info (device loop2): using free-space-tree
[  834.303234][T18438] BTRFS info (device loop2): rebuilding free space tree
[  834.401449][   T29] audit: type=1804 audit(1719427463.440:336): pid=18438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4371" name="/root/syzkaller.Lc7sdX/885/bus/bus" dev="loop2" ino=263 res=1 errno=0
[  834.432257][T18438] overlay: ./bus is not a directory
[  834.567291][ T5662] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  834.978304][T18475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4381'.
[  835.180360][ T5509] IPVS: starting estimator thread 0...
[  835.275183][T18480] loop3: detected capacity change from 0 to 1024
[  835.289035][T18479] IPVS: using max 29 ests per chain, 69600 per kthread
[  835.358162][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.372808][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.393078][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.404674][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.415834][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.426062][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.453405][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.460899][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.473350][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.481358][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.496203][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.505517][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.525344][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.552334][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.568850][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.579127][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.593259][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.601058][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.612851][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.620619][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.631708][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.640375][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.649590][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  835.658010][T18480] hfsplus: request for non-existent node 33423360 in B*Tree
[  836.392222][T18489] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4384'.
[  837.008581][T18495] loop4: detected capacity change from 0 to 128
[  837.038635][T18495] VFS: Found a Xenix FS (block size = 512) on device loop4
[  837.062337][T18498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  837.067941][T18495] sysv_free_block: trying to free block not in datazone
[  837.089328][T18495] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  837.156879][T18498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  837.183630][T18495] overlayfs: failed to resolve '/Ýñp<5eNÔá
[  837.183630][T18495] O?á1
[  837.183630][T18495] äH': -2
[  837.233478][T18498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  837.825790][T18512] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4394'.
[  838.155877][T18518] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  839.114795][T18544] syzkaller1: entered promiscuous mode
[  839.120724][T18544] syzkaller1: entered allmulticast mode
[  839.147127][T18544] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4408'.
[  839.666715][T18558] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  839.678464][T18559] netlink: 176 bytes leftover after parsing attributes in process `syz.1.4415'.
[  839.736213][T18559] netlink: 176 bytes leftover after parsing attributes in process `syz.1.4415'.
[  839.998213][T18552] netlink: 92 bytes leftover after parsing attributes in process `syz.2.4412'.
[  841.533541][T18604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4431'.
[  841.684231][   T29] audit: type=1800 audit(1719427470.720:337): pid=18612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4435" name="bus" dev="sda1" ino=1957 res=0 errno=0
[  842.419544][T18632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4443'.
[  842.511162][T18636] ALSA: seq fatal error: cannot create timer (-22)
[  842.763481][T18640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4446'.
[  843.465325][    T9] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  843.578880][T18656] loop2: detected capacity change from 0 to 128
[  843.809813][    T9] usb 2-1: Using ep0 maxpacket: 8
[  844.241378][    T9] usb 2-1: config 0 has no interfaces?
[  844.248802][    T9] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  844.265994][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.277529][    T9] usb 2-1: config 0 descriptor??
[  844.486859][T18651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4450'.
[  844.612339][T11052] usb 2-1: USB disconnect, device number 55
[  845.095972][T18676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4461'.
[  845.566429][T18689] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4466'.
[  845.566452][T18689] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4466'.
[  845.636459][T18691] loop2: detected capacity change from 0 to 1024
[  845.883674][T18696] hfsplus: found bad thread record in catalog
[  846.301048][T18708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4471'.
[  846.855147][T18718] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4476'.
[  846.858091][T18717] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.871345][T18717] bridge0: port 2(bridge_slave_1) entered forwarding state
[  846.879141][T18717] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.886310][T18717] bridge0: port 1(bridge_slave_0) entered forwarding state
[  847.018109][  T131] hfsplus: b-tree write err: -5, ino 4
[  847.257015][T18725] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4480'.
[  847.266239][T18725] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4480'.
[  847.313546][T18726] loop4: detected capacity change from 0 to 1764
[  847.385425][T18726] loop4: detected capacity change from 0 to 64
[  847.462721][   T29] audit: type=1804 audit(1719427476.500:338): pid=18731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4479" name="/root/syzkaller.Lc7sdX/908/bus" dev="sda1" ino=1987 res=1 errno=0
[  847.524095][   T29] audit: type=1804 audit(1719427476.560:339): pid=18731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.4479" name="/root/syzkaller.Lc7sdX/908/bus" dev="sda1" ino=1987 res=1 errno=0
[  848.850087][   T29] audit: type=1800 audit(1719427477.890:340): pid=18757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4491" name="bus" dev="sda1" ino=1975 res=0 errno=0
[  849.066047][T18762] cgroup: noprefix used incorrectly
[  851.265545][   T29] audit: type=1800 audit(1719427480.300:341): pid=18797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4505" name="bus" dev="sda1" ino=1974 res=0 errno=0
[  851.295285][   T29] audit: type=1800 audit(1719427480.330:342): pid=18798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4503" name="bus" dev="sda1" ino=1985 res=0 errno=0
[  851.721311][   T29] audit: type=1804 audit(1719427480.760:343): pid=18804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4508" name="/root/syzkaller.r9PeQd/121/bus" dev="sda1" ino=1977 res=1 errno=0
[  851.749089][    T9] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  851.949138][    T9] usb 1-1: Using ep0 maxpacket: 16
[  851.960040][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  851.970499][    T9] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  851.983247][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  851.997248][    T9] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  852.006678][    T9] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  852.015622][    T9] usb 1-1: Manufacturer: syz
[  852.022940][    T9] usb 1-1: config 0 descriptor??
[  852.599542][T18826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  852.608079][T18826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  853.966470][   T29] audit: type=1326 audit(1719427483.000:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18846 comm="syz.3.4524" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe05dd75ae9 code=0x0
[  854.405288][T11052] usb 1-1: USB disconnect, device number 61
[  856.157636][T18866] loop4: detected capacity change from 0 to 1024
[  856.245174][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.258645][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.285633][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.313266][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.334631][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.347827][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.367818][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.384748][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.414660][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.424156][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.466768][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.489226][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.532796][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.564839][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.588580][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.598993][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.609888][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.617485][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.635341][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.719146][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.754754][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.786762][T18874] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.834959][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  856.854429][T18866] hfsplus: request for non-existent node 33423360 in B*Tree
[  857.247472][   T29] audit: type=1326 audit(1719427486.280:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18885 comm="syz.1.4537" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49d8f75ae9 code=0x0
[  857.454772][T18891] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4538'.
[  857.881241][T18896] vivid-001: disconnect
[  857.907378][T18896] loop0: detected capacity change from 0 to 1024
[  858.335244][T18899] hfsplus: found bad thread record in catalog
[  858.472438][T18904] vivid-001: reconnect
[  859.822320][ T5092] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  859.832859][ T5092] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  859.840978][ T5092] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  859.865156][ T5092] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  859.880822][ T5092] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  859.888248][ T5092] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  861.574620][T18909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4543'.
[  861.605648][ T2782] hfsplus: b-tree write err: -5, ino 4
[  861.920082][ T5092] Bluetooth: hci1: command tx timeout
[  861.974935][T11951] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.995667][T18917] chnl_net:caif_netlink_parms(): no params data found
[  862.201824][T18938] loop0: detected capacity change from 0 to 128
[  862.911129][T11951] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  863.094194][T18917] bridge0: port 1(bridge_slave_0) entered blocking state
[  863.101843][T18917] bridge0: port 1(bridge_slave_0) entered disabled state
[  863.109160][T18917] bridge_slave_0: entered allmulticast mode
[  863.116054][T18917] bridge_slave_0: entered promiscuous mode
[  863.138601][T11951] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  863.154551][T18917] bridge0: port 2(bridge_slave_1) entered blocking state
[  863.162149][T18917] bridge0: port 2(bridge_slave_1) entered disabled state
[  863.169526][T18917] bridge_slave_1: entered allmulticast mode
[  863.178008][T18917] bridge_slave_1: entered promiscuous mode
[  863.220810][T18917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  863.244487][T11951] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  863.266183][T18917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  863.315720][T18917] team0: Port device team_slave_0 added
[  863.333144][T18917] team0: Port device team_slave_1 added
[  863.376412][T18917] batman_adv: batadv0: Adding interface: batadv_slave_0
[  863.383673][T18917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.411292][T18917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  863.424047][T18917] batman_adv: batadv0: Adding interface: batadv_slave_1
[  863.432294][T18917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.458791][T18917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  863.540185][T18917] hsr_slave_0: entered promiscuous mode
[  863.547216][T18917] hsr_slave_1: entered promiscuous mode
[  863.554289][T18917] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  863.563954][T18917] Cannot create hsr debugfs directory
[  863.569909][T11951] bridge_slave_1: left allmulticast mode
[  863.577244][T11951] bridge_slave_1: left promiscuous mode
[  863.583776][T11951] bridge0: port 2(bridge_slave_1) entered disabled state
[  863.596337][T11951] bridge_slave_0: left allmulticast mode
[  863.605236][T11951] bridge_slave_0: left promiscuous mode
[  863.607114][T18948] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4553'.
[  863.611960][T11951] bridge0: port 1(bridge_slave_0) entered disabled state
[  863.656853][T11951] tipc: Resetting bearer <eth:geneve1>
[  863.999193][ T5092] Bluetooth: hci1: command tx timeout
[  864.019375][T18954] 9pnet_virtio: no channels available for device syz
[  864.088760][T11951] tipc: Disabling bearer <eth:geneve1>
[  864.848018][T11951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  864.860137][T11951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  864.873910][T11951] bond0 (unregistering): Released all slaves
[  864.886573][T11951] bond1 (unregistering): Released all slaves
[  864.900747][T11951] bond2 (unregistering): Released all slaves
[  864.915153][T11951] bond3 (unregistering): Released all slaves
[  864.928443][T11951] bond4 (unregistering): Released all slaves
[  864.948329][T11951] bond5 (unregistering): Released all slaves
[  864.965234][T11951] bond6 (unregistering): Released all slaves
[  864.981365][T11951] bond7 (unregistering): Released all slaves
[  865.037165][T18959] tap0: tun_chr_ioctl cmd 1074025675
[  865.047807][T18959] tap0: persist enabled
[  865.076786][T18961] tap0: tun_chr_ioctl cmd 1074025675
[  865.089918][T18961] tap0: persist disabled
[  866.085447][ T5092] Bluetooth: hci1: command tx timeout
[  866.413562][T18982] loop1: detected capacity change from 0 to 1024
[  866.472203][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.480286][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.509575][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.516923][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.543815][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.551384][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.577886][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.601139][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.628293][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.651522][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.683638][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.691200][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.720573][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.727882][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.753362][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  866.769835][T18982] hfsplus: request for non-existent node 33423360 in B*Tree
[  867.798658][T11951] tipc: Left network mode
[  868.169244][ T5092] Bluetooth: hci1: command tx timeout
[  868.375157][   T29] audit: type=1800 audit(1719427497.410:346): pid=19002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4570" name="file1" dev="sda1" ino=1966 res=0 errno=0
[  868.376913][T19002] input: syz0 as /devices/virtual/input/input23
[  868.809942][T18917] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  868.827780][T19009] loop4: detected capacity change from 0 to 128
[  868.850740][T11951] hsr_slave_0: left promiscuous mode
[  868.876681][T11951] 0·: left promiscuous mode
[  868.894776][T11951] batman_adv: batadv0: Removing interface: team0
[  868.909097][T11951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  868.916512][T11951] batman_adv: batadv0: Removing interface: batadv_slave_0
[  869.079820][T11951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  869.087502][T11951] batman_adv: batadv0: Removing interface: batadv_slave_1
[  869.114414][T11951] veth1_macvtap: left promiscuous mode
[  869.121002][T11951] veth0_macvtap: left promiscuous mode
[  869.126791][T11951] veth1_vlan: left promiscuous mode
[  869.132691][T11951] veth0_vlan: left promiscuous mode
[  869.248319][T11951] infiniband syz1: set down
[  869.343309][   T29] audit: type=1804 audit(1719427498.370:347): pid=19016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4576" name="/root/syzkaller.r9PeQd/141/bus" dev="sda1" ino=1991 res=1 errno=0
[  869.439363][T18374] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  869.510562][T11951] team0 (unregistering): Port device virt_wifi0 removed
[  869.630272][T18374] usb 1-1: Using ep0 maxpacket: 16
[  869.668739][T18374] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  869.688024][T18374] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  869.698380][T18374] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  869.718849][T18374] usb 1-1: config 0 descriptor??
[  869.886810][T11951] team0 (unregistering): Port device team_slave_1 removed
[  869.943875][T19013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  869.952952][T19013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  870.165232][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  870.180565][T18374] usbhid 1-1:0.0: can't add hid device: -71
[  870.186941][T18374] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  870.205753][T18374] usb 1-1: USB disconnect, device number 62
[  870.302847][ T2926] smc: removing ib device syz1
[  870.535476][T18917] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  870.554416][T19014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4575'.
[  870.565864][T19014] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4575'.
[  870.592552][ T5139] infiniband syz1: ib_query_port failed (-19)
[  870.625129][T18917] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  870.658727][T18917] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  871.328997][ T5139] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  871.569339][ T5139] usb 3-1: Using ep0 maxpacket: 32
[  871.583481][ T5139] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  871.595412][ T5139] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  871.614582][ T5139] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  871.625065][ T5139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  871.636639][ T5139] usb 3-1: Product: syz
[  871.641859][ T5139] usb 3-1: Manufacturer: syz
[  871.646473][ T5139] usb 3-1: SerialNumber: syz
[  871.659944][ T5139] usb 3-1: config 0 descriptor??
[  873.597416][T18917] 8021q: adding VLAN 0 to HW filter on device bond0
[  873.624570][T18917] 8021q: adding VLAN 0 to HW filter on device team0
[  873.637267][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state
[  873.644434][ T5095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  873.672305][ T5509] bridge0: port 2(bridge_slave_1) entered blocking state
[  873.679460][ T5509] bridge0: port 2(bridge_slave_1) entered forwarding state
[  874.056322][T18917] 8021q: adding VLAN 0 to HW filter on device batadv0
[  874.127519][T18917] veth0_vlan: entered promiscuous mode
[  874.145626][T18917] veth1_vlan: entered promiscuous mode
[  874.198176][T18917] veth0_macvtap: entered promiscuous mode
[  874.218797][T18917] veth1_macvtap: entered promiscuous mode
[  874.246530][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  874.254737][T19059] loop1: detected capacity change from 0 to 1024
[  874.257498][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.274247][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  874.285564][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.296905][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  874.307886][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.321978][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  874.332759][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.337006][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.344794][T18917] batman_adv: batadv0: Interface activated: batadv_slave_0
[  874.355851][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.374006][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.381817][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.391493][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  874.403389][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.413506][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.420071][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.428675][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  874.442408][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.452580][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  874.463792][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.464690][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.474830][T18917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  874.492405][T18917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  874.505156][T18917] batman_adv: batadv0: Interface activated: batadv_slave_1
[  874.514143][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.525596][T18374] usb 3-1: USB disconnect, device number 61
[  874.532018][T18917] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  874.550909][T18917] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  874.562728][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.565131][T19062] loop4: detected capacity change from 0 to 2048
[  874.570716][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.585203][T18917] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  874.595329][T18917] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  874.601715][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.612016][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.617264][T19062] udf: Unknown parameter 'ÿ'
[  874.645139][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.654447][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.665647][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.687670][T19059] hfsplus: request for non-existent node 33423360 in B*Tree
[  874.751999][T19062] loop4: detected capacity change from 0 to 736
[  874.794408][ T2782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  874.813387][ T2782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  874.894220][T19064] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4591'.
[  874.917756][T19064] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4591'.
[  874.937613][ T2782] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  874.946585][ T2782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  874.961797][T19065] netlink: 830 bytes leftover after parsing attributes in process `syz.4.4590'.
[  874.998247][T19065] fuse: Bad value for 'fd'
[  875.302382][   T29] audit: type=1326 audit(1719427504.340:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19079 comm="syz.0.4595" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff575775ae9 code=0x0
[  875.376612][   T29] audit: type=1800 audit(1719427504.360:349): pid=19081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4594" name="bus" dev="sda1" ino=1979 res=0 errno=0
[  876.425283][T19095] kvm: pic: single mode not supported
[  876.425301][T19095] kvm: pic: level sensitive irq not supported
[  876.431169][T19095] kvm: pic: single mode not supported
[  876.437617][T19095] kvm: pic: single mode not supported
[  876.443376][T19095] kvm: pic: level sensitive irq not supported
[  876.451311][T19095] kvm: pic: single mode not supported
[  876.457402][T19095] kvm: pic: level sensitive irq not supported
[  876.463684][T19095] kvm: pic: level sensitive irq not supported
[  876.604980][T19102] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4604'.
[  877.028365][T19104] loop4: detected capacity change from 0 to 8192
[  877.047497][T19114] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4609'.
[  877.378097][ T4488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  877.392180][ T4488] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  877.401124][ T4488] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  877.411679][ T4488] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  877.419406][ T4488] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  877.426697][ T4488] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  877.502176][ T2782] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.587602][ T2782] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.701166][ T2782] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.757765][T19128] loop2: detected capacity change from 0 to 2048
[  877.801206][T19128] udf: Unknown parameter 'ÿ'
[  877.811798][ T2782] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.902715][T19128] loop2: detected capacity change from 0 to 736
[  878.125440][T19135] netlink: 830 bytes leftover after parsing attributes in process `syz.2.4615'.
[  878.153899][T19125] loop3: detected capacity change from 0 to 32768
[  878.172940][T19119] chnl_net:caif_netlink_parms(): no params data found
[  878.182564][T19125] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4614 (19125)
[  878.189371][T19135] fuse: Bad value for 'fd'
[  878.223436][T19125] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  878.241611][T19125] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  878.255735][T19125] BTRFS info (device loop3): using free-space-tree
[  878.368596][ T2782] bridge_slave_1: left allmulticast mode
[  878.374592][ T2782] bridge_slave_1: left promiscuous mode
[  878.386703][T19125] BTRFS info (device loop3): rebuilding free space tree
[  878.386746][ T2782] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.418744][ T2782] bridge_slave_0: left allmulticast mode
[  878.426599][ T2782] bridge_slave_0: left promiscuous mode
[  878.432571][ T2782] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.654320][T18917] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  878.814427][ T5094] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  879.031134][ T5094] usb 5-1: Using ep0 maxpacket: 8
[  879.057592][ T5094] usb 5-1: config 0 has no interfaces?
[  879.063850][ T5094] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  879.075059][ T5094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  879.107158][ T5094] usb 5-1: config 0 descriptor??
[  879.296173][ T2782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  879.317398][ T2782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  879.332092][ T2782] bond0 (unregistering): Released all slaves
[  879.334840][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4618'.
[  879.346658][ T2782] bond1 (unregistering): Released all slaves
[  879.372930][ T2782] bond2 (unregistering): Released all slaves
[  879.388400][ T2782] bond3 (unregistering): Released all slaves
[  879.529307][ T5092] Bluetooth: hci0: command tx timeout
[  879.756295][T18374] usb 5-1: USB disconnect, device number 51
[  879.877214][T19119] bridge0: port 1(bridge_slave_0) entered blocking state
[  879.885671][T19119] bridge0: port 1(bridge_slave_0) entered disabled state
[  879.902279][T19119] bridge_slave_0: entered allmulticast mode
[  879.922159][T19119] bridge_slave_0: entered promiscuous mode
[  879.983141][T19119] bridge0: port 2(bridge_slave_1) entered blocking state
[  879.992304][T19119] bridge0: port 2(bridge_slave_1) entered disabled state
[  880.004090][T19119] bridge_slave_1: entered allmulticast mode
[  880.016103][T19119] bridge_slave_1: entered promiscuous mode
[  880.039823][ T2782] hsr_slave_0: left promiscuous mode
[  880.063248][ T2782] hsr_slave_1: left promiscuous mode
[  880.078185][ T2782] batman_adv: batadv0: Removing interface: team0
[  880.091842][ T2782] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  880.100833][ T2782] batman_adv: batadv0: Removing interface: batadv_slave_0
[  880.136264][ T2782] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  880.144111][ T2782] batman_adv: batadv0: Removing interface: batadv_slave_1
[  880.208689][ T2782] veth1_macvtap: left promiscuous mode
[  880.214740][ T2782] veth0_macvtap: left promiscuous mode
[  880.220733][ T2782] veth1_vlan: left promiscuous mode
[  880.229641][ T2782] veth0_vlan: left promiscuous mode
[  880.569978][T19173] loop3: detected capacity change from 0 to 2048
[  880.586786][T19173] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  880.617416][T19174] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  880.617815][T19173] syz.3.4623: attempt to access beyond end of device
[  880.617815][T19173] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  881.147358][T19175] loop1: detected capacity change from 0 to 8192
[  881.599341][ T5092] Bluetooth: hci0: command tx timeout
[  881.918051][ T2782] team0 (unregistering): Port device team_slave_1 removed
[  882.682695][T19119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  882.705714][T19119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  882.816109][T19119] team0: Port device team_slave_0 added
[  882.832097][T19119] team0: Port device team_slave_1 added
[  882.866658][T19119] batman_adv: batadv0: Adding interface: batadv_slave_0
[  882.873755][T19119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.900180][T19119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  882.918339][T19119] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.925956][T19119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.952808][T19119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  883.012063][T19119] hsr_slave_0: entered promiscuous mode
[  883.018318][T19119] hsr_slave_1: entered promiscuous mode
[  883.025156][T19119] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  883.033092][T19119] Cannot create hsr debugfs directory
[  883.183697][ T2782] IPVS: stop unused estimator thread 0...
[  883.267661][T19198] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4629'.
[  883.592558][T19119] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  883.602672][T19119] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  883.613455][T19119] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  883.631441][T19119] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  883.668041][T19204] loop4: detected capacity change from 0 to 2048
[  883.679284][ T5092] Bluetooth: hci0: command tx timeout
[  883.695596][T19204] udf: Unknown parameter 'ÿ'
[  883.787224][T19204] loop4: detected capacity change from 0 to 736
[  883.857887][T19119] 8021q: adding VLAN 0 to HW filter on device bond0
[  883.917101][T19210] netlink: 830 bytes leftover after parsing attributes in process `syz.4.4633'.
[  883.947626][T19119] 8021q: adding VLAN 0 to HW filter on device team0
[  883.968307][T19210] fuse: Bad value for 'fd'
[  883.992932][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  884.000393][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  884.043867][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  884.051081][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  884.079352][T19213] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  884.174525][T19215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  884.298279][T19213] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  884.631199][T19119] 8021q: adding VLAN 0 to HW filter on device batadv0
[  884.683948][T19229] 9pnet_virtio: no channels available for device syz
[  884.799244][T19119] veth0_vlan: entered promiscuous mode
[  884.823977][T19119] veth1_vlan: entered promiscuous mode
[  884.929582][T19119] veth0_macvtap: entered promiscuous mode
[  884.955923][T19119] veth1_macvtap: entered promiscuous mode
[  885.010045][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  885.021585][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.031671][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  885.042702][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.052843][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  885.064578][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.083404][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  885.095341][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.111557][T19119] batman_adv: batadv0: Interface activated: batadv_slave_0
[  885.157166][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  885.171475][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.181572][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  885.193741][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.206057][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  885.222646][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.232822][T19119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  885.243493][T19119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  885.262008][T19119] batman_adv: batadv0: Interface activated: batadv_slave_1
[  885.327256][T19235] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4643'.
[  885.358286][T19119] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  885.388622][T19119] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  885.399290][T19119] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  885.408197][T19119] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  885.656294][ T2926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  885.676718][ T2926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  885.709691][T11951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  885.722753][T11951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  885.759284][ T5092] Bluetooth: hci0: command tx timeout
[  886.638523][T19264] 9pnet_virtio: no channels available for device syz
[  887.027091][   T29] audit: type=1800 audit(1719427516.060:350): pid=19273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4654" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  887.049611][   T29] audit: type=1800 audit(1719427516.060:351): pid=19273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4654" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  887.097625][   T29] audit: type=1800 audit(1719427516.130:352): pid=19276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4654" name="file1" dev="sda1" ino=1991 res=0 errno=0
[  887.142227][T19277] loop4: detected capacity change from 0 to 2048
[  887.170075][T19277] udf: Unknown parameter 'ÿ'
[  887.191363][   T29] audit: type=1800 audit(1719427516.230:353): pid=19276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4654" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  887.235906][T19277] loop4: detected capacity change from 0 to 736
[  887.408739][T19282] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20001
[  887.424452][T19283] netlink: 830 bytes leftover after parsing attributes in process `syz.4.4657'.
[  887.490294][T19283] fuse: Bad value for 'fd'
[  888.909940][ T4488] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  888.922387][ T4488] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  888.947666][ T4488] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  888.962930][ T4488] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  888.979666][ T4488] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  888.987805][ T4488] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  889.080912][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.187887][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.310460][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.336935][T19310] loop0: detected capacity change from 0 to 32768
[  889.381021][T19310] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4665 (19310)
[  889.403697][T19310] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  889.421475][T19310] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  889.435352][T19310] BTRFS info (device loop0): using free-space-tree
[  889.453642][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.505957][T19310] BTRFS info (device loop0): rebuilding free space tree
[  890.219013][T19345] loop4: detected capacity change from 0 to 128
[  890.332979][   T11] bridge_slave_1: left allmulticast mode
[  890.339945][   T11] bridge_slave_1: left promiscuous mode
[  890.345873][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  890.348399][T19119] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  890.366845][   T11] bridge_slave_0: left allmulticast mode
[  890.373423][   T11] bridge_slave_0: left promiscuous mode
[  890.380514][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.995824][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  891.011366][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  891.024764][   T11] bond0 (unregistering): Released all slaves
[  891.039147][ T5092] Bluetooth: hci1: command tx timeout
[  891.057022][T19317] chnl_net:caif_netlink_parms(): no params data found
[  891.266662][T19317] bridge0: port 1(bridge_slave_0) entered blocking state
[  891.274334][T19317] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.303649][T19317] bridge_slave_0: entered allmulticast mode
[  891.328008][T19317] bridge_slave_0: entered promiscuous mode
[  891.349763][T19317] bridge0: port 2(bridge_slave_1) entered blocking state
[  891.356924][T19317] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.374488][T19317] bridge_slave_1: entered allmulticast mode
[  891.382074][T19317] bridge_slave_1: entered promiscuous mode
[  891.518265][T19317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  891.633272][T19317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.660430][   T11] hsr_slave_0: left promiscuous mode
[  891.666447][   T11] hsr_slave_1: left promiscuous mode
[  891.676718][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  891.685354][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  891.700352][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  891.707847][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  891.749084][   T11] veth1_macvtap: left promiscuous mode
[  891.754738][   T11] veth0_macvtap: left promiscuous mode
[  891.760628][   T11] veth1_vlan: left promiscuous mode
[  891.766907][   T11] veth0_vlan: left promiscuous mode
[  892.428155][T19379] loop1: detected capacity change from 0 to 32768
[  892.461636][T19379] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4682 (19379)
[  892.488392][T19379] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  892.511255][T19379] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  892.520218][T19379] BTRFS info (device loop1): using free-space-tree
[  892.568187][   T11] team0 (unregistering): Port device team_slave_1 removed
[  892.604739][T19379] BTRFS info (device loop1): rebuilding free space tree
[  892.791632][T19405] loop4: detected capacity change from 0 to 128
[  893.034923][   T11] team0 (unregistering): Port device team_slave_0 removed
[  893.134468][ T5092] Bluetooth: hci1: command tx timeout
[  893.317812][T16878] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  893.422359][T19408] loop0: detected capacity change from 0 to 2048
[  893.474176][T19408] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  893.521124][T19409] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  893.521410][T19408] syz.0.4686: attempt to access beyond end of device
[  893.521410][T19408] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  894.613973][T19418] loop2: detected capacity change from 0 to 8192
[  894.723703][T19317] team0: Port device team_slave_0 added
[  894.754701][T19317] team0: Port device team_slave_1 added
[  894.798304][T19317] batman_adv: batadv0: Adding interface: batadv_slave_0
[  894.809477][T19317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  894.857842][T19317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  894.881722][T19317] batman_adv: batadv0: Adding interface: batadv_slave_1
[  894.889849][T19317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  894.916893][T19317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  895.012359][T19317] hsr_slave_0: entered promiscuous mode
[  895.018690][T19317] hsr_slave_1: entered promiscuous mode
[  895.026179][T19317] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  895.034770][T19317] Cannot create hsr debugfs directory
[  895.199198][ T5092] Bluetooth: hci1: command tx timeout
[  895.545914][T19317] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  895.562901][T19317] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  895.574598][T19317] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  895.587850][T19317] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  895.622960][   T29] audit: type=1800 audit(1719427524.660:354): pid=19438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4694" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  895.653143][   T29] audit: type=1800 audit(1719427524.690:355): pid=19438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4694" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  895.703432][   T29] audit: type=1800 audit(1719427524.740:356): pid=19439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4695" name="bus" dev="sda1" ino=1961 res=0 errno=0
[  895.782140][   T29] audit: type=1800 audit(1719427524.810:357): pid=19440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4694" name="file1" dev="sda1" ino=1973 res=0 errno=0
[  895.875344][   T29] audit: type=1800 audit(1719427524.910:358): pid=19440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4694" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  896.121120][T19317] 8021q: adding VLAN 0 to HW filter on device bond0
[  896.251994][T19447] loop2: detected capacity change from 0 to 128
[  896.617193][T19317] 8021q: adding VLAN 0 to HW filter on device team0
[  896.666456][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state
[  896.673594][ T5095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  896.712338][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  896.719508][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.004612][T19317] 8021q: adding VLAN 0 to HW filter on device batadv0
[  897.051146][T19462] loop2: detected capacity change from 0 to 2048
[  897.065472][T19461] netlink: 892 bytes leftover after parsing attributes in process `syz.0.4700'.
[  897.097940][T19462] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  897.124930][T19317] veth0_vlan: entered promiscuous mode
[  897.131397][T19464] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  897.140756][T19462] syz.2.4699: attempt to access beyond end of device
[  897.140756][T19462] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  897.171106][T19317] veth1_vlan: entered promiscuous mode
[  897.314629][ T5092] Bluetooth: hci1: command tx timeout
[  897.354242][T19317] veth0_macvtap: entered promiscuous mode
[  897.491851][T19317] veth1_macvtap: entered promiscuous mode
[  897.933884][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  897.945038][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  897.956126][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  898.766871][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.780598][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  898.827879][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.838107][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  898.848627][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.860595][T19317] batman_adv: batadv0: Interface activated: batadv_slave_0
[  898.878331][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  898.893405][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.903574][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  898.915733][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.925743][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  898.936587][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.947177][T19317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  898.957767][T19317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  898.970065][T19317] batman_adv: batadv0: Interface activated: batadv_slave_1
[  898.987620][T19317] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  898.996394][T19317] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  899.005615][T19317] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  899.014694][T19317] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  899.175780][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  899.212368][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  899.249582][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  899.257793][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  899.333653][T19480] loop4: detected capacity change from 0 to 1024
[  899.422755][T19483] 9pnet_virtio: no channels available for device syz
[  899.522833][T19484] hfsplus: found bad thread record in catalog
[  899.643030][T19487] netlink: 'syz.0.4708': attribute type 10 has an invalid length.
[  899.676603][T19487] batman_adv: batadv0: Adding interface: team0
[  899.706197][T19487] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  899.743961][T19487] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  900.446971][T19495] ALSA: seq fatal error: cannot create timer (-22)
[  900.463707][T19495] ALSA: seq fatal error: cannot create timer (-22)
[  901.330869][T11951] hfsplus: b-tree write err: -5, ino 4
[  901.373167][   T29] audit: type=1804 audit(1719427530.410:359): pid=19507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4714" name="/root/syzkaller.ULBym7/3/bus" dev="sda1" ino=1990 res=1 errno=0
[  901.562563][T19511] loop0: detected capacity change from 0 to 2048
[  901.608165][T19511] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  901.634948][T19515] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  901.635295][T19511] syz.0.4715: attempt to access beyond end of device
[  901.635295][T19511] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  902.641250][T19531] netlink: 'syz.3.4722': attribute type 10 has an invalid length.
[  902.775267][T19531] batman_adv: batadv0: Adding interface: team0
[  902.783524][T19533] loop1: detected capacity change from 0 to 1764
[  902.795608][T19531] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  902.821279][T19531] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  902.867736][T19533] loop1: detected capacity change from 0 to 64
[  903.080532][T19538] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4724'.
[  905.604945][T19555] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4730'.
[  905.769581][T19560] Bluetooth: MGMT ver 1.23
[  905.807939][   T25] IPVS: starting estimator thread 0...
[  905.899047][T19564] IPVS: using max 19 ests per chain, 45600 per kthread
[  906.055358][T19574] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4738'.
[  906.074234][T19574] nbd: must specify at least one socket
[  906.440573][T19587] syzkaller1: entered promiscuous mode
[  906.473699][T19587] syzkaller1: entered allmulticast mode
[  906.498567][T19587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4741'.
[  907.466320][T19599] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4744'.
[  907.516458][T19595] loop3: detected capacity change from 0 to 8192
[  908.473860][T19632] loop2: detected capacity change from 0 to 1764
[  908.583941][T19632] loop2: detected capacity change from 0 to 64
[  908.639697][T19637] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4758'.
[  908.873205][T19641] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0)
[  909.512146][T19647] loop4: detected capacity change from 0 to 8192
[  909.644428][T19645] loop0: detected capacity change from 0 to 32768
[  909.681282][T19645] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4760 (19645)
[  909.722460][T19645] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  909.739930][T19645] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  909.768701][T19645] BTRFS info (device loop0): using free-space-tree
[  909.874799][T19645] BTRFS info (device loop0): rebuilding free space tree
[  909.991312][T19119] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  910.248597][T19683] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4770'.
[  910.494882][T19693] loop3: detected capacity change from 0 to 1764
[  910.565722][T19693] loop3: detected capacity change from 0 to 64
[  911.071192][T19707] loop0: detected capacity change from 0 to 2048
[  911.103420][T19707] udf: Unknown parameter 'ÿ'
[  911.196154][T19707] loop0: detected capacity change from 0 to 736
[  911.212767][T19709] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4782'.
[  911.249850][T19709] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4782'.
[  911.381335][T19712] netlink: 830 bytes leftover after parsing attributes in process `syz.0.4781'.
[  911.415792][T19712] fuse: Bad value for 'fd'
[  911.727883][T19717] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4785'.
[  912.312476][T19735] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4792'.
[  912.480320][T19740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  912.552401][T19740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  912.582605][T19737] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  912.598351][T19744] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4796'.
[  912.614095][T19744] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4796'.
[  912.630107][T19740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  913.033621][T19752] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4799'.
[  913.719638][T19768] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4807'.
[  913.765917][T19773] 9pnet_virtio: no channels available for device syz
[  913.786147][T19774] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4810'.
[  913.800017][T19774] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4810'.
[  914.191969][T19784] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4813'.
[  915.125532][T19797] veth1_macvtap: left promiscuous mode
[  915.132244][T19797] macsec0: entered promiscuous mode
[  915.137796][T19797] macsec0: entered allmulticast mode
[  915.464328][T19807] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4822'.
[  915.478634][T19807] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4822'.
[  915.998963][ T5092] Bluetooth: hci0: command tx timeout
[  916.063973][T19823] netlink: 'syz.2.4830': attribute type 10 has an invalid length.
[  917.356506][T19854] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  918.506071][T19893] UBIFS error (pid: 19893): cannot open "ubifs", error -22
[  918.592544][  T928] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  918.719289][T19902] fuse: Bad value for 'fd'
[  918.799741][  T928] usb 3-1: Using ep0 maxpacket: 8
[  918.811030][  T928] usb 3-1: config 0 has no interfaces?
[  918.816565][  T928] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  918.825756][  T928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  918.856652][  T928] usb 3-1: config 0 descriptor??
[  919.007228][T19908] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4863'.
[  919.091270][T19886] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4856'.
[  919.444980][  T928] usb 3-1: USB disconnect, device number 62
[  919.527167][T19916] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4867'.
[  919.979467][T19930] ax25_connect(): syz.0.4874 uses autobind, please contact jreuter@yaina.de
[  920.568833][T19946] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4880'.
[  921.850979][T19978] loop1: detected capacity change from 0 to 1024
[  921.884030][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.896453][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.905745][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.918376][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.941748][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.954292][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.964091][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  921.971772][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.007862][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.016233][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.031103][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.038480][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.053938][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.064236][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.076067][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.086979][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.102635][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.111835][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.121792][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.129365][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.137835][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.145967][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.154471][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.162206][T19978] hfsplus: request for non-existent node 33423360 in B*Tree
[  922.538053][T20001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4902'.
[  922.564065][T20001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4902'.
[  924.213271][T20027] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4910'.
[  924.633543][T20042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  924.709000][T20041] block nbd0: Device being setup by another task
[  924.717411][T20036] block nbd0: shutting down sockets
[  924.729191][T20042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  925.010526][T20042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  925.209129][T11905] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  926.281589][T11905] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  926.292618][T11905] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  926.302418][T11905] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  926.315745][T11905] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  926.328908][T11905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.339216][T11905] usb 3-1: config 0 descriptor??
[  926.554655][ T5095] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  926.770883][ T5095] usb 2-1: Using ep0 maxpacket: 16
[  926.777991][T11905] usbhid 3-1:0.0: can't add hid device: -71
[  926.785004][T11905] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  926.785619][ T5095] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  926.800245][T11905] usb 3-1: USB disconnect, device number 63
[  926.806819][ T5095] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  926.823559][ T5095] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  926.833494][ T5095] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.843046][ T5095] usb 2-1: config 0 descriptor??
[  926.944645][T20071] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4929'.
[  926.970369][   T29] audit: type=1326 audit(1719427556.010:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20066 comm="syz.3.4927" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effa6575ae9 code=0x0
[  927.287080][ T5095] microsoft 0003:045E:07DA.0034: No inputs registered, leaving
[  927.303130][ T5095] microsoft 0003:045E:07DA.0034: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  927.322071][ T5095] microsoft 0003:045E:07DA.0034: no inputs found
[  927.332926][ T5095] microsoft 0003:045E:07DA.0034: could not initialize ff, continuing anyway
[  927.419094][ T5509] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  927.609836][ T5509] usb 5-1: Using ep0 maxpacket: 8
[  927.622814][ T5509] usb 5-1: config 0 has no interfaces?
[  927.628390][ T5509] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  927.648783][ T5509] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  927.668516][ T5509] usb 5-1: config 0 descriptor??
[  927.881742][T20077] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4930'.
[  927.952073][ T5509] usb 2-1: USB disconnect, device number 56
[  928.034581][T20090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  928.103773][T20090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  928.117881][  T928] usb 5-1: USB disconnect, device number 52
[  928.172637][T20090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  928.887762][T20106] kernel profiling enabled (shift: 3)
[  929.065211][   T29] audit: type=1326 audit(1719427558.100:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20109 comm="syz.0.4945" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f533ef75ae9 code=0x0
[  929.386229][T20125] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4947'.
[  929.838880][    C1] ==================================================================
[  929.847077][    C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xd2/0x170
[  929.854271][    C1] Read of size 8 at addr ffffc90012737620 by task syz-executor/5662
[  929.862240][    C1] 
[  929.864576][    C1] CPU: 1 UID: 0 PID: 5662 Comm: syz-executor Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
[  929.874981][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  929.885030][    C1] Call Trace:
[  929.888394][    C1]  <IRQ>
[  929.891237][    C1]  dump_stack_lvl+0x241/0x360
[  929.895991][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  929.901182][    C1]  ? __pfx__printk+0x10/0x10
[  929.905759][    C1]  ? _printk+0xd5/0x120
[  929.909904][    C1]  print_report+0x169/0x550
[  929.914399][    C1]  ? __virt_addr_valid+0xbd/0x520
[  929.919420][    C1]  ? profile_pc+0xd2/0x170
[  929.923828][    C1]  kasan_report+0x143/0x180
[  929.928325][    C1]  ? profile_pc+0xd2/0x170
[  929.932734][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  929.938616][    C1]  profile_pc+0xd2/0x170
[  929.942851][    C1]  profile_tick+0xd7/0x150
[  929.947260][    C1]  tick_nohz_handler+0x386/0x500
[  929.952188][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  929.957635][    C1]  __hrtimer_run_queues+0x551/0xd50
[  929.962822][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  929.968803][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  929.974513][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  929.980608][    C1]  hrtimer_interrupt+0x396/0x990
[  929.985552][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  929.991617][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  929.997259][    C1]  </IRQ>
[  930.000186][    C1]  <TASK>
[  930.003107][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  930.009083][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  930.015574][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 94 61 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 10 ca f5 65 8b 05 b4 54 6b 74 85 c0 74 43 48 c7 04 24 0e 36
[  930.035168][    C1] RSP: 0018:ffffc90012737620 EFLAGS: 00000206
[  930.041222][    C1] RAX: 06d7cc8b09aced00 RBX: 1ffff920024e6ec8 RCX: ffffffff816fd2da
[  930.049182][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcac820 RDI: 0000000000000001
[  930.057143][    C1] RBP: ffffc900127376b0 R08: ffffffff92fe476f R09: 1ffffffff25fc8ed
[  930.065108][    C1] R10: dffffc0000000000 R11: fffffbfff25fc8ee R12: dffffc0000000000
[  930.073078][    C1] R13: 1ffff920024e6ec4 R14: ffffc90012737640 R15: 0000000000000246
[  930.081135][    C1]  ? mark_lock+0x9a/0x360
[  930.085461][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  930.091784][    C1]  debug_check_no_obj_freed+0x561/0x580
[  930.097329][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  930.103398][    C1]  ? page_ext_get+0x1d6/0x2a0
[  930.108095][    C1]  free_unref_page+0x38a/0xea0
[  930.112861][    C1]  __put_partials+0xeb/0x130
[  930.117440][    C1]  put_cpu_partial+0x17c/0x250
[  930.122194][    C1]  ? put_cpu_partial+0x70/0x250
[  930.127033][    C1]  __slab_free+0x2ea/0x3d0
[  930.131439][    C1]  ? __phys_addr+0xba/0x170
[  930.135935][    C1]  qlist_free_all+0x9e/0x140
[  930.140516][    C1]  kasan_quarantine_reduce+0x14f/0x170
[  930.145960][    C1]  __kasan_slab_alloc+0x23/0x80
[  930.150798][    C1]  ? jbd2__journal_start+0x14d/0x5d0
[  930.156072][    C1]  kmem_cache_alloc_noprof+0x135/0x2a0
[  930.161524][    C1]  jbd2__journal_start+0x14d/0x5d0
[  930.166628][    C1]  __ext4_journal_start_sb+0x239/0x600
[  930.172083][    C1]  __ext4_unlink+0x41b/0xb50
[  930.176672][    C1]  ? __pfx___ext4_unlink+0x10/0x10
[  930.181777][    C1]  ? __down_write_common+0x162/0x200
[  930.187058][    C1]  ? __pfx___down_write_common+0x10/0x10
[  930.192686][    C1]  ext4_unlink+0x1bf/0x5a0
[  930.197100][    C1]  vfs_unlink+0x365/0x650
[  930.201427][    C1]  do_unlinkat+0x4ae/0x830
[  930.205836][    C1]  ? __pfx_do_unlinkat+0x10/0x10
[  930.210762][    C1]  ? __check_object_size+0x49c/0x900
[  930.216044][    C1]  ? getname_flags+0x1e3/0x540
[  930.220801][    C1]  __x64_sys_unlink+0x47/0x50
[  930.225466][    C1]  do_syscall_64+0xf3/0x230
[  930.229956][    C1]  ? clear_bhb_loop+0x35/0x90
[  930.234622][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.240502][    C1] RIP: 0033:0x7ff841b75137
[  930.244908][    C1] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  930.264511][    C1] RSP: 002b:00007ffdae71c9c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[  930.272923][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff841b75137
[  930.280885][    C1] RDX: 00007ffdae71c9f0 RSI: 00007ffdae71ca80 RDI: 00007ffdae71ca80
[  930.288842][    C1] RBP: 00007ffdae71ca80 R08: 0000000000000000 R09: 0000000000000000
[  930.296829][    C1] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdae71db30
[  930.304792][    C1] R13: 00007ff841be364a R14: 00000000000e2f41 R15: 00007ffdae71db70
[  930.312783][    C1]  </TASK>
[  930.315789][    C1] 
[  930.318117][    C1] The buggy address belongs to stack of task syz-executor/5662
[  930.325641][    C1]  and is located at offset 0 in frame:
[  930.331170][    C1]  _raw_spin_unlock_irqrestore+0x0/0x140
[  930.336816][    C1] 
[  930.339127][    C1] This frame has 1 object:
[  930.343524][    C1]  [32, 40) 'flags.i.i.i.i'
[  930.343534][    C1] 
[  930.350318][    C1] The buggy address belongs to the virtual mapping at
[  930.350318][    C1]  [ffffc90012730000, ffffc90012739000) created by:
[  930.350318][    C1]  copy_process+0x5d1/0x3d90
[  930.367934][    C1] 
[  930.370249][    C1] The buggy address belongs to the physical page:
[  930.376658][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888064aa2c80 pfn:0x64aa2
[  930.386711][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  930.393819][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  930.402393][    C1] raw: ffff888064aa2c80 0000000000000000 00000001ffffffff 0000000000000000
[  930.410962][    C1] page dumped because: kasan: bad access detected
[  930.417366][    C1] page_owner tracks the page as allocated
[  930.423065][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 5640, tgid 5640 (syz-executor), ts 99311154364, free_ts 99272054623
[  930.441372][    C1]  post_alloc_hook+0x1f3/0x230
[  930.446129][    C1]  get_page_from_freelist+0x2ccb/0x2d80
[  930.451679][    C1]  __alloc_pages_noprof+0x256/0x6c0
[  930.456867][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[  930.462321][    C1]  __vmalloc_node_range_noprof+0x971/0x1460
[  930.468210][    C1]  dup_task_struct+0x444/0x8c0
[  930.472966][    C1]  copy_process+0x5d1/0x3d90
[  930.477548][    C1]  kernel_clone+0x226/0x8f0
[  930.482045][    C1]  __x64_sys_clone+0x258/0x2a0
[  930.486800][    C1]  do_syscall_64+0xf3/0x230
[  930.491314][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.497215][    C1] page last free pid 4757 tgid 4757 stack trace:
[  930.503528][    C1]  free_unref_page+0xd22/0xea0
[  930.508279][    C1]  __put_partials+0xeb/0x130
[  930.512854][    C1]  put_cpu_partial+0x17c/0x250
[  930.517611][    C1]  __slab_free+0x2ea/0x3d0
[  930.522021][    C1]  qlist_free_all+0x9e/0x140
[  930.526600][    C1]  kasan_quarantine_reduce+0x14f/0x170
[  930.532053][    C1]  __kasan_slab_alloc+0x23/0x80
[  930.536912][    C1]  kmem_cache_alloc_node_noprof+0x16b/0x320
[  930.542794][    C1]  __alloc_skb+0x1c3/0x440
[  930.547202][    C1]  alloc_skb_with_frags+0xc3/0x770
[  930.552384][    C1]  sock_alloc_send_pskb+0x91a/0xa60
[  930.557566][    C1]  unix_dgram_sendmsg+0x6d3/0x1f80
[  930.562688][    C1]  __sock_sendmsg+0x221/0x270
[  930.567358][    C1]  sock_write_iter+0x2dd/0x400
[  930.572113][    C1]  vfs_write+0xa72/0xc90
[  930.576341][    C1]  ksys_write+0x1a0/0x2c0
[  930.580659][    C1] 
[  930.582967][    C1] Memory state around the buggy address:
[  930.588577][    C1]  ffffc90012737500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  930.596624][    C1]  ffffc90012737580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  930.604677][    C1] >ffffc90012737600: 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00
[  930.612902][    C1]                                ^
[  930.617996][    C1]  ffffc90012737680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  930.626045][    C1]  ffffc90012737700: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00
[  930.634091][    C1] ==================================================================
[  930.642144][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  930.649320][    C1] CPU: 1 UID: 0 PID: 5662 Comm: syz-executor Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
[  930.659627][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  930.669668][    C1] Call Trace:
[  930.672935][    C1]  <IRQ>
[  930.675768][    C1]  dump_stack_lvl+0x241/0x360
[  930.680442][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  930.685638][    C1]  ? __pfx__printk+0x10/0x10
[  930.690241][    C1]  ? rcu_is_watching+0x15/0xb0
[  930.694999][    C1]  ? vscnprintf+0x5d/0x90
[  930.699328][    C1]  panic+0x349/0x870
[  930.703218][    C1]  ? __pfx_lock_release+0x10/0x10
[  930.708240][    C1]  ? check_panic_on_warn+0x21/0xb0
[  930.713347][    C1]  ? __pfx_panic+0x10/0x10
[  930.717757][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  930.722970][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  930.728859][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  930.735194][    C1]  check_panic_on_warn+0x86/0xb0
[  930.740130][    C1]  ? profile_pc+0xd2/0x170
[  930.744541][    C1]  end_report+0x77/0x160
[  930.748786][    C1]  kasan_report+0x154/0x180
[  930.753286][    C1]  ? profile_pc+0xd2/0x170
[  930.757696][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  930.763578][    C1]  profile_pc+0xd2/0x170
[  930.767811][    C1]  profile_tick+0xd7/0x150
[  930.772218][    C1]  tick_nohz_handler+0x386/0x500
[  930.777145][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  930.782595][    C1]  __hrtimer_run_queues+0x551/0xd50
[  930.787787][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  930.793767][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  930.799481][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  930.805577][    C1]  hrtimer_interrupt+0x396/0x990
[  930.810525][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  930.816499][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  930.822126][    C1]  </IRQ>
[  930.825050][    C1]  <TASK>
[  930.827998][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  930.833969][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  930.840462][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 94 61 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 10 ca f5 65 8b 05 b4 54 6b 74 85 c0 74 43 48 c7 04 24 0e 36
[  930.860062][    C1] RSP: 0018:ffffc90012737620 EFLAGS: 00000206
[  930.866121][    C1] RAX: 06d7cc8b09aced00 RBX: 1ffff920024e6ec8 RCX: ffffffff816fd2da
[  930.874081][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcac820 RDI: 0000000000000001
[  930.882039][    C1] RBP: ffffc900127376b0 R08: ffffffff92fe476f R09: 1ffffffff25fc8ed
[  930.890005][    C1] R10: dffffc0000000000 R11: fffffbfff25fc8ee R12: dffffc0000000000
[  930.897965][    C1] R13: 1ffff920024e6ec4 R14: ffffc90012737640 R15: 0000000000000246
[  930.905931][    C1]  ? mark_lock+0x9a/0x360
[  930.910258][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  930.916578][    C1]  debug_check_no_obj_freed+0x561/0x580
[  930.922121][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  930.928182][    C1]  ? page_ext_get+0x1d6/0x2a0
[  930.932861][    C1]  free_unref_page+0x38a/0xea0
[  930.937624][    C1]  __put_partials+0xeb/0x130
[  930.942205][    C1]  put_cpu_partial+0x17c/0x250
[  930.946981][    C1]  ? put_cpu_partial+0x70/0x250
[  930.951821][    C1]  __slab_free+0x2ea/0x3d0
[  930.956227][    C1]  ? __phys_addr+0xba/0x170
[  930.960729][    C1]  qlist_free_all+0x9e/0x140
[  930.965323][    C1]  kasan_quarantine_reduce+0x14f/0x170
[  930.970782][    C1]  __kasan_slab_alloc+0x23/0x80
[  930.975620][    C1]  ? jbd2__journal_start+0x14d/0x5d0
[  930.980916][    C1]  kmem_cache_alloc_noprof+0x135/0x2a0
[  930.986370][    C1]  jbd2__journal_start+0x14d/0x5d0
[  930.991478][    C1]  __ext4_journal_start_sb+0x239/0x600
[  930.996929][    C1]  __ext4_unlink+0x41b/0xb50
[  931.001514][    C1]  ? __pfx___ext4_unlink+0x10/0x10
[  931.006621][    C1]  ? __down_write_common+0x162/0x200
[  931.011895][    C1]  ? __pfx___down_write_common+0x10/0x10
[  931.017517][    C1]  ext4_unlink+0x1bf/0x5a0
[  931.021928][    C1]  vfs_unlink+0x365/0x650
[  931.026250][    C1]  do_unlinkat+0x4ae/0x830
[  931.030661][    C1]  ? __pfx_do_unlinkat+0x10/0x10
[  931.035609][    C1]  ? __check_object_size+0x49c/0x900
[  931.040892][    C1]  ? getname_flags+0x1e3/0x540
[  931.045649][    C1]  __x64_sys_unlink+0x47/0x50
[  931.050314][    C1]  do_syscall_64+0xf3/0x230
[  931.054805][    C1]  ? clear_bhb_loop+0x35/0x90
[  931.059471][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.065366][    C1] RIP: 0033:0x7ff841b75137
[  931.069771][    C1] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  931.089361][    C1] RSP: 002b:00007ffdae71c9c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[  931.097763][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff841b75137
[  931.105722][    C1] RDX: 00007ffdae71c9f0 RSI: 00007ffdae71ca80 RDI: 00007ffdae71ca80
[  931.113681][    C1] RBP: 00007ffdae71ca80 R08: 0000000000000000 R09: 0000000000000000
[  931.121638][    C1] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdae71db30
[  931.129596][    C1] R13: 00007ff841be364a R14: 00000000000e2f41 R15: 00007ffdae71db70
[  931.137561][    C1]  </TASK>
[  931.140887][    C1] Kernel Offset: disabled
[  931.145217][    C1] Rebooting in 86400 seconds..