last executing test programs:

22m50.894429438s ago: executing program 32 (id=158):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x3, 0x1, 0xe, 0x7, 0x100, 0x3}}}, 0x0)

20m53.176723722s ago: executing program 33 (id=437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r3, 0x40045431, &(0x7f0000000000))
r4 = ioctl$TIOCGPTPEER(r3, 0x5441, 0x9)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000140)={0x7, 0xfffb, 0x8, 0x3, 0x17, "a9b39ba517c50901"})
write(r4, &(0x7f0000000180)="a788b9a48d1de6603c475fe3cfa8a27d7c8425073f756d1cefddc08a6dd4c4c0a5323f8f93d65682bc4974397001a396624e1bd23560952dee5736311e3d06e60f168e59f8a3125595ff42643b55d9addf2ea3fa011611a8c539558baf2581e9a8b722f2108f58cb3d552779ea51ba9462992a9156243c50c162d06280d116e26d280aacfb494b66c66bb4df665381440690afc4854f4a19db6357a3e57802de79c221ae7c5171faa1", 0xa9)

18m2.823483822s ago: executing program 34 (id=926):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000030000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
sendmsg$unix(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0xfc, 0x10, 0x713, 0x0, 0x25dfdbfd, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1={0xfc, 0x1, '\x00', 0x3}, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x403500, 0x2, 0x0, 0x0, 0x50}, [@offload={0xc, 0x1c, {0x0, 0x3}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
read$FUSE(r6, &(0x7f0000001680)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000000b768a67c54aec45c441c41d14119ab9854397797a4f9d2f39e4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setgroups(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

16m59.89035351s ago: executing program 35 (id=1059):
r0 = socket$inet6(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/243, 0xf3}, 0xf338}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0xd}], 0x3fffe16, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)

16m57.796750133s ago: executing program 36 (id=1061):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000140)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_key={0x1, 0x9}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xff, 0x80000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e23, 0xff, @local, 0x1ff}}]}, 0x50}, 0x1, 0x7}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xd1e2, 0x47fffffff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
unshare(0x62040200)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r5, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
mount$9p_fd(0x0, 0x0, 0x0, 0x4000, &(0x7f0000000600)=ANY=[@ANYBLOB='tran'])
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r6, 0x28, 0x2, 0x0, &(0x7f0000000080))

15m44.164633278s ago: executing program 37 (id=1174):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00', 0x4}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlink(&(0x7f00000005c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='.\x02\x00')

15m29.577817706s ago: executing program 38 (id=1207):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
fcntl$lock(r3, 0x6, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
close(r4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000540)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000080)=""/249}, 0x24)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/netlink\x00')
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, 0x0})

15m26.110093703s ago: executing program 39 (id=1215):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
openat$rdma_cm(0xffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x2b, 0xa, 0x1)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x840, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f00000004c0)={0x6, 0x0, [{0x7, 0x7, 0x5, 0x6, 0x5, 0x9, 0x9}, {0x80000001, 0xb, 0x1, 0xbed0, 0xfe, 0xfff, 0x6}, {0x80000008, 0x33e1, 0x0, 0x110f0d5f, 0x81, 0x4, 0x80000001}, {0x80000000, 0x7f, 0x0, 0xb, 0x7, 0x7e, 0x9}, {0x80000019, 0x4, 0x3, 0x81, 0x8001, 0x4, 0xfffffff7}, {0x40000000, 0x8, 0x2, 0x9, 0x6, 0xa, 0x9}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14m40.475942565s ago: executing program 40 (id=1248):
socket(0x10, 0x3, 0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe68, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {0x2}, {0x8}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {0x0, 0x0, 0x0, 0xe54b}, {0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x70}, {}, {0xfffffffd, 0x0, 0x0, 0x0, 0xa92}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x40, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x2}, {0x5}, {}, {}, {}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mount$9p_virtio(0x0, 0x0, &(0x7f00000004c0), 0x8c, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

14m37.967521901s ago: executing program 41 (id=1250):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="f8000000160001000000000000000000fe8000000000000000000000000000aaff0100000000000000000000000000010000000000000000000000a000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8800000000000000000000000000010000000033"], 0xf8}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000340)='illinois', 0x8)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40)
unshare(0x6a040000)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

13m27.741109933s ago: executing program 42 (id=1256):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, 0x0)
r0 = fspick(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x800082, &(0x7f0000000680)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030333737372c616c6c6f775f7574696d653d30303030303030332c000000000083ec4c0d6e84de0249d09f31ef580c3d00000000"], 0x1, 0x1b1, &(0x7f0000000240)="$eJzs3cFqE0EYB/Bv23UbxEPP4mHBi6egPkFUWiguCMoe9KRQvbQi2MvqqW/hG/gqvo7k1FskTmhoWcEetrvJ/n6XfOx/wnwzgcwpk/cPPp8cfzn79PPXj5hMsshnMYuLLPZjJ3YjOY8rstanAMDGuFgs4vci+Y/hz2+hJQCgYzc8/wGALeD8B4Dxcf4DwPi8efvu5bOqOnhdlpOI+XlTN3V6TfnhUXXwuPxrf/2uedPUu5f5k5SXV/M7cXeVP23Ni3j0MOXL7MWrKuV5GtHUe3Hc1vAs62AXAAAAAAAAAAAAAAAAAAAAAADgdk3LS633+0ynxT/yVB0eFatn1+/3yeN+3jJh0ckyAAAAAAAAAAAAAAAAAAAAYKOdfft+8uH09OPX4RbzYbQxtOJe55/g3mqGvle67cVynwfQxrWixy8lAAAAAAAAAAAAAAAAAAAYqfWPfvvuBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6s/7//+6K5Tw7fS8UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBR+xMAAP//+cFD/w==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xb, 0x0, &(0x7f00000010c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1d, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1200, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r4, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
pwrite64(r0, &(0x7f00000001c0)="59d4f5b67939f2cfef2f7392226fcb222a66ec88fe3025bc7911d2cdd8f5a46e324a967915d4155f29cd41a69ba7f439f5faf09c7da753b45dca8688bbb0a8c97e0bb1552355e0456cda504985a460d1cfcea597562826c5e9ca6f81b77fa5417511df87536c85777c067ec0f188304495b3593eef8b5b5b83db0704f70d8f", 0x7f, 0x3)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x6, 0x6, 0x9, 0x0, 0x8, 0x6})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b23090987f70e06d038e7ff7fc6e5539b3264078b089b0c083848090890e0878f0e1ac6e7049b334a959b4b9a240a5b67f3988f7ef3195a0100ffe8d178708c523c921b1b5b31310d075d1836cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe2c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f88915dfa6056080572286522449df466c63d36770243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1008892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928900d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b03000000cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c113d12a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4fa4334eccc8253d7cdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571ebff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc018c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4804afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae04db18e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa34046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d789364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c220300002107b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000000000ebffffffffffffff00", 0x8be}}, 0x1006)
mmap(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=ANY=[], 0x50)
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000ffa000/0x3000)=nil)

13m1.108505383s ago: executing program 6 (id=1300):
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000400)=""/85)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000000)=0x6, 0x4)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000040)={'\x00', 0x6, 0x9, 0x1, 0x7, 0x5, 0xffffffffffffffff})
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
socket$packet(0x11, 0x2, 0x300)
r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
read$FUSE(r2, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0xc, 0x7, 0x0, 0x40000005, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x10)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000080)={0x1, "7bc7b0eb07939da1ee8efc70c96ced7db5515f1f455fd01ec5750310cb20fa5e"})
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x1c, "c7cdce5bc122b4641ce0379268a106ca29740a15f4de5a1fd35b77d2"}, &(0x7f0000000080)=0x40)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x30, 0xf2]}}, 0x0, 0x1c, 0x0, 0x1, 0x4}, 0x28)

12m56.148973427s ago: executing program 6 (id=1302):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000580)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{0x0, 0x11}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000bc0)}], 0x1}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f00)="e8", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000001140)}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x7, 0x400c404)

12m54.960497201s ago: executing program 6 (id=1305):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/85})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000ac0)={0x2, 0x0, [{0x1, 0xffb, &(0x7f0000001d80)=""/4091}, {0x0, 0x83, &(0x7f0000000a00)=""/131}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

12m53.346438881s ago: executing program 6 (id=1307):
r0 = io_uring_setup(0x5e4b, &(0x7f0000000200)={0x0, 0xdba3, 0x3, 0x0, 0x315})
io_uring_register$IORING_REGISTER_CLOCK(r0, 0x1d, &(0x7f0000000000)={0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000880)={"84ca18eaa852b1a3bb3e80fe4eee1e4efbe55b52637d7e57c6f18b1d38286e1e4f37d997fe32fe60b40690718c3efe462c935f0d40f1aeeffa2cf8101f28571b6dfc5560095636dd10ace18ee9c6b5b854d8d974d1c26b1a3b9900a365d717934bb0a489f0cebb1597f4e2bb5cfd0c5629f0a6a86e104c0b6c74dd41f07312910c778d23ee7e0c3a8c94ed8226925f0f05f288604684d76c58a0c09601ce1f11a06333743f6997026ef3edbcb9f3adc11f921bc91f7f9e8715fb886e1ff8544885de0da0b5fcd763e5539dd92ae1a27b5cda25329f8577cec548db45330209382208cd9e77998ccd3eb075cdf236c2166b13b7caf92272da52deb450f8544e3a4b95f3dead6c76ccd8943dff073a601d53b43d9394a9552ab9f78023b2b6b3db61d3d8ed662359066df8f0d398307ba15450c47bb2b97fd48f8e4a59c997b7d15d790978d3352ec552310bd219e72f997b04cc0d8c7afb392a36cc9b17fb5ab09647fc59984c2ee3a882d102cfe3bf29aeab03813d822cb9b1997876e0e603a099aed4dad75b83669b90dd808302b7c0bf5f88d020aa3d9beba2374670572ad0de5e4c78067e74f96a2baa3ec401520e7e4c2ff4cdb809b16d376fa622ebee5db6b8670ed68706e179b58de0aaaa3e43fb5d2a45582196aaf3aa232151aafbf7265d7c339a4f3b9d3f942aae8a4397db047abad9dfa7cd220a105e6d8faf25ff9312228b287db69b0f4f50b092f80e4336a2e327ba613f221e1fc859305b1b0b04c450952852653e200e6bd0293a1e1921b1292fa09dfba00cae70a01b590189f6a391fd4445abeea55e9c54d9f975227021d08b1861b8279edf51612e238cb36494ef745f3e1eb778ab341a8a36495695f29a60d717a4f5d534a00a2a3d020e61884201b33ce2e1c0420a05b5de2d3034f8bc14cc864b7d9394a1fda8db1e24bd14bf912656874e47cd30210c25107ea9b8d21d3b7198b0936acf0f15db949dbf22d51fc289cda1a550f3cba42e42184e5d61d61f2293735557f67d54bc3b4aba898119c3645c233ee02c4ab4b1b900e9aebdc2b772bb933d002a2b7ca954373e37eefa4377a93b16f8cd17613d714592afdc410ac705cb9798be70a8e64193214342992392c42475bbf9f33ad2d678e62af6f01b9f202a86fc549ed233724021ef50a0c82c6b3a51817c63d6dd706d9dae6e8b1fb61ffdcd59af94a92733c1b763007ef78e2d90bbdcde589b8f40e067a127841eb469d8aff8cee7d03d11ab2a6ddf0184301e11eec507393aa6df565e2503f5bb3210726f0b9bd49c6caf8ba93e709049fb4c9eaf9f66bae4d8749a2989214c0c2290b2841368481d67d5a6c6a6126b696a554132656c9ef3d4054349c2a312a1ef427f3b1ec6d3b2a8cfdbc722373932a2892f0333d879800b7cfaa94259a2c301ff48c575279da1de8198"})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3, 0x1, 0x2, 0x8, 0x1ff, 0x1}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r3, 0x0, 0x0, 0x800, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000180)=@default_ibss_ssid, 0x6, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0xa731, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x19, 0x1, r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x6}})
io_uring_enter(r5, 0x6e2, 0x620, 0x1, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x141802, 0x0)

12m47.755235008s ago: executing program 6 (id=1310):
socket$nl_route(0x10, 0x3, 0x0)
setfsgid(0xee00)
r0 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
syz_open_procfs(r0, &(0x7f0000000040)='fd/3\x00')

12m40.736903997s ago: executing program 6 (id=1312):
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r0 = openat$autofs(0xffffff9c, &(0x7f0000000000), 0xc3c9d8d54c8a4ee6, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r1, {0x258}}, './file0\x00'})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpgid(0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, 0xffffffffffffffff, 0x800000000000)
sched_setattr(r5, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r6 = openat$kvm(0x0, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x301000, 0x8})
syz_emit_ethernet(0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, r2, 0x0)
sched_rr_get_interval(r5, &(0x7f0000000100))
r8 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, &(0x7f0000000000)={0xffff1000, 0x13800, 0x8})
unshare(0x6a040000)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x0)

12m34.332720347s ago: executing program 43 (id=1304):
r0 = socket$inet(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x20000050)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
r3 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r5, 0xc0884123, &(0x7f0000000300)={0x5, "244689261a3365eb47c14247a532ccbd3bf3b29282987c7cc12acb8ae6d2fbd3428a0df873e1d58af8bf70c05fc6c43edcdaa8e7db0700", {0x2, 0x2}})
socket$l2tp(0x2, 0x2, 0x73)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect$cdc_ncm(0x6, 0x76, 0x0, 0x0)

12m33.958555312s ago: executing program 44 (id=1306):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040), 0x10)
listen(r3, 0x0)
r4 = socket(0x28, 0x5, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x2, 0x3, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x24080040}, 0x20008090)

12m24.657976712s ago: executing program 45 (id=1312):
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r0 = openat$autofs(0xffffff9c, &(0x7f0000000000), 0xc3c9d8d54c8a4ee6, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r1, {0x258}}, './file0\x00'})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpgid(0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, 0xffffffffffffffff, 0x800000000000)
sched_setattr(r5, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r6 = openat$kvm(0x0, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x301000, 0x8})
syz_emit_ethernet(0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, r2, 0x0)
sched_rr_get_interval(r5, &(0x7f0000000100))
r8 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, &(0x7f0000000000)={0xffff1000, 0x13800, 0x8})
unshare(0x6a040000)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x0)

8m27.060218905s ago: executing program 1 (id=1674):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000c80)={[{@errors_remount}, {@mblk_io_submit}, {@barrier}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x6011, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

8m25.248739602s ago: executing program 1 (id=1676):
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000002400010026bd700001dbdf251cf9ffff060003"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0)

8m23.880049557s ago: executing program 1 (id=1680):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x78, r1, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x1, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x20000014)

8m23.066833562s ago: executing program 1 (id=1682):
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r3=>0x0], &(0x7f0000000040), 0x2, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x201, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000400)=[0x3], &(0x7f0000000c40)=[r3], &(0x7f0000000340), 0x0, 0x1c})

8m22.207342871s ago: executing program 1 (id=1685):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0)

8m21.374981057s ago: executing program 1 (id=1687):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
madvise(&(0x7f0000569000/0x1000)=nil, 0x1000, 0x15)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x801800, &(0x7f0000000080)={[{@errors_continue}], [{@hash}]}, 0x0, 0x616, &(0x7f0000000b40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIV6EqyEExJunSgtBCiW0RosklgQvJsaLBxNPHsT/Qkm8evDqwYsnQ0KM4SCGyJrZnSnb7W5/bLu7pf18kqXPM8M+zzOlX74zT5+ZDWDXGsn+SCP2R8T1JGKoal935DtHKn/v4Z+3LmSvJEql838kceuTZLG6rST/Opi/+Z+hSH5OI/Z1rex3buHmlcmZmekbeX1s/ur1sbmFm4cvX528NH1p+trE6xMnjh87fmL8yKaOL6kqn77z/odDn51599uvHyfj3/16JomT8SQfW3Zcte/t21TP2fdsJEoVj6q3Z9/XE5tse7v4a6j4OXkqqd3AtpXmP489EfF8DEVX1b/mUHx6rqODA1qqlESRo0pZKiwBu0jSVMz3b/1AgDYrzgOKa/t618ErpS0+KwHa4cGpygRAJfZ7IqKI/+7K3GD0l+cGBh4my+Z5kojY3MxcRdbHTz+euZO9osE8HNAai7eLWe7a/J+UY3M4+su1gYfpsvhPq17Z9reb7H+kpr4i/t9qsmFgTYu3I+KFPP/3xobif6Qq/t9rsv814x8AAAAAAABYt3unIuK1euv/0qX1P7111v8MRsTJLeh/7d//pffzQrIF3QFVHpwqh3fd+M8Nd+W1/5bXA/QkFy/PTB+JiP9FxKHo6cvq4zXtVq8QPvz5vq8a9V+9/i97Zf0XawHzlu5319yIOzU5P7nJwway+L8d8WJ5/e+BfMvy9T9Z/k/q5P8svq+vs499r9w922jf2vEPtErpm4iDdfP/09PtZPXnc4yVzwfGirOClV76+IvvG/Uv/qFzsvw/sHr89yXVz+uZ21j72cXF0YXuUqP9zZ7/9ybvdBXtZz6anJ+/MR7Rm5xeuX1iY2OGnaqIhyJesvg/9PLq839L5/9VcbgnIhbX2edzTwZ/a7RP/ofOyeJ/avX8P7w8/2+8MHF3+IdG/Z9dV/4/Vs7ph/It5v+g2srncaw3QDsyXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4xqUR8Z9I0tGlcpqOjkYMRsT/YyCdmZ2bf/Xi7AfXprJ95c//T4tP+h2q1JPi8/+Hq+oTNfWjEbE3Ir7s2lOuj16YnZnq9MEDAAAAAAAAAAAAAAAAAADANjFYvue/1Fd7/3/m965Ojw5oue78q3iH3ae76XeW+hrv62+6VaB9mo9/4Fm3/vjvaek4gPZrHP+PHpfK2jocoI2c/8Pu1WT8d0XEufNbPRigreR/2K3WOafn13mwI8n/AAAAAACwo+w9cO+XJCIW39hTfmV6830W+8POlnZ6AEDHeOQH7F7ds3mht8MDAdrONT6QLJX+rnuzf+PV/0lrBgQAAAAAAAAAAAAArHBwv/v/Ybda/f5/a/thJ1vl/v96we9xAbCDNP7oD7kfdjrX+MBa2d79/wAAAAAAAAAAAACwDfTfvDI5MzN9Y25h6wvT0aqWK4U3W9ZyCwuLk9tiGFtXKJaGb33LPRGxDQ6wA4XiERwdHEYH/08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW+TcAAP//jWofjQ==")
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

8m5.283195282s ago: executing program 46 (id=1687):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
madvise(&(0x7f0000569000/0x1000)=nil, 0x1000, 0x15)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x801800, &(0x7f0000000080)={[{@errors_continue}], [{@hash}]}, 0x0, 0x616, &(0x7f0000000b40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIV6EqyEExJunSgtBCiW0RosklgQvJsaLBxNPHsT/Qkm8evDqwYsnQ0KM4SCGyJrZnSnb7W5/bLu7pf18kqXPM8M+zzOlX74zT5+ZDWDXGsn+SCP2R8T1JGKoal935DtHKn/v4Z+3LmSvJEql838kceuTZLG6rST/Opi/+Z+hSH5OI/Z1rex3buHmlcmZmekbeX1s/ur1sbmFm4cvX528NH1p+trE6xMnjh87fmL8yKaOL6kqn77z/odDn51599uvHyfj3/16JomT8SQfW3Zcte/t21TP2fdsJEoVj6q3Z9/XE5tse7v4a6j4OXkqqd3AtpXmP489EfF8DEVX1b/mUHx6rqODA1qqlESRo0pZKiwBu0jSVMz3b/1AgDYrzgOKa/t618ErpS0+KwHa4cGpygRAJfZ7IqKI/+7K3GD0l+cGBh4my+Z5kojY3MxcRdbHTz+euZO9osE8HNAai7eLWe7a/J+UY3M4+su1gYfpsvhPq17Z9reb7H+kpr4i/t9qsmFgTYu3I+KFPP/3xobif6Qq/t9rsv814x8AAAAAAABYt3unIuK1euv/0qX1P7111v8MRsTJLeh/7d//pffzQrIF3QFVHpwqh3fd+M8Nd+W1/5bXA/QkFy/PTB+JiP9FxKHo6cvq4zXtVq8QPvz5vq8a9V+9/i97Zf0XawHzlu5319yIOzU5P7nJwway+L8d8WJ5/e+BfMvy9T9Z/k/q5P8svq+vs499r9w922jf2vEPtErpm4iDdfP/09PtZPXnc4yVzwfGirOClV76+IvvG/Uv/qFzsvw/sHr89yXVz+uZ21j72cXF0YXuUqP9zZ7/9ybvdBXtZz6anJ+/MR7Rm5xeuX1iY2OGnaqIhyJesvg/9PLq839L5/9VcbgnIhbX2edzTwZ/a7RP/ofOyeJ/avX8P7w8/2+8MHF3+IdG/Z9dV/4/Vs7ph/It5v+g2srncaw3QDsyXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4xqUR8Z9I0tGlcpqOjkYMRsT/YyCdmZ2bf/Xi7AfXprJ95c//T4tP+h2q1JPi8/+Hq+oTNfWjEbE3Ir7s2lOuj16YnZnq9MEDAAAAAAAAAAAAAAAAAADANjFYvue/1Fd7/3/m965Ojw5oue78q3iH3ae76XeW+hrv62+6VaB9mo9/4Fm3/vjvaek4gPZrHP+PHpfK2jocoI2c/8Pu1WT8d0XEufNbPRigreR/2K3WOafn13mwI8n/AAAAAACwo+w9cO+XJCIW39hTfmV6830W+8POlnZ6AEDHeOQH7F7ds3mht8MDAdrONT6QLJX+rnuzf+PV/0lrBgQAAAAAAAAAAAAArHBwv/v/Ybda/f5/a/thJ1vl/v96we9xAbCDNP7oD7kfdjrX+MBa2d79/wAAAAAAAAAAAACwDfTfvDI5MzN9Y25h6wvT0aqWK4U3W9ZyCwuLk9tiGFtXKJaGb33LPRGxDQ6wA4XiERwdHEYH/08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW+TcAAP//jWofjQ==")
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

7m50.204178572s ago: executing program 9 (id=1740):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x62], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x820011, &(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYBLOB="e28c5ccc705598f028d8913f80b54a2bf265befc3e863f871556294cf4300c9f3c5347eb80dd5206e650037880973ba7bdebc1aaa7ff8b4651241c5453cca89c4821b49e192c1f4ed97f73af29dd0e0abea911e0"], 0x41, 0x207, &(0x7f0000000500)="$eJzs3c1uElEUAOAzlPJjXHTnymSMC1016hPUmJoYSUxqWOiuiV2VFWyATfsYvoLv5QOYrtiYa+gwBVuKSAS0ft9mDpx7Zu7lhoENhxSFrw8+R6ORReUgDmKUxV5UonQeAMBdMkopvqXC71dX1zElAGDNlvj8/77hKQEAa/b+w8e3L1utw6M8b0RcnPfb/XZxLPKv37QOn+WX9qZVF/1+e+cq/zy//t1hnN+Ne5P8i6I+v0rXIqJdi6ePi/w49+pdK/+5vh6f1rx2AAAAAAAAAAAAAAAAAAAAAADYloeRl+b299nfv55vTvLFo5n+QNP+PVlkl8eyPfC0PVA628CaAAAAAAAAAAAAAAAAAAAA4F/TGwxPjzudk+40qEfE7DPVOWNuD7LJiZcavP2gEquVNyfLXOGi2eQlWu8Cm/M3d5kgqn/L7qwa5H/qhPVym2+mmpEtKE9pHMx/F5RtMW4tr0XE4ok9OVp1XaOUUufLo25vEGnh4Ok9or6xuxEAAAAAAAAAAAAAAAAAAPzfZn71fUNjZxszAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDN6w2G5b/8D0+PO52Tbm+wdHAWEffjl4PLa+1GY3sLBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E77EQAA///ZmRpX")
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

7m48.464037723s ago: executing program 9 (id=1744):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r5)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

7m45.298301601s ago: executing program 9 (id=1750):
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r0 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/85})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000ac0)={0x2, 0x0, [{0x1, 0xffb, &(0x7f0000001d80)=""/4091}, {0x0, 0x83, &(0x7f0000000a00)=""/131}]})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})

7m43.779583364s ago: executing program 9 (id=1752):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000640)={[{@lazytime}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@barrier_val}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@dioread_lock}, {@data_err_ignore}, {@noinit_itable}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x9b, 0x4fc, &(0x7f0000000140)="$eJzs3U1rHOcdAPD/jLR+lSuZ9uAa6praRXJb70pWbYse3BdKezK0dS+91FallRBaaYV2ZVvCtDL9AIVS2kKh0FMvgXyAQPBHCAFDcg9JSAiJnRx8SLxh32Rb3pVkvNIa7e8Ho3meZ2b0f/677Ow+M8NMAD3rdESciYjHlUrlXEQMNtrTxvSDamW9vt7DB3emqlMSlcq1T5OIpN5WXWXkqf95tL5JHIqI3/064k/J83FLq2vzk4VCfrlRz5UXlnKl1bXzcwuTs/nZ/OL4+NilicsTFydGO5LnQERc+eWH//zb/3915c0f3Xrv+scjf04a7RFP8ui0euqZ2mvR1B8Ry7sRrAv6Gvlkmg0t3msAAF4dzd/534uIczEYfbVfcwAAAMB+UvnpQHzZF1EBAAAA9q20dg1skmYb1wEMRJpms/VreL8VR9JCsVT+4UxxZXG6fq3sUGTSmblCfrRxrfBQZJJqfaxWflK/sKk+HhHHI+Ifg4dr9exUsTDd7YMfAAAA0COObhr/fzFYH/8DAAAA+8xQtzsAAAAA7DrjfwAAANj/jP8BAABgX/vN1avVqdJ8/vX0zdWV+eLN89P50nx2YWUqO1VcXsrOFouztXv2LbT5NxsPDSwUi0s/jsWV27lyvlTOlVbXri8UVxbL1+eeeQQ2AAAAsIeOf/feu0lErP/kcG2qOtDtTgF7ov9FVv5g9/oB7L2+bncA6JoX+v4H9pVMtzsAdF0SEf/dYnnbi3fe2p3+AAAAnTf87dbn/9Ntjw2sp3vURWCXOP4Hvcv5f+hdzv9D78pEXxjIQ29Ltln+8uf/K5UX6hAAANBxA7UpSbONc/4DkabZbMSx2mMBMsnMXCE/GhHfiIh3BjMHq/Wx2pbJtmMGAAAAAAAAAAAAAAAAAAAAAAAAAKCuUkmiAgAAAOxrEelHSeP5X8ODZwc2Hx84kDwarM0j4tZ/rv3r9mS5vDxWbf9so73870b7hW4cwQAAAAA2a47Tm+N4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOikhw/uTDWnvYz7yc8jYqhV/P44VJsfikxEHPk8if6ntksioq8D8dfvRsQv/tgiflLtVgw1etEq/uFOxT/RKv+t46cRcbQD8aGX3avuf37W6vOXxunafPPn7+DGtv0diN9+/5du7P/62ux/ju0wxsn7r+faxr8bcbK/9f6nGT9pE//MDuPf+P3aWrtllf9FDLf8/kmeiZUrLyzlSqtr5+cWJmfzs/nF8fGxSxOXJy5OjOZm5gr5xt+WMf7+nTceb5X/kTbxh7bJ/+wO8//q/u0H36wXM63ij5xp/f6faBM/bXz3fb9Rri4fbpbX6+WnnXrt7VNb5T/dJv/t3v+RHeZ/7rd/fX+HqwIAe6C0ujY/WSjkl3u68FKvRvVn0SuRhcJ2hUpj8NZs+cumdZKI9Vekq10vND8Tj7qzYwIAADru+THwTtzYvQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98T+w5Z312tar8+euxcyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA3fR0AAP//HxDPXg==")
mmap$KVM_VCPU(&(0x7f0000cff000/0x3000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
chroot(&(0x7f0000000a40)='./file0\x00')
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
umount2(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00', 0x0)

7m41.348063437s ago: executing program 9 (id=1758):
capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0xfffffffc, 0x0, 0x10000})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000fcffffff000000008000000085000000a800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200050085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)

7m39.529993245s ago: executing program 9 (id=1762):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000200)='./file0\x00')
chmod(&(0x7f0000000100)='./file0\x00', 0xed)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000000000"], 0x80}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

7m23.892379938s ago: executing program 47 (id=1762):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000200)='./file0\x00')
chmod(&(0x7f0000000100)='./file0\x00', 0xed)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000000000"], 0x80}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

6m22.773642947s ago: executing program 4 (id=1911):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00010027bd7000fcdbdf2502000000", @ANYRES32, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20040100}, 0x800)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0xe8, 0x10c, 0x0, {}, [@common=@unspec=@helper={{0x44}}]}, @common=@unspec=@NFQUEUE0={0x24}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x254, 0x284, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x4b4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x2000, 0xeeee0000, 0xf, 0x6f, 0xfb, 0xe4, 0x40, 0x7, 0x0, 0x2e, 0xc}, {0x5000, 0x40000, 0xa, 0x0, 0x40, 0x5, 0x7, 0x7f, 0x5, 0x3, 0x3, 0xf9}, {0xdddd1000, 0xdddd0000, 0xe, 0x5, 0x6, 0x9, 0x0, 0x88, 0x1, 0xa7, 0x2}, {0x6000, 0xe000, 0xc, 0x7, 0x4, 0x41, 0x0, 0xff, 0x8, 0xe, 0xe, 0x8}, {0x2000, 0x6000, 0x9, 0x3, 0x4, 0x1, 0xab, 0x7f, 0x7, 0x8d, 0xf7, 0x83}, {0x8000000, 0x80a0000, 0xb, 0xa0, 0xb1, 0x8, 0x8, 0xa0, 0x84, 0xf, 0x1, 0xfd}, {0xa000, 0xffffffff, 0x10, 0x5, 0x7, 0x5, 0x7, 0x3, 0x7, 0x81, 0x2, 0x45}, {0x100000, 0xa000, 0xe, 0x5, 0xf, 0x7, 0x1, 0x34, 0x2, 0xc, 0x7, 0x46}, {0xeeef0000, 0x30}, {0x4, 0x9}, 0x80000031, 0x0, 0xf000, 0x12025, 0x5, 0x10800, 0x8000c00, [0x6800000000000000, 0x4, 0x7, 0x3]})
r1 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x44004)
syz_clone3(&(0x7f0000000b40)={0x8000, &(0x7f0000000980), &(0x7f00000009c0)=<r2=>0x0, &(0x7f0000000a00), {0x36}, &(0x7f0000000a40)=""/45, 0x2d, 0x0, &(0x7f0000000b00)}, 0x58)
sched_setscheduler(r2, 0x5, &(0x7f0000000bc0)=0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
unshare(0x4040600)
r3 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000002980)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtaction={0x94, 0x13, 0x53b, 0x0, 0x25dfdbfc, {}, [{0x80, 0x1, [@m_sample={0x50, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x3350, 0x5, 0x9, 0x8}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_ife={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48001}, 0x20054)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xb5fafc1c46b81936, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0xfffc, 0x4, 0xf, 0xa2}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@journal_checksum}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4ef, &(0x7f0000000e00)="$eJzs3Mtv3NQaAPDPTvPoM2lvde/t494GCiKikDRpgS5YAAKpGxASLMoypKEKTVvUBIlWFU0RKkvgLwCWSEis2LACCSFgA4gt7BFShLppYYGCPLaTmWReSduEdn4/yck59rF9vmMfjz1nZgLoWIPZnyRiW0T8HBH9eba2wGD+78a1SxN/XLs0kcTCwgu/J5Vy169dmiiLluttLTJDaUT6dhL76ux35sLF0+PT05Pni/zI7JnXRmYuXHx46sz4qclTk2fHjh07emT0sUfHHmlY96ntS+nLLeLM4rq+981z+/ccf+n9ZycW4uVvP8nqu61YXh1HbqDFFlsbjMFYKCzN7an8vf+mt/7Pkh2K3iKdbNrgytC2rojIDld3pf/3R1csHbz+eOatxcxXG1RB4LbJXpt2rpjbVfxPF1+/gLtRoo9Dhypf8bPn33Jaz/uPjTb/ZPZ3shL/jWL6/rm8bdLsWXYgf2LvarD+v+vM61tKLvS32P+2iDgx9+cH2RR134doImm7JADAoi+y+5+H6t3/pTX3NjuKMZSBiDgUEbsi4l8RsTvSxTL/iYj/rnL/g8vyK+9/fty8yk2uSnb/93gxtlVO+ZIyrmQxt70Sf3fyytT05OGiTYaiuzfLjzbZx5dP//Ruo2WDVfd/2ZTtv7wXLOrx26be2nVOjs+O30TINeavRBKb6sWfLI4EZC2wJyL2rmH7WZtNPfjx/iy9Y+vK5a3jb+IWjDMtfBTxQH7852JZ/KUk31Oj8cmRvpiePDxSnhUrfffD1eer891V6Zr4+9qLqW+twdYxfyViS93zv4i/7AbleO3M6vdx9Zd3Gj7TrDz+SZyYqy5RnP+bl5otO/97khcr6Z5i3hvjs7PnRyN6ihk188eWtlbmy/JZ/EMHa+PPn4vT7Br314fFevsiIjuJ/xcR/4+IA0Xd74mIeyPiYJP4v3nqvlebt9Aaz/9bYD6NONns+EcMJNXj9XUT2UnbYNHp8emu019/3mj/7V3/jlZSQ8Wc6utfT4PtNqrp8sTNth8AAADcCdLKGHSSDld9fru0O7ak0+dmZg8NxutnT+Zj1QPRnZbvdPVXvR86Wrw3XObHluWPRMTOyieNNlfywxPnprdvUMxAbmtV/8+vBWk6PJwv+7XRh16Au8eqxtGqP3T26We3vjLAuvJ9Tehc+j90Lv0fOpf+D52rXv+/HHFjA6oCrDOv/9C59H/oXPo/dC79HzrSyq/EFz+3kl0T2vj+fKPEruNrWWv9Egv9a189Gi+aW/0Gu9orXP76Rdtbbq9wEtEknGaJSJuX6Wm/qrc1cf29vOFqFqUtV3+iVbN0t/hNjNpEX53WOFAkeiOi3e1cXrdWLa8QiV+ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7mh/BwAA///ozN7E")
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000640)=[{{0x1, 0x0, 0x1}, {0x3, 0x0, 0x1}}, {{0x1, 0x1, 0x0, 0x1}, {0x2}}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x1}}, {{0x2, 0x1, 0x1}, {0x0, 0x1, 0x1}}], 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x3)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x8008551d, &(0x7f0000000200)=ANY=[@ANYBLOB="5c0109820f0418030d8082"])
ioctl$UFFDIO_MOVE(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000c00)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000b69000/0x3000)=nil, 0x1000, 0x1})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000690003050000000000000000000000000000000008000100020000005145cffb15c1f6ba11ce317d7b30d8a3090b4e9c0afdeceabe2bbc0800000041ed90e90bc78be3db24b3fa8af9913442b94b4a88162bc691802446ecf19f3a20"], 0x20}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)

6m18.051289865s ago: executing program 4 (id=1917):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e65740000000005000500020000000500010006"], 0x4c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x1000000, 0x0, 0xd24f4d577c621506}, 0x44)

6m16.95086291s ago: executing program 4 (id=1921):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000440)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@local, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f00000000c0)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

6m16.195502161s ago: executing program 4 (id=1924):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

6m14.553895839s ago: executing program 4 (id=1927):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00010027bd7000fcdbdf2502000000", @ANYRES32, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20040100}, 0x800)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0xe8, 0x10c, 0x0, {}, [@common=@unspec=@helper={{0x44}}]}, @common=@unspec=@NFQUEUE0={0x24}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x254, 0x284, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x4b4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x2000, 0xeeee0000, 0xf, 0x6f, 0xfb, 0xe4, 0x40, 0x7, 0x0, 0x2e, 0xc}, {0x5000, 0x40000, 0xa, 0x0, 0x40, 0x5, 0x7, 0x7f, 0x5, 0x3, 0x3, 0xf9}, {0xdddd1000, 0xdddd0000, 0xe, 0x5, 0x6, 0x9, 0x0, 0x88, 0x1, 0xa7, 0x2}, {0x6000, 0xe000, 0xc, 0x7, 0x4, 0x41, 0x0, 0xff, 0x8, 0xe, 0xe, 0x8}, {0x2000, 0x6000, 0x9, 0x3, 0x4, 0x1, 0xab, 0x7f, 0x7, 0x8d, 0xf7, 0x83}, {0x8000000, 0x80a0000, 0xb, 0xa0, 0xb1, 0x8, 0x8, 0xa0, 0x84, 0xf, 0x1, 0xfd}, {0xa000, 0xffffffff, 0x10, 0x5, 0x7, 0x5, 0x7, 0x3, 0x7, 0x81, 0x2, 0x45}, {0x100000, 0xa000, 0xe, 0x5, 0xf, 0x7, 0x1, 0x34, 0x2, 0xc, 0x7, 0x46}, {0xeeef0000, 0x30}, {0x4, 0x9}, 0x80000031, 0x0, 0xf000, 0x12025, 0x5, 0x10800, 0x8000c00, [0x6800000000000000, 0x4, 0x7, 0x3]})
r1 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x44004)
syz_clone3(&(0x7f0000000b40)={0x8000, &(0x7f0000000980), &(0x7f00000009c0)=<r2=>0x0, &(0x7f0000000a00), {0x36}, &(0x7f0000000a40)=""/45, 0x2d, 0x0, &(0x7f0000000b00)}, 0x58)
sched_setscheduler(r2, 0x5, &(0x7f0000000bc0)=0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
unshare(0x4040600)
r3 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000002980)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtaction={0x94, 0x13, 0x53b, 0x0, 0x25dfdbfc, {}, [{0x80, 0x1, [@m_sample={0x50, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x3350, 0x5, 0x9, 0x8}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_ife={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48001}, 0x20054)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xb5fafc1c46b81936, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0xfffc, 0x4, 0xf, 0xa2}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@journal_checksum}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4ef, &(0x7f0000000e00)="$eJzs3Mtv3NQaAPDPTvPoM2lvde/t494GCiKikDRpgS5YAAKpGxASLMoypKEKTVvUBIlWFU0RKkvgLwCWSEis2LACCSFgA4gt7BFShLppYYGCPLaTmWReSduEdn4/yck59rF9vmMfjz1nZgLoWIPZnyRiW0T8HBH9eba2wGD+78a1SxN/XLs0kcTCwgu/J5Vy169dmiiLluttLTJDaUT6dhL76ux35sLF0+PT05Pni/zI7JnXRmYuXHx46sz4qclTk2fHjh07emT0sUfHHmlY96ntS+nLLeLM4rq+981z+/ccf+n9ZycW4uVvP8nqu61YXh1HbqDFFlsbjMFYKCzN7an8vf+mt/7Pkh2K3iKdbNrgytC2rojIDld3pf/3R1csHbz+eOatxcxXG1RB4LbJXpt2rpjbVfxPF1+/gLtRoo9Dhypf8bPn33Jaz/uPjTb/ZPZ3shL/jWL6/rm8bdLsWXYgf2LvarD+v+vM61tKLvS32P+2iDgx9+cH2RR134doImm7JADAoi+y+5+H6t3/pTX3NjuKMZSBiDgUEbsi4l8RsTvSxTL/iYj/rnL/g8vyK+9/fty8yk2uSnb/93gxtlVO+ZIyrmQxt70Sf3fyytT05OGiTYaiuzfLjzbZx5dP//Ruo2WDVfd/2ZTtv7wXLOrx26be2nVOjs+O30TINeavRBKb6sWfLI4EZC2wJyL2rmH7WZtNPfjx/iy9Y+vK5a3jb+IWjDMtfBTxQH7852JZ/KUk31Oj8cmRvpiePDxSnhUrfffD1eer891V6Zr4+9qLqW+twdYxfyViS93zv4i/7AbleO3M6vdx9Zd3Gj7TrDz+SZyYqy5RnP+bl5otO/97khcr6Z5i3hvjs7PnRyN6ihk188eWtlbmy/JZ/EMHa+PPn4vT7Br314fFevsiIjuJ/xcR/4+IA0Xd74mIeyPiYJP4v3nqvlebt9Aaz/9bYD6NONns+EcMJNXj9XUT2UnbYNHp8emu019/3mj/7V3/jlZSQ8Wc6utfT4PtNqrp8sTNth8AAADcCdLKGHSSDld9fru0O7ak0+dmZg8NxutnT+Zj1QPRnZbvdPVXvR86Wrw3XObHluWPRMTOyieNNlfywxPnprdvUMxAbmtV/8+vBWk6PJwv+7XRh16Au8eqxtGqP3T26We3vjLAuvJ9Tehc+j90Lv0fOpf+D52rXv+/HHFjA6oCrDOv/9C59H/oXPo/dC79HzrSyq/EFz+3kl0T2vj+fKPEruNrWWv9Egv9a189Gi+aW/0Gu9orXP76Rdtbbq9wEtEknGaJSJuX6Wm/qrc1cf29vOFqFqUtV3+iVbN0t/hNjNpEX53WOFAkeiOi3e1cXrdWLa8QiV+ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7mh/BwAA///ozN7E")
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000640)=[{{0x1, 0x0, 0x1}, {0x3, 0x0, 0x1}}, {{0x1, 0x1, 0x0, 0x1}, {0x2}}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x1}}, {{0x2, 0x1, 0x1}, {0x0, 0x1, 0x1}}], 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x3)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x8008551d, &(0x7f0000000200)=ANY=[@ANYBLOB="5c0109820f0418030d8082"])
ioctl$UFFDIO_MOVE(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000c00)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000b69000/0x3000)=nil, 0x1000, 0x1})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000690003050000000000000000000000000000000008000100020000005145cffb15c1f6ba11ce317d7b30d8a3090b4e9c0afdeceabe2bbc0800000041ed90e90bc78be3db24b3fa8af9913442b94b4a88162bc691802446ecf19f3a20"], 0x20}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)

6m13.881154542s ago: executing program 4 (id=1929):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x8000, 0x0, 0x0, 0xbb, 0x8, 0x91, 0x3, 0x5, 0x3, 0x2, 'syz1\x00'})

6m10.80125004s ago: executing program 48 (id=1929):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x8000, 0x0, 0x0, 0xbb, 0x8, 0x91, 0x3, 0x5, 0x3, 0x2, 'syz1\x00'})

5m45.071417601s ago: executing program 3 (id=1974):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

5m42.421665878s ago: executing program 3 (id=1976):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1e1, &(0x7f0000000640)="$eJzslr1u01AUx//XtpwEBSExsjAQCRhwbAcQC4gsTAxIQCIGhoiYKGCIlGQgkVDgCViYkBgY2HkBJFj7EFXaqUu6deni6vpe27eRnaT56tDzk3r6t318fD6s44AgiAvL/t7ROEA+1EWUkJPnD/TER1P8d/OHn/8/fVL/9vr3Tm5sFdJiBsHizzcA/Kvq6Mf3nr67JP+/gBbrl9BwW+o6GCypeTI1qT0wvJL6naI73N+y3rZ9z3rT8Ztc2Nw43LjcVKbzm3xlaCr5MeV6bzB83/B9r7tBMa9/k6qGh0p+6rwsiGxtpX8ONDhSV8DwXOoHyEW9ES1R6r9mJPH1mfWbWGP9tWLKJZ7KGeJcvZw5KhPAcokBLA74EytVii/yld3kO5QhdIQimuh6In/Xt1QFf9Hn+MDYelfZas1cZhZ/H4t7ojPBSByHPlcyAgajBR9hYpluJPsp+MVwU9lPYpX8CD81fITl3mB4p/2h0fJa3kfXrdy379r2PbccLiJhZ+y/QrifLiXxU79JHJOZ+NTo97uOsPGxK2zaxtXC/afh1g1xzIdrTsXNK5rJPwNGPMg/qvOjzFIIgiC2ynWw40BiREJ+TaD81n12jjkSBEEQBEEQBEEQBLEaJwEAAP//63FC3Q==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
readahead(r3, 0x6, 0x1000009)

5m31.522332183s ago: executing program 3 (id=1984):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='cpu.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000080)={'full', 0x20, 0x2000000007, 0x20, 0x10000000fffff}, 0x2f)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040004}, 0x8810)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0)
getdents64(r5, &(0x7f00000001c0)=""/147, 0x93)
r6 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$printer(r6, 0x0, &(0x7f0000000480)={0x34, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, ')'}]}}, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
ioctl$EVIOCGMASK(r7, 0x80015b1a, 0x0)

5m28.151458828s ago: executing program 3 (id=1991):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
close(0x3)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x404c830}, 0x0)

5m26.843342266s ago: executing program 3 (id=1995):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0xf5af99b}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)=@phonet={0x23, 0x6e, 0x0, 0x7}, 0x14, 0x0}}], 0x1, 0x0)

5m26.090774529s ago: executing program 3 (id=1997):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
madvise(&(0x7f0000569000/0x1000)=nil, 0x1000, 0x15)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x801800, &(0x7f0000000080)={[{@errors_continue}], [{@hash}]}, 0x0, 0x616, &(0x7f0000000b40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIV6EqyEExJunSgtBCiW0RosklgQvJsaLBxNPHsT/Qkm8evDqwYsnQ0KM4SCGyJrZnSnb7W5/bLu7pf18kqXPM8M+zzOlX74zT5+ZDWDXGsn+SCP2R8T1JGKoal935DtHKn/v4Z+3LmSvJEql838kceuTZLG6rST/Opi/+Z+hSH5OI/Z1rex3buHmlcmZmekbeX1s/ur1sbmFm4cvX528NH1p+trE6xMnjh87fmL8yKaOL6kqn77z/odDn51599uvHyfj3/16JomT8SQfW3Zcte/t21TP2fdsJEoVj6q3Z9/XE5tse7v4a6j4OXkqqd3AtpXmP489EfF8DEVX1b/mUHx6rqODA1qqlESRo0pZKiwBu0jSVMz3b/1AgDYrzgOKa/t618ErpS0+KwHa4cGpygRAJfZ7IqKI/+7K3GD0l+cGBh4my+Z5kojY3MxcRdbHTz+euZO9osE8HNAai7eLWe7a/J+UY3M4+su1gYfpsvhPq17Z9reb7H+kpr4i/t9qsmFgTYu3I+KFPP/3xobif6Qq/t9rsv814x8AAAAAAABYt3unIuK1euv/0qX1P7111v8MRsTJLeh/7d//pffzQrIF3QFVHpwqh3fd+M8Nd+W1/5bXA/QkFy/PTB+JiP9FxKHo6cvq4zXtVq8QPvz5vq8a9V+9/i97Zf0XawHzlu5319yIOzU5P7nJwway+L8d8WJ5/e+BfMvy9T9Z/k/q5P8svq+vs499r9w922jf2vEPtErpm4iDdfP/09PtZPXnc4yVzwfGirOClV76+IvvG/Uv/qFzsvw/sHr89yXVz+uZ21j72cXF0YXuUqP9zZ7/9ybvdBXtZz6anJ+/MR7Rm5xeuX1iY2OGnaqIhyJesvg/9PLq839L5/9VcbgnIhbX2edzTwZ/a7RP/ofOyeJ/avX8P7w8/2+8MHF3+IdG/Z9dV/4/Vs7ph/It5v+g2srncaw3QDsyXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4xqUR8Z9I0tGlcpqOjkYMRsT/YyCdmZ2bf/Xi7AfXprJ95c//T4tP+h2q1JPi8/+Hq+oTNfWjEbE3Ir7s2lOuj16YnZnq9MEDAAAAAAAAAAAAAAAAAADANjFYvue/1Fd7/3/m965Ojw5oue78q3iH3ae76XeW+hrv62+6VaB9mo9/4Fm3/vjvaek4gPZrHP+PHpfK2jocoI2c/8Pu1WT8d0XEufNbPRigreR/2K3WOafn13mwI8n/AAAAAACwo+w9cO+XJCIW39hTfmV6830W+8POlnZ6AEDHeOQH7F7ds3mht8MDAdrONT6QLJX+rnuzf+PV/0lrBgQAAAAAAAAAAAAArHBwv/v/Ybda/f5/a/thJ1vl/v96we9xAbCDNP7oD7kfdjrX+MBa2d79/wAAAAAAAAAAAACwDfTfvDI5MzN9Y25h6wvT0aqWK4U3W9ZyCwuLk9tiGFtXKJaGb33LPRGxDQ6wA4XiERwdHEYH/08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW+TcAAP//jWofjQ==")
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

5m10.025384393s ago: executing program 49 (id=1997):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
madvise(&(0x7f0000569000/0x1000)=nil, 0x1000, 0x15)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x801800, &(0x7f0000000080)={[{@errors_continue}], [{@hash}]}, 0x0, 0x616, &(0x7f0000000b40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIV6EqyEExJunSgtBCiW0RosklgQvJsaLBxNPHsT/Qkm8evDqwYsnQ0KM4SCGyJrZnSnb7W5/bLu7pf18kqXPM8M+zzOlX74zT5+ZDWDXGsn+SCP2R8T1JGKoal935DtHKn/v4Z+3LmSvJEql838kceuTZLG6rST/Opi/+Z+hSH5OI/Z1rex3buHmlcmZmekbeX1s/ur1sbmFm4cvX528NH1p+trE6xMnjh87fmL8yKaOL6kqn77z/odDn51599uvHyfj3/16JomT8SQfW3Zcte/t21TP2fdsJEoVj6q3Z9/XE5tse7v4a6j4OXkqqd3AtpXmP489EfF8DEVX1b/mUHx6rqODA1qqlESRo0pZKiwBu0jSVMz3b/1AgDYrzgOKa/t618ErpS0+KwHa4cGpygRAJfZ7IqKI/+7K3GD0l+cGBh4my+Z5kojY3MxcRdbHTz+euZO9osE8HNAai7eLWe7a/J+UY3M4+su1gYfpsvhPq17Z9reb7H+kpr4i/t9qsmFgTYu3I+KFPP/3xobif6Qq/t9rsv814x8AAAAAAABYt3unIuK1euv/0qX1P7111v8MRsTJLeh/7d//pffzQrIF3QFVHpwqh3fd+M8Nd+W1/5bXA/QkFy/PTB+JiP9FxKHo6cvq4zXtVq8QPvz5vq8a9V+9/i97Zf0XawHzlu5319yIOzU5P7nJwway+L8d8WJ5/e+BfMvy9T9Z/k/q5P8svq+vs499r9w922jf2vEPtErpm4iDdfP/09PtZPXnc4yVzwfGirOClV76+IvvG/Uv/qFzsvw/sHr89yXVz+uZ21j72cXF0YXuUqP9zZ7/9ybvdBXtZz6anJ+/MR7Rm5xeuX1iY2OGnaqIhyJesvg/9PLq839L5/9VcbgnIhbX2edzTwZ/a7RP/ofOyeJ/avX8P7w8/2+8MHF3+IdG/Z9dV/4/Vs7ph/It5v+g2srncaw3QDsyXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4xqUR8Z9I0tGlcpqOjkYMRsT/YyCdmZ2bf/Xi7AfXprJ95c//T4tP+h2q1JPi8/+Hq+oTNfWjEbE3Ir7s2lOuj16YnZnq9MEDAAAAAAAAAAAAAAAAAADANjFYvue/1Fd7/3/m965Ojw5oue78q3iH3ae76XeW+hrv62+6VaB9mo9/4Fm3/vjvaek4gPZrHP+PHpfK2jocoI2c/8Pu1WT8d0XEufNbPRigreR/2K3WOafn13mwI8n/AAAAAACwo+w9cO+XJCIW39hTfmV6830W+8POlnZ6AEDHeOQH7F7ds3mht8MDAdrONT6QLJX+rnuzf+PV/0lrBgQAAAAAAAAAAAAArHBwv/v/Ybda/f5/a/thJ1vl/v96we9xAbCDNP7oD7kfdjrX+MBa2d79/wAAAAAAAAAAAACwDfTfvDI5MzN9Y25h6wvT0aqWK4U3W9ZyCwuLk9tiGFtXKJaGb33LPRGxDQ6wA4XiERwdHEYH/08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW+TcAAP//jWofjQ==")
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

14.562808798s ago: executing program 0 (id=2823):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x6, 0x7, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x3, 0x0, 0xd, 0xa, 0x2, 0xd, 0x5}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x6, 0xa, 0x5, 0x180, 0x1, 0x0, 0xf1, 0x0, 0x8, 0x5, 0x6, 0x8, 0x0, 0x0, 0xfffffffffffffffd, 0xbd5], 0x2, 0x3c4292})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13.517500548s ago: executing program 7 (id=2826):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$packet(r0, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x11, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001143f11002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYBLOB="363d60be312a894a0ad8b1847ecd706f971fd8ba38e2dcccbc09c00700e2aeacc799fc70e1a37aab31c9c653530627fd6245fa47050af6"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000)

12.583167948s ago: executing program 7 (id=2828):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000080)={'ip6gre0\x00', 0x0, 0x4, 0x1, 0x3, 0x0, 0x23, @local, @loopback, 0x10, 0x1, 0x4, 0x8}})
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000300)={'ip6tnl0\x00', 0x7f})

12.510258481s ago: executing program 0 (id=2829):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150fdf0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcb05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc28afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f2724f5024a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4a7e642fdc56d11c2ec87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b09ffd42a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3da452647e342e2591be4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0xa, {0x3, 0xffffffffffffffff, 0x100000000000000, 0x800, 0x0, 0x0, {0x0, 0x3, 0x2, 0x0, 0x0, 0x46, 0x1, 0x0, 0x0, 0x4000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x30000, 0x0, 0x0, 0x8, 0x10000, 0x0, 0x0, 0x10}}, 0x50)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00')
syz_fuse_handle_req(r0, &(0x7f000000a280)="1695367704d10dd832678e4e2d01860484a69eaac410e2d6cf3b3d3925f9a3cb602592377170dffdc4de86f163e390e21d07459b0f058cfc248c4bcbe896f3c68006f3c2cbe07c55b87170871c1d364d740faeb750c8c8acb76aca18bc0c018ed341b55b0ef80cefe95b85756aac978a0e0b5ce59cae6657643e7ada0c1336bab310888351664553c2faa6dd39054e19e23cc7c4b4d33546407f880194aa0761f2a9360c4ba26de342328b92db81ae84fc9c1e9eefb4b7ec3f58a6d5d23b907327b14480a37f3c84305729a91c28807f8809b997235bfa2d4b6f45ee9568bb4a416df34f4140c5e272bfc068ea61a48b365490ccb02772a906dad457f5d2dd1a57cc1209e8897c8115049d7e4e3c756a7f5ad0c004ef66c8bf91f600910e73b4aa5f516bab5cd62ad93642960ab32b7fdaeacb1a9587a389a529c231f8a47a65fb6d27ba6a0eeb46660cd75dbf47df89e9f578eafa6992a12d9d7de56d69fd0e30b15caabd13c28d63921597466292f8c4e87f23d53d52e6e8f1c9295af0743c8c671a49273074ba44dbce9e9b1136a93dbc19d2b8e60cda5f50eba2d814822a68a0fd4ff5e6a25dd5346f96b26b5e1563ebb97829a76fd8c2aa0000000000000001b193b68316494f11f5ce97ed8e13d474b03c6f6eda4eff54b0ec362fda53003e6e2a3868a5d57e2426aed5adccdac8e162c6cc20361dd4709889b79b2810ba42f531fdd3746562a00da65b4211fb7d8f482a3610748d3b80d2942d8432471f98c6e9036cb57f3913b31dd8baddd6d85b44e8463b838fcfb6979628c5fa3dbd30688e10b9ede257ebc7b96d4092f38d11b9e6a4d10490a9df1387b3743cf51e206c7dbc0741c408bbebaae7f36d81b5ce5b21bb9fe992c8a0cb3a91ea2df21e571ff094b53b17c46fe22c0cead29144d203294eb42c984790a6b6348ed8b7b0317ee5b2353cc54bcfd808bf0f61f73917584e17bd9259c8a04d2ba3b4f931571947c77035975933471fb1203088dce478eb4e411ddb7b88caeb02e1cda741245df701a2b5c29c48a631eaf18549bd90c70222fd6dafe5550726bb58dd0fbf84ffeeae683a0379505f03740a652025add8e0e4e6b5bfb4bd0876dfe1ecb639acc110eba97294a4e4642aefbcad04ba50d830e945fd9900ee7e02488694041f43cbaa86280c1df64e8f1f81f7cd5130914efd19b58262f3bd2c43bd8b4a5beac09f1ba27020521994465e62c329debb50efe0716d22cf0056febc7cb95aa818e10639077e91cac3c80b37d6eebc6907dde971b578383ee04086a0dad18750ceff6b8d6d373afa93a51fee65fe1318c1ac291b784e45d66962c8b54571bc1e92a996c11561d94af6ecdd37948d35adbd1ad63c1c05c31c7f4afd707aa1956d1444fec1137fb6d81f56566887131777e5fe3e2fafe8af8f21ed34480afe74afb25d8d16f8089fcb851ac49dd826b7f273aa3d771856d712c62397d49c72d93e3c2a5e6b9767fcff0fc5b3d70dcd70ff8bad5dfd7f5a84c194f99450601f970104f9be026852ead21824152dd8f6536fcd01a69177a65f2af266e619d61d20de0c738680fbec29e7c594cad29f009d46d87908c951b2e4ad8d9a67db8be6f570fe5416d9e4dd22a108140a1c95369731807325ee7f4201209a795fa1609ce8fa27384677816f651a96cc08400e1b647bdddfb851313e3ccaa472b9a6a1da3a0936e119a6d7808f09de244d739c39df3ed36004b77cb54b6b1396b718c87fba28cb1439c7d1d140dae1ee2c2a7d647427b1e7472710c7ac4f1fb0fc0c9d15ecce28167d23e2e42474dbf1c63c0819606be9c9b6dc2eb59bf9932568ef408c20e9498cf105e84eee30460d4348f4cdfab623b416adadb4427887d9b1b6b8db75b224e8a55fa0351d21093b2b7e42e6685491cbfce100d602d0281f4bd086b50612f3ccf055fab1aad97a52695a233c3d458be4536b66b0acdda5ce0aaab48bb7d7f39a8af473c4478991f1c4569839eab0c1d684001ee1772290871653a2293bb7754c1eac178c60f86e2a98e1992dee198c76365f2d04d159d7c210c6cc58764e3b7dfb5bc15190555febd01c69cab8f55926c28a13fa4f9060dde1ca2df7e1f71fd99a0c350d7f0e341ece8e0685e9c205b486ef400910211b688f07fb05b542261c74b45f4ac23ff53e9e620ab12dad7b5131f67128bb8ed6a4a70caec437f2157f8bcb3d080091e5715dfc7d7539dd0320c90d0aab6a6d7a447ebeea893a0efa2176292c648c62cedd4138c9d0535ab0621855484fc43e0e3e84357db6951bb21fe2f4e99fa188ebecbc23f73ea879bd304408acd1c470fd112606ccfd7b7970e950ebd363afbba359a51877248a42845097094ff785dc82264225752f3aefa980d9ed5309b48f47a5b5ef49f69808b91bde955277b6525f55436ffeba0bfa8c13f6314c57ec97eea295afc66a9f4ec844474c0da6ff1ef0c6c65c035f3bb74a70ffa668359b58a46af97600c428626b45c81a4e372e198894c02e2bee8010fb4c2c075ea623a6ee24a99e225f809322df6ea6f39b1566b1aee5403d45ba648f94f70976013199b3241744458d030a5319360780897413289d89267c389e04f23de79adf4b864c5ca76efc225eb1ecf6424887f0d8b3ac13cbe9df4eb69f7b702e85fb396dc4a030d57a8c4edd227ee568fb11a9859935ad53dcfdb01727f106af352c569a020b7e405a1ad4c6b39e2e8796fe9f16db3794550f5ef3ecd6af2b2ab0383e6c198f17ada5840bde84ccbaa661d9c456d9ddaf92763ba450098cd5a971d847fd5030a4c9b066ab3b0096dfdf7e5ce2f8349165f94c493b7e4192e85239bb11552f910fb41c5e96ee10fc8dce711e88e0572ce0bbbd9c9f3b7c9dae89f1dfa6af309c4321755a5b19070c8731ac590c30fffb69feeb75f699aebb101d3a30f784f1745182cb4f0bf63a148b521f0a03c691927694ee453b278523e3ed256c150098a932f62c90ac65faa4b9782c27a3ef6ca2b5ecae6a01d8a1d7096bf6a7d1b317a9eab22ef4907c631bcca224f723f5fb9a44d7e1295186cf37fd71343919aa167fa70a505a73e9f52a11cfbd40d8c1087d4ffdfe45a40ed5aebfa4b0c3622c78a914d68dd92f46478711437ff88803ab28cd9ce2223aa0fa37eb9d9a4a7866dec4ca6bb66e794ccac6bd19b11daa0b6d4d42cbcf7d6426b5718030ca51bf92b3d8ea0b11c46ec5c0c6e3805c88b39731b2b751d9928ed1ddba7c66bcc5273d709fd295aa0792384435b98c1f44575c028ff2869074156713931f7e62f8b0f8c7ee9dfeaeb2e096e77600586a47d6f6a2e13a17dfceae46ad84858bf8873f9f1e35fc700aef0a648af168ab0774a3441a203ef325577f2c76f5f0e5808acdc7965bc65e8ad1ca816bc3b67711ea42e619c957d0f26b394be1f3b0c4ac9af8558eaebf5c1c27b6549022513479b4c28dbe3f1c3131cc9211eee768f96a9c8b5e0e6425bef921a355faccf0072ba19b16d88b75feb5dc8fcfc1b7b5973eb9654ca3dcfd482831ff5d1fe09fe7ae43cf129c8c17a6686685a13ed076f34608b7ac16eb8e9de6a44418c4e3f8162e6a679bc9482df96a04b14575ebf093b99bf5cc26495f5dd6e571129d9760de3f801b001a1f3248d14f579bc519de2b656641a88da758a2ed3baf15fdf2739ddb44f0e5892de7ea48e9302129d0c939137b9d0687b296577675bcbf433a53f6a9816797cbfef1ba0caa2b8602387b5a8bae24d3e15d42b34d81708738fd269c3e8cbacdc3ff5ab1d4816a783d7be0f0a8086e345a6b4c231ffd61745f6c45cfceaf6089e70542aea1574e3c78740f77a08eb55b37f03549c1dd318cb5a76094210e8cf800c350d328fbf9442d0437e7affd54b3bfc33da3f24558f3ea8e59da8e61ae60e7e7b4de7179b8cf941d51d420c8eee69143966800dc4f7bcb50a033331fcac02a65e88de28ab219c68388a9da9196e044dd1ebbd3994bf8cc862f6f8b419fa1f4f4e5427f10866b498935fa28b8e6f9c5e48be8b74b9c2262823390480f71aff6cf72281f526265877d223eef9ad7a4be7438f9afb6aff0e80c5125c2c612ceb83f0470ea04479979c0a10fbbd0bed7379e949cc19fe36fbcbcc59a9fe30a2662d3e4d22862e8841b587b8995ef8482bc60fe0863b41752ef3dd44a387eff101595822bf1ce440ff9e5f73e560e4f7fbfe4754d9dabbcd92de02017eb43d3cf7c75e45ba04009a782a68ce11eefd52253c721daa5f37c6408e37b48d1f2e36d7c1793300f2c9039e69a52057486b63c0fa644d00528ce48f2e551ca88e356ac25ae74c73492ed3e6233490acfbe7ed8244f23e2af86e0ade6b78bb34a75a86f6cbadbd39762680cb0821d6d28f18d427df13d0e747f6da54be970e43ef8ca8285dc8bf44e3cecdbf2d8757a9800bb889b846d58cc636a2648809451a95736a0ecec6ea3fe61fb24dcd8a00ac0b8933918189cda555b17e431d99ee190d6d0d9f769e665ec193ba8889ae72a01e18b98cebb75d20ed778e5778ef657ce85d40eafa44b46f293d64023b877e8c5d58587c3abecf9a1ad8d874a4cdba0bfbea61b7eb19e81f7c932be12a83bacc51017b42dbe2931dc11c742a5a942cb6ed9bd9922ad78f55b0f6cbae0e8d4235140263ed8c83ab22e71a0f0a62b6920b5d5109e415254e527546546bd025cf1583e3e8d9d5bf735a4651fa2e5c3c86a185bb77e9b75224cdda8cb0eb21d9e3bb19e286832aa5dce19f055539a0a5caccfd752742a31d0af882c4f02c29cbd90ac2cdf5cc61c448cd09eb7b82b930ca99962c0e5ed84124fe37f7d30aad0296ee340377a7e0aa7413c495ac8ab0b482c4c5f59872efd5a1ceadbc7606e67d3c79a77d095bd82519db0893b9d2bbc2b2f3a7391826840e49424703c006399cde5f2a52a9383e89dfbfca284be4d75dd3aafd8a43dc6c71bd7fde9460647eb5c97707e96ddb9124d6020da38ee7ad743db8fd0377a8711905194c496e39a2132d7bbf35b79f920b6dcaa73625bf8b5320da250513cd45bf42c8072809ad59d69c02f0554cf82b79ff291e42d9227de1948352b0dba0281b69876ae0ca24972a5e75aee7e0a46bd4fc83f5a0dd3f22d666f2d950ca580c6da6dfaaa293beded10d1328613611b6e01d5d8567541e81466467302d8050a3ae4791fbddc1aec749edb68173be5341166c1d5c42d63e7368473e48bafa43459de3fa3a5550a4ac979711dd9a2d6796b0bcf9b5881124ade4b12bf77fa55724976a0da9d642e76a036c430f5fb2c06d599b0f78e978580f8eb763d2846177ff18b9b5cf8c76197ed809ef24212bc5563a1713214ce78e0e6cced6e41578d46a07839795c83c189610244bc1b680535fce39f290da90d719078015d90020b1d4567a97081b48514709df8e327d814e8c15496d90efacae6b13e297ed520d280203896bbc3a23f3b638adf594de03a782bb292a93ef0b14b8b3e13c01787a0b7bfb3abd8ab15eebbc651b7b054d3e56ebb7808de9b9bd067560ec6a6432455b37054292a3d9d32434506bf84b2907560017089de3f60c2deb4dfb7371f96d65a575d446aa1d2df81867135120df4e24e9227f72ff9f8f015a7754948704ecd084a1a93fbeb5a44af086ef73e9fc1c072b7d5473e92558fc2824acf27f1dbe9b019247d3074bf4256a966ceb674a2c4222632c8e4b6c0736de019ccfe4cca40b9b07f8c4df9753cdfb4ad66643ed71510983e29c2b5f9ae7db4913cb74d9dd0461a900810650d0da73f766aa6882385f3bb40644bf43f01faf2aa4cd187659edb0498527f201442b64349afa814b3dae5ce815971f3b11d177e3e1aaf90c7674c097d475640218ad27e63f9071c9081c06d9b5d1f3a070da3eed4f4080190a74063e7f97b5f35706dd1173dcbfa13a70d5362e50d57d0c5105c8d3beb926d93f61699e737ebe1a935839c3aa5b629dc93aa209d9e7774c40de7f59fca1eb274a8280022a15934e5dd2579a8cf5cd16a3b0a1ff3ea712c4258164fe2fa17a4cbfa5630f4041bad4204605eb2e762d610fa17dafa415ed8a678da1d4b5a6618d71d0066d66e3ac10b3ce65137a5a02344abc57f1be4ce0cbf1a2ac66dcb5e94495e863819c627e4704fb479c232b27aa4a5dfca8896a7eb8e0592b6b392ec9fa2767f569d5c1356d7ef7a909d8ee344ba017c75ca664d98f5288230b7f1ffa2fa7a5d07fab5f4b53b7f19c3fb361795fd632fa8a654004d931b4b7fc0890927aec727160cded3c01b7e40e6b81ce015796895f9c007762a1c22acfb9513eccd93c845e91ea8b0960b299b3ce788cbcce5bea9a94325289d2c3573975c512d56e19c4655f849b3652f8b5f9fa6f49e03202f2031debe3c299c3ceceb1febf4b285da9033493088a36f885ed6d3958b8d05cc6be00f3465de8bf6e41796d17e393067585b459b143d592cea102f584e48676a45f896cf662bd6b3b2309aa7f46d2b8ec6597a063f12bcc88922050c8c1e070134ce77ab1cb7a7f29983a0b30d9b2abeca5cfbfc55e941376c616c2834b1c1c9a9473b531c86c3b708478ee95923fe6a8108c2c4dc8a78a9d5e995f6c815b292b986cab0afa233ef10567a49d4e8dc17f438b90b620df4d291b52549ac8e1b69078b62011ed4bb0e288db740817ff07d01e779e11cb8e0606b5ca3aac6c7b262499f5a115acdad8a67b6eb77503318ef3bf0008347b270aa986d9e79e2af174f38a4743250c1091e6053a7a785464483161aad3ef3ad976e5329b71afe9bbfd93d7541a1014db4cc159ac266021e841c665217fa150e130f921ebd4cfb5accdb87f5f9bc0fd94b402289db4d0ac3f0906a689aef044c09fc2c5a00f7795ea935aeb943eb32826bd2176c1d1cb058195e3229d293595ebc07514c6b038a1d964199c59e59d4fc621c54b7bbd3410ccec22f7fb6751527c2aa0940ed2f0c9dcfc4e99ced91d09ba4a37042b5f48b127439cad24df2951ff1e769d3892dc4788dbbe27cce60f7f0138789444712e84e059ac0a4e87557f6c3369fc61b9a843c816df3cb4ec77a11e16390234da24dc0420f6a44554fc7954cc74d63ec030d4d964898e14500d0dacdbb2959f7a8a191773f66448348f36c3f4904187088bcfeafda7dd721236810d04469e93ca4e7926305c25b1ef1380d775008fd238e33e8dd2dc5a9783f97414487a7ef70eba3dcf71331803fad223f65aadfc87d79512bf311c14926d619a089f5e84c46f4a9ff393969f8eacc8fa20acaa9eb01a8aab625853e415d3871e555a11ee71ee93cba85ee9cde60b3962e294c2c840f0a1ba87714bac54f1ca0ebda74daa3e8e19d382b951d64a22da48c632ec5754f42129214a807427e69a93c128b6b0a8697c9ee375818dd79244a38287fe8f66c7cc3aa18aee2fbf804fc1aadcc7d2daf75be82a60276b6902a51f2bbb64c261915b80053fb9635f405f1fa855d1ec8adc0ebe9648b8151eda70ec5ad5f704fa2a337bcfb7ecbc845a11cae7a68d6bc58f107ac7bb0c2f6b83edc48703ba00c94036b9af4ada51d6d78bfe697df06f47573c14cd7191ec52dc0f208ecdcf54669529bba2c2fb7a6b38f6f2b5ec5fe876f03c096ae092b6f881a84b00edd1e9f67449069d876afaa99eb1a446f20656b5104c72ed28bd8553c724785f4e8bfdc33194409960de4969b708ce26e4cd608d21ace0c38e27d54b55369a9e807cfda9a6240466dd94f6150d4b0105f7b9ae392009b2cf146d1dad5d7c8664463d7d60d11b45f30d01db7364e21ac557d37a4c9ad88926c472e98710d2cbfc4b70d6a5dbb128d46909e634761c6f6952bf9021aa5282c391dcee3278a25e3e2ee31a7f6713979a546084fb2e598214c36a3b7618bf23c57bb23b33e9c98dfe5192ef257dc2d891a6f7c11be334fbdab015eedafe1c4aea95ff1fa6d340d0cade542f3f782c1589470fa64c6fd9ac0c31536ecee0ae312f992733beea6fcaf7562dd6e0f2c016f712ce14d93f02a54f577c75b444fd7f46e9bd2cd9cd1f89195781d88f984eca45c9735509553b48b0d9bd730c7d6f63b1dc78d2344bdb0f18c4e1554822345c11efa2ba32bcef4f29ed05315cf44617a80d7d1392de077bbda08669c8c3cb6c0b12f872f1247bc1d07634bf5bf4acc3a4ecdae7e6acd7c4af9820147afe55500a7270d7eb511f907339e5af54cfaf33e2364f54091ebee2a245ba048452d383cd441604c4dd1c6376e4df8b83ebf6070d2be248174fc1dc0a1352c103325360aeb3ab71cb73bb646ac6247dd68155fd48b90250c3b0f250a74f827780367e117a94094e5005e2f926accaef0b3e36c25e315c1e80cd4c3481f3465d99025c7de91c45bb8dd0a5577174c1f366017d87d2033239a8b6f399a9095845b5fafe9cca113b93f455bb790709b6c93fcbbd0c4bd7b5d621088dca06802e241836291226ad56d40b3b4e90eb68bd5845742baf4cb4a69b4bdb07f02d0bd6fbb5a5fad3af030816b254725e6db4073b7a0536b884c8985c3a159cdb105c73f7e0e03546248336449eff6afeb96cf8ad3617df18ee2247bc2d11ebbe10e0379f5578c41611872c5461541fb4da5be3f3348e0592982a61c352315370a9b452306c9f31f9040ef755ad096a8733dd9daf6bdbcb7a3521ad2282ae4fa7bfdb9cda5997ba3a6652af46c6d0205bb356dfb411e2b931b357723bb70254211819b74a461ed5c126cec6573cda4f6107fc3ebc76483621e9ab5789a5575ea3a91463f76138ea0f3ec9c44e1cddb2de59bef83333d235e922b920e267453676575b38e6415bd136534b8df2360ab489fb69eefd04b66758ab5dd105be7b0635f7194f9e4b158b22b21ac97fda4e804747a9718b40a32531cd5c3fd1d3c1dd8ba5ef9c86d3c8df8c71f81da1a9756e5db4dddf70755053f7129d656a8069fe83c39ab240cf7a73f0f880ec7a791c5115ab262184839b906c238eaabf2268dfcd6560c5bcb70fea00b580ad52e7de0333e6de63ae351952e6e5dee6edf284de0a2f53e2089db13bd5eca5f98883a24eb2e1a58ae199f8db9c60a5b6b85585b2d2a17d6b5406e5668685d95c4718c375db05f7953b363c25d2ed0906eda70eb659845acd31fec9b8e4d5951d12fd50bbb969dd824a78c72622c8311a980f0f2e6a1ddc368879a1f3a07d3c0780e85a4e5d13223a3424782e3f77bf6a1ebf823f468d41b777ff61345064f1096ed653c277bab90ca5afc8ad6d25f4447236cdd82950afff27763f3fef5308f034379f4ad4955cb8cc5280d51b5427de4eba374f64dde2f1e7a6ae628aa4696160a5cf0ae9fc70e307b4eb19c0a5af2c2855710c8e117211d73a7e7f3f7f2ba55d03a4b73d816c9c3fc1edb86ec95ddcd77884a913805ad6549e7a5f776a1c2385dd6d83877727f128207cda29f83462269a7f606fa31934d06a6e0efd238d0a180c754a9d2e85609fd20c880ea0e79cbe887c442000000001da783529e1e45eb3e70195fa2711fa291dca43ee0672b7afc14cf87b9506a7ebe223019c856777e1783f6ae1b0ed90486b32e3b6f7ff77be834c7b6676da6c8052fa49450e3e16a6f90ee33742bbfe3dc025832e0bbc7abeb625077b8c1ea07dee89c7dc26fa42514ff9ac21e848e32309bc2862a873fb57796e05923fce42fa2833c73866e22a04497ec13acebcdff6ae1df71dd8756f1febac04f2034c1f3e1d401ddbdb7f2ef676d5c85437830d527a5fb04c9bbf0d892ee1306d2d2df37008916a3a66e70f865cd6d25de16fdb4bb4f2616204cf86a3ffdbf147223968c092a46dc2aae4aedb32fb850b85d4adb87bfada328bce4c2c70ec42affde442179fcc1d3d9f5e4a848c8ba03b0df3065d1b2d5f1b08d8c25148c51bb54e191a87ea59903084000b4b520fffda111fe831d4bdcf62423c1fcd673b020c5f2c41973dd1b9698054368081f917715e1c1592bc78dd265e051bcda5bf5877821fedfcf7790a58b328cf780f71ee71491e59194504bc800d319251607e53ba0e1ed15cd4fd5c959eaff4d3a1c7cb28c479f2776256633ef7c0f0e98688b54e8c8634cf57e27e5c1ee1e43573ae23bfbb1ff1bef6cabd33c02ff165c44f0f190426ba8391ba4f03458be3351869c5c5c9d5fa5600edbcce523525b9cd9c3bb040e34771ea277d05cb76302c72fac5edc815412dbbbc651371d70d044c4f89a68da7abd836fb3a495e212b5fd13819c41c9a240405582ae69b7c35b30935af3085d457a4d76a94c9272c5eafcecc4c92dd4f314b04b4739864e626a5bab27fa2f345f052afe3bae2ff4c442c42a1c83091bfcc23a3b5e06a511d02cefcd618a6d9761de00af192cf1aacc902cf3ba98f898c48fbc74b6710db7ac890b4f7ed7377e0fa3b4c46a131e775130a80db5014a79e674c8fc8b45495066e88201d2e320320fa4561abab617d0e67e9e879b0080a8ab404f4eb007a088990aa6a7b29afce5b8dd038ce96d43e1271315f6070e761e759c44fba1ce78730e35ca31e0bf5840cc01289c81613a07c497f288ed70a6d10d9f58fe135558b2a862bd877fcc939d7536e7dc988409290cd73da04a3b1399b0a2637f737d5f86bba4a31019546e2000a3ca57f8291cd9af28299eb93909061200c9738cca998add04e7bb0137ecc460fc3ef72872e7d13c159914fcdf577910e6c5d7a1636b13b78c5088551c614e3c75befb0f37fb89b918f4aad0126a9efd3390d6a0cab97ed0e01c7eae0e798a4142345578beb10d6b61a90b4d1fe836022def90bb8e37e07428a4592e7bf30e935951e492234a8db96f081379e7c4e18c3b6ce4ed1f97698dc1da940f14217e877bb8e0f33b392d801a01c48ec62ce2774d2e4e55e9415c063e1bfa31a8f0633443ec19c5fab977c1485147e46c06f86742278fd071de4a165dff7eddd5390a1e031d80e3d44477f6009c9fc27a7d92b865a292b0d586083f681c2d92da7e7f42eabd076fa7d61eba0c2b406c75f1cec561b1a523dd4c6f344b02ed59bd473d7d30a24144e981fc8da434931adeb841d63bb705485f8f58a180da91af64bad1379356787b37467dc9b4a0d12496e5048e7ccb40a978eebee5eaac4e9dd96faf194aa93a22333d7f68cccde147dce26c9ff18d7c8ffe0d1377c70dd1057d54473b2c2b2b3eea82fb223952c0dc3796efd0cd94afea38341ab9a83c6a9ee77f26bf8dea8510dfc964f9b9b4942c08ade50e43f06e5101f2e6b68b6a7f9cc5443c862b1198627461938daf4bd1fc7b21d6d7fd3f775f0e4a1f60434a242b049f159dbe5de145e741c5c9b4e59a7f5d7de54a6d51cd87845dde819ca74e3abf60356fbcf18bfff3b6ae1c545e243c08f9f41b86e55ed6e71be453843e0bffc5b6bdcfeefd33075ee5110627d4f05e008e54ddd62fb6979d9c2a5e4a2cb45fad7b2d77bd17508952889b30df2124cdc2fe6a749a12c9f6dbbd01226cc4ba2693b7e6a858d3c36ac6519ee70e896588a6df81b0e3be3604bbbe1a845088cf1834a04368dde8b6ee76d0492911dc09b05cf6642e0003cd8faafd398872c1a8dc3e85d3658ec8", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={0x90, 0x0, 0x0, {0x3, 0xffffffffffffffff, 0x0, 0x70, 0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000, 0x0, r2, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

11.414506244s ago: executing program 7 (id=2832):
unshare(0x200)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x81ad}}}, 0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r5, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
writev(r5, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
io_submit(r1, 0x1a, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_io_uring_setup(0x43d2, &(0x7f0000000080)={0x0, 0x3670, 0x10100, 0x2, 0x4}, &(0x7f0000000100), &(0x7f0000000040))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

10.899889797s ago: executing program 5 (id=2835):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

10.762507528s ago: executing program 0 (id=2836):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, 0x0, 0x8042)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2c, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x7, 0x0, 0x7, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x18addbae, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x3, 0xbdb], 0x1, 0x1c4213})
ioctl$sock_proto_private(0xffffffffffffffff, 0x89e0, &(0x7f00000002c0)="87810f4d")
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.981029803s ago: executing program 0 (id=2839):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000280)={0x11, 0x0, r2, 0x1, 0x11, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001143f11002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYBLOB="363d60be312a894a0ad8b1847ecd706f971fd8ba38e2dcccbc09c00700e2aeacc799fc70e1a37aab31c9c653530627fd6245fa47050af6"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000)

7.948351488s ago: executing program 5 (id=2840):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x2}, &(0x7f0000000200)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x4c}}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e616e792c63616368653d66736361636865"])
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1000)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
r7 = msgget$private(0x0, 0x6c2)
msgsnd(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="037cd3"], 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x3b, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$pppl2tp(0x18, 0x1, 0x1)

7.738245564s ago: executing program 2 (id=2841):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xe4}}, 0x10)

7.654702109s ago: executing program 8 (id=2842):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[], 0x4c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newlink={0x60, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r1, 0x42024, 0x8d85}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xd790b}, @IFLA_GRE_TTL={0x5, 0x8, 0x4a}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4c014}, 0x0)

7.020055091s ago: executing program 0 (id=2843):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00010027bd7000fcdbdf2502000000", @ANYRES32, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20040100}, 0x800)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0xe8, 0x10c, 0x0, {}, [@common=@unspec=@helper={{0x44}}]}, @common=@unspec=@NFQUEUE0={0x24}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x254, 0x284, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x4b4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x2000, 0xeeee0000, 0xf, 0x6f, 0xfb, 0xe4, 0x40, 0x7, 0x0, 0x2e, 0xc}, {0x5000, 0x40000, 0xa, 0x0, 0x40, 0x5, 0x7, 0x7f, 0x5, 0x3, 0x3, 0xf9}, {0xdddd1000, 0xdddd0000, 0xe, 0x5, 0x6, 0x9, 0x0, 0x88, 0x1, 0xa7, 0x2}, {0x6000, 0xe000, 0xc, 0x7, 0x4, 0x41, 0x0, 0xff, 0x8, 0xe, 0xe, 0x8}, {0x2000, 0x6000, 0x9, 0x3, 0x4, 0x1, 0xab, 0x7f, 0x7, 0x8d, 0xf7, 0x83}, {0x8000000, 0x80a0000, 0xb, 0xa0, 0xb1, 0x8, 0x8, 0xa0, 0x84, 0xf, 0x1, 0xfd}, {0xa000, 0xffffffff, 0x10, 0x5, 0x7, 0x5, 0x7, 0x3, 0x7, 0x81, 0x2, 0x45}, {0x100000, 0xa000, 0xe, 0x5, 0xf, 0x7, 0x1, 0x34, 0x2, 0xc, 0x7, 0x46}, {0xeeef0000, 0x30}, {0x4, 0x9}, 0x80000031, 0x0, 0xf000, 0x12025, 0x5, 0x10800, 0x8000c00, [0x6800000000000000, 0x4, 0x7, 0x3]})
r1 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x44004)
syz_clone3(&(0x7f0000000b40)={0x8000, &(0x7f0000000980), &(0x7f00000009c0)=<r2=>0x0, &(0x7f0000000a00), {0x36}, &(0x7f0000000a40)=""/45, 0x2d, &(0x7f0000000a80)=""/68, &(0x7f0000000b00)}, 0x58)
sched_setscheduler(r2, 0x5, &(0x7f0000000bc0)=0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
unshare(0x4040600)
r3 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000002980)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtaction={0x94, 0x13, 0x53b, 0x0, 0x25dfdbfc, {}, [{0x80, 0x1, [@m_sample={0x50, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x3350, 0x5, 0x9, 0x8}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_ife={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48001}, 0x20054)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xb5fafc1c46b81936, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0xfffc, 0x4, 0xf, 0xa2}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@journal_checksum}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4ef, &(0x7f0000000e00)="$eJzs3Mtv3NQaAPDPTvPoM2lvde/t494GCiKikDRpgS5YAAKpGxASLMoypKEKTVvUBIlWFU0RKkvgLwCWSEis2LACCSFgA4gt7BFShLppYYGCPLaTmWReSduEdn4/yck59rF9vmMfjz1nZgLoWIPZnyRiW0T8HBH9eba2wGD+78a1SxN/XLs0kcTCwgu/J5Vy169dmiiLluttLTJDaUT6dhL76ux35sLF0+PT05Pni/zI7JnXRmYuXHx46sz4qclTk2fHjh07emT0sUfHHmlY96ntS+nLLeLM4rq+981z+/ccf+n9ZycW4uVvP8nqu61YXh1HbqDFFlsbjMFYKCzN7an8vf+mt/7Pkh2K3iKdbNrgytC2rojIDld3pf/3R1csHbz+eOatxcxXG1RB4LbJXpt2rpjbVfxPF1+/gLtRoo9Dhypf8bPn33Jaz/uPjTb/ZPZ3shL/jWL6/rm8bdLsWXYgf2LvarD+v+vM61tKLvS32P+2iDgx9+cH2RR134doImm7JADAoi+y+5+H6t3/pTX3NjuKMZSBiDgUEbsi4l8RsTvSxTL/iYj/rnL/g8vyK+9/fty8yk2uSnb/93gxtlVO+ZIyrmQxt70Sf3fyytT05OGiTYaiuzfLjzbZx5dP//Ruo2WDVfd/2ZTtv7wXLOrx26be2nVOjs+O30TINeavRBKb6sWfLI4EZC2wJyL2rmH7WZtNPfjx/iy9Y+vK5a3jb+IWjDMtfBTxQH7852JZ/KUk31Oj8cmRvpiePDxSnhUrfffD1eer891V6Zr4+9qLqW+twdYxfyViS93zv4i/7AbleO3M6vdx9Zd3Gj7TrDz+SZyYqy5RnP+bl5otO/97khcr6Z5i3hvjs7PnRyN6ihk188eWtlbmy/JZ/EMHa+PPn4vT7Br314fFevsiIjuJ/xcR/4+IA0Xd74mIeyPiYJP4v3nqvlebt9Aaz/9bYD6NONns+EcMJNXj9XUT2UnbYNHp8emu019/3mj/7V3/jlZSQ8Wc6utfT4PtNqrp8sTNth8AAADcCdLKGHSSDld9fru0O7ak0+dmZg8NxutnT+Zj1QPRnZbvdPVXvR86Wrw3XObHluWPRMTOyieNNlfywxPnprdvUMxAbmtV/8+vBWk6PJwv+7XRh16Au8eqxtGqP3T26We3vjLAuvJ9Tehc+j90Lv0fOpf+D52rXv+/HHFjA6oCrDOv/9C59H/oXPo/dC79HzrSyq/EFz+3kl0T2vj+fKPEruNrWWv9Egv9a189Gi+aW/0Gu9orXP76Rdtbbq9wEtEknGaJSJuX6Wm/qrc1cf29vOFqFqUtV3+iVbN0t/hNjNpEX53WOFAkeiOi3e1cXrdWLa8QiV+ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7mh/BwAA///ozN7E")
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x3)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x8008551d, &(0x7f0000000200)=ANY=[@ANYBLOB="5c0109820f0418030d8082"])
ioctl$UFFDIO_MOVE(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000c00)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000b69000/0x3000)=nil, 0x1000, 0x1})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000690003050000000000000000000000000000000008000100020000005145cffb15c1f6ba11ce317d7b30d8a3090b4e9c0afdeceabe2bbc0800000041ed90e90bc78be3db24b3fa8af9913442b94b4a88162bc691802446ecf19f3a20"], 0x20}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.908222404s ago: executing program 2 (id=2844):
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
socket(0x10, 0x803, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

6.798255684s ago: executing program 8 (id=2845):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x79, 0x11, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x9f, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000100)={0x40, 0x3, 0x5, {0x5, 0x2, "ca21d8"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

6.396472555s ago: executing program 5 (id=2846):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400"], 0x50)
r0 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008280)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003700)=ANY=[@ANYBLOB="20000000000000000100000001000000"], 0xb0}}], 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x61, 0x800000000004, @tid=r2}, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000100))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
setuid(0xee01)
clock_adjtime(0x0, &(0x7f0000000000)={0x10001, 0x4, 0xb0000000000, 0x3, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x81, 0xffffffffffffffff, 0x8000000000000001, 0x5a6c101, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x1ff, 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
unshare(0x22020600)
bind$unix(r4, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=@newsa={0x1c8, 0x10, 0x633, 0x70bd26, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x25}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@empty, 0x0, 0x32}, @in6=@empty, {0xfffffffffffffffd, 0x0, 0x0, 0x2dcd}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x90, 0x1, {{'md5\x00'}, 0x240, "fd03480f2e2ebb04183ebca2d78f40b20e8473b935f6cf6f3d2c402e34b339e1b0cd2b29cd33e8f258cf85e6c1348f664a094fe82198b2247fe438734b6b8a3542814e02b742120e"}}]}, 0x1c8}}, 0x0)

5.829007312s ago: executing program 7 (id=2847):
r0 = socket$inet6(0xa, 0x80001, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000010000,use', @ANYRESDEC=0x0, @ANYBLOB="ff67726f75705f68643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0x4000000001, 0x4, 0x10000000c3, 0x2000000000001fd, 0x86, 0x41ff, 0x9, 0x8, 0x100000000000d5, 0x8, 0x10000000000000, 0x40000000000007, 0x8000, 0x4, 0x8, 0x80], 0x10000, 0x120200})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x8, 0xc5, 0x0, 0x6, 0x9, 0x4, 0x6, 0x1, 0xf8, 0x0, 0x1, 0x0, 0x3, 0x6, 0x6, 0x9, 0x4, 0xfe, '\x00', 0x4, 0x4})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5.731499428s ago: executing program 2 (id=2848):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x50, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x605f}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x4}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0xa9}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x3}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20002044}, 0x44080)

5.498533287s ago: executing program 8 (id=2849):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r1=>0x0}, 0x2061)
write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, r1, {0x7}}, 0x18)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x1000)

5.072942911s ago: executing program 5 (id=2850):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

4.914710279s ago: executing program 2 (id=2851):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
creat(&(0x7f00000001c0)='./file0\x00', 0x8)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB='usrqu'])
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='source', &(0x7f00000001c0)='|\xbd$\xc4\xa0\xddBA\xd6E\x0f=\xc3t\xcdF\xf0\x14I\x04KH\xf3D<\xebt\x15\xe2\x98\xdb\xb8\x18L2\xc1\xe5\xed\xf48P\xe4\x9d-\xf1`:\x9a\xc8\xb9c\xea>iY\"\x19LV\x9dY\xf7\xdb\xde\xf4\x11e\x90\xc8\xd4\xd4\x11\xd8\xe5:\xf8\x9f\xf0\xebF\xe88D}\xe3I \\(\xaa\x9d\xca\xadY|f\x1byb7@\x12\xae\x84\"\x97\x8c\xd4\xa7\xc4\xd8\xfb\xa3\x97YV\x1f\xfd>\xec;\xbd\x92\x82\xb2f\xaf\xdd\xc2\x81d\xf9UI\xe0e\x1c}\xfe\x7f\xd9\x00\b\x00\x00\x00\x91\x00\x00\xffD\xfb\x81\xb3\xf3O\x97\xfc\xb9y\xdd=\x98\x00d\xc8]', 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)

4.637033874s ago: executing program 8 (id=2852):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26004411}, 0x800)

4.423764207s ago: executing program 7 (id=2853):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x202, @dev={0xfe, 0x80, '\x00', 0x22}, 0x40006}}, 0x0, 0x0, 0x25, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000880)=0x3, 0x4)
writev(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000001c0)=0x1, 0x4)

3.364246604s ago: executing program 2 (id=2854):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xe4}}, 0x10)

3.10141531s ago: executing program 5 (id=2855):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[], 0x4c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newlink={0x60, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r1, 0x42024, 0x8d85}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xd790b}, @IFLA_GRE_TTL={0x5, 0x8, 0x4a}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4c014}, 0x0)

2.970791106s ago: executing program 8 (id=2856):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x2}, &(0x7f0000000200)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x48}}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e616e792c63616368653d66736361636865"])
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1000)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
r7 = msgget$private(0x0, 0x6c2)
msgsnd(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="037cd3"], 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x3b, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$pppl2tp(0x18, 0x1, 0x1)

2.970452675s ago: executing program 7 (id=2857):
unshare(0x200)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x81ad}}}, 0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r5, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
writev(r5, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
io_submit(r1, 0x1a, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_io_uring_setup(0x43d2, &(0x7f0000000080)={0x0, 0x3670, 0x10100, 0x2, 0x4}, &(0x7f0000000100), &(0x7f0000000040))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

2.651457629s ago: executing program 0 (id=2858):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5)
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000000))

2.35088558s ago: executing program 2 (id=2859):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)

280.548798ms ago: executing program 5 (id=2860):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400"], 0x50)
r0 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008280)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003700)=ANY=[@ANYBLOB="20000000000000000100000001000000"], 0xb0}}], 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x61, 0x800000000004, @tid=r2}, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000100))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
setuid(0xee01)
clock_adjtime(0x0, &(0x7f0000000000)={0x10001, 0x4, 0xb0000000000, 0x3, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x81, 0xffffffffffffffff, 0x8000000000000001, 0x5a6c101, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x1ff, 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
unshare(0x22020600)
bind$unix(r4, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=@newsa={0x1c8, 0x10, 0x633, 0x70bd26, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x25}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@empty, 0x0, 0x32}, @in6=@empty, {0xfffffffffffffffd, 0x0, 0x0, 0x2dcd}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x90, 0x1, {{'md5\x00'}, 0x240, "fd03480f2e2ebb04183ebca2d78f40b20e8473b935f6cf6f3d2c402e34b339e1b0cd2b29cd33e8f258cf85e6c1348f664a094fe82198b2247fe438734b6b8a3542814e02b742120e"}}]}, 0x1c8}}, 0x0)

0s ago: executing program 8 (id=2861):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x0, 0x4ce, 0x3, 0x9dff, 0xf, "000300eb00cbe600"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x5, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)=0x3)

kernel console output (not intermixed with test programs):

er 5 using dummy_hcd
[ 1249.048823][T12999] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1249.308970][T10933] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1249.319846][T10933] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1249.333122][T10933] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 1249.342401][T10933] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1249.438461][T10933] usb 8-1: config 0 descriptor??
[ 1249.721637][ T9896] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1250.013898][T10933] kovaplus 0003:1E7D:2D50.0010: item fetching failed at offset 2/5
[ 1250.078028][T10933] kovaplus 0003:1E7D:2D50.0010: parse failed
[ 1250.084621][T10933] kovaplus 0003:1E7D:2D50.0010: probe with driver kovaplus failed with error -22
[ 1250.197038][T10933] usb 8-1: USB disconnect, device number 5
[ 1250.398962][ T2954] team0 (unregistering): Port device team_slave_1 removed
[ 1250.569775][ T2954] team0 (unregistering): Port device team_slave_0 removed
[ 1250.883396][T13006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1251.021208][T13006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1252.155751][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1252.163468][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1253.240089][ T1110] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.247821][ T1110] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1255.173708][T13028] loop7: detected capacity change from 0 to 1024
[ 1255.191580][T13028] EXT4-fs: Ignoring removed bh option
[ 1255.305732][T13028] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1256.984750][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1257.458400][T12758] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1257.645297][T13055] loop3: detected capacity change from 0 to 512
[ 1257.837420][T13055] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1257.956174][T13055] EXT4-fs (loop3): Remounting filesystem read-only
[ 1257.985144][T13055] EXT4-fs (loop3): 1 truncate cleaned up
[ 1258.034313][T13055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1258.492229][ T9896] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1259.275264][T13073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1259.417827][T13078] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1260.784882][T12758] veth0_vlan: entered promiscuous mode
[ 1260.906990][T12758] veth1_vlan: entered promiscuous mode
[ 1261.457648][T12758] veth0_macvtap: entered promiscuous mode
[ 1261.588989][T12758] veth1_macvtap: entered promiscuous mode
[ 1261.622898][T13100] loop3: detected capacity change from 0 to 512
[ 1261.732979][T13084] loop8: detected capacity change from 0 to 512
[ 1261.816917][T13084] EXT4-fs: Ignoring removed nobh option
[ 1261.826035][T12758] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1261.911096][T13100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1261.938590][T13100] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1261.959038][T12758] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1262.034953][T13084] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1262.047837][T13084] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[ 1262.059904][T13084] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1866: Corrupt directory, running e2fsck is recommended
[ 1262.263455][ T9865] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1262.335659][T13084] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[ 1262.400395][ T9865] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1262.449320][T13084] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.1866: corrupted in-inode xattr: invalid ea_ino
[ 1262.498196][ T9865] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1262.567713][ T9865] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1262.587500][T13084] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.1866: couldn't read orphan inode 15 (err -117)
[ 1262.701396][T13084] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1262.728118][ T9896] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1263.808722][T13108] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1264.070837][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1264.851685][T13137] loop8: detected capacity change from 0 to 512
[ 1264.916921][T13137] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1265.128013][T13137] EXT4-fs (loop8): 1 truncate cleaned up
[ 1265.136173][T13137] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1265.926067][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1266.297788][  T797] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1266.517995][  T797] usb 8-1: Using ep0 maxpacket: 16
[ 1266.599119][  T797] usb 8-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1266.610324][  T797] usb 8-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1266.621313][  T797] usb 8-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1266.634724][  T797] usb 8-1: config 1 interface 0 has no altsetting 0
[ 1266.880844][  T797] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1266.890966][  T797] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1266.901279][  T797] usb 8-1: Product: syz
[ 1266.905671][  T797] usb 8-1: Manufacturer: syz
[ 1266.911173][  T797] usb 8-1: SerialNumber: syz
[ 1267.212326][T13166] loop3: detected capacity change from 0 to 512
[ 1267.366105][T13166] EXT4-fs (loop3): failed to initialize system zone (-117)
[ 1267.377970][  T797] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1267.498026][T13166] EXT4-fs (loop3): mount failed
[ 1267.685580][T10933] usb 8-1: USB disconnect, device number 6
[ 1267.741822][T10933] usblp0: removed
[ 1267.834423][T13170] netlink: 'syz.8.1885': attribute type 7 has an invalid length.
[ 1267.842625][T13170] netlink: 'syz.8.1885': attribute type 8 has an invalid length.
[ 1268.630688][T13177] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1886'.
[ 1270.406765][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1270.414973][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1270.771934][ T9865] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1270.780404][ T9865] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1271.111451][T13203] overlayfs: failed to clone upperpath
[ 1271.146888][T13203] overlayfs: failed to clone upperpath
[ 1271.243026][T13184] loop7: detected capacity change from 0 to 512
[ 1271.329993][T13184] EXT4-fs: Ignoring removed nobh option
[ 1271.423569][T13184] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1271.435738][T13184] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it
[ 1271.446392][T13184] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.1888: Corrupt directory, running e2fsck is recommended
[ 1271.643787][T13184] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[ 1271.726432][T13184] EXT4-fs error (device loop7): ext4_iget_extra_inode:5073: inode #15: comm syz.7.1888: corrupted in-inode xattr: invalid ea_ino
[ 1271.782615][T13184] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1888: couldn't read orphan inode 15 (err -117)
[ 1271.873423][T13184] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1273.171119][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1274.900852][T13256] fuse: Bad value for 'fd'
[ 1275.015595][T13257] overlayfs: workdir and upperdir must reside under the same mount
[ 1276.084637][T13271] loop7: detected capacity change from 0 to 1024
[ 1276.199347][T13271] EXT4-fs: Ignoring removed orlov option
[ 1276.370031][T13271] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1277.042487][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1278.483134][T13283] loop4: detected capacity change from 0 to 512
[ 1278.515742][T13283] EXT4-fs: Ignoring removed nobh option
[ 1278.653553][T13283] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1278.665751][T13283] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1278.679578][T13283] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1911: Corrupt directory, running e2fsck is recommended
[ 1278.744451][T13283] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[ 1278.784337][T13283] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.1911: corrupted in-inode xattr: invalid ea_ino
[ 1278.869817][T13283] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1911: couldn't read orphan inode 15 (err -117)
[ 1278.944462][T13283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1279.360299][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1279.367238][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1279.569128][T13276] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1280.685995][T12758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1284.453752][ T5844] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1284.668713][ T5844] usb 8-1: Using ep0 maxpacket: 32
[ 1284.702883][ T5844] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1284.717613][ T5844] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1284.762336][   T64] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1284.860992][ T5844] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1284.870785][ T5844] usb 8-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 1284.879680][ T5844] usb 8-1: Product: syz
[ 1284.884080][ T5844] usb 8-1: Manufacturer: syz
[ 1285.052200][   T64] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1285.068186][ T5844] hub 8-1:4.0: USB hub found
[ 1285.315415][   T64] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1285.378611][ T5844] hub 8-1:4.0: 5 ports detected
[ 1285.405887][ T5844] hub 8-1:4.0: insufficient power available to use all downstream ports
[ 1285.549696][   T64] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1285.592829][ T5844] hub 8-1:4.0: hub_hub_status failed (err = -71)
[ 1285.600803][ T5844] hub 8-1:4.0: config failed, can't get hub status (err -71)
[ 1285.741236][ T5844] usb 8-1: USB disconnect, device number 7
[ 1286.361636][   T64] bridge_slave_1: left allmulticast mode
[ 1286.370139][   T64] bridge_slave_1: left promiscuous mode
[ 1286.377178][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1286.467269][   T64] bridge_slave_0: left allmulticast mode
[ 1286.473282][   T64] bridge_slave_0: left promiscuous mode
[ 1286.482404][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1287.718885][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1287.808538][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1287.839391][   T64] bond0 (unregistering): Released all slaves
[ 1288.363601][T13369] loop8: detected capacity change from 0 to 256
[ 1288.798500][T13369] FAT-fs (loop8): Directory bread(block 64) failed
[ 1288.834669][   T64] hsr_slave_0: left promiscuous mode
[ 1288.848851][T13369] FAT-fs (loop8): Directory bread(block 65) failed
[ 1288.861219][   T64] hsr_slave_1: left promiscuous mode
[ 1288.891356][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1288.899801][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1288.917410][T13369] FAT-fs (loop8): Directory bread(block 66) failed
[ 1288.924380][T13369] FAT-fs (loop8): Directory bread(block 67) failed
[ 1288.998045][T13369] FAT-fs (loop8): Directory bread(block 68) failed
[ 1289.018127][T13369] FAT-fs (loop8): Directory bread(block 69) failed
[ 1289.038023][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1289.045666][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1289.055131][T13369] FAT-fs (loop8): Directory bread(block 70) failed
[ 1289.055277][T13369] FAT-fs (loop8): Directory bread(block 71) failed
[ 1289.055544][T13369] FAT-fs (loop8): Directory bread(block 72) failed
[ 1289.055657][T13369] FAT-fs (loop8): Directory bread(block 73) failed
[ 1289.297881][   T64] veth1_macvtap: left promiscuous mode
[ 1289.318696][T10196] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1289.332203][   T64] veth0_macvtap: left promiscuous mode
[ 1289.340065][T10196] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1289.349890][T10196] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1289.357649][   T64] veth1_vlan: left promiscuous mode
[ 1289.377841][T10196] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1289.394895][T10196] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1289.408451][   T64] veth0_vlan: left promiscuous mode
[ 1289.964956][T13377] loop3: detected capacity change from 0 to 1024
[ 1290.023067][T13377] EXT4-fs: Ignoring removed bh option
[ 1290.240211][T13377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1290.839799][ T9896] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1291.542579][T10389] Bluetooth: hci4: command tx timeout
[ 1293.567236][T10196] Bluetooth: hci4: command tx timeout
[ 1293.802320][   T64] team0 (unregistering): Port device team_slave_1 removed
[ 1294.080688][   T64] team0 (unregistering): Port device team_slave_0 removed
[ 1295.515538][T13396] loop7: detected capacity change from 0 to 512
[ 1295.647549][T10196] Bluetooth: hci4: command tx timeout
[ 1295.678134][T13396] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.1941: invalid indirect mapped block 256 (level 2)
[ 1295.767398][T13396] EXT4-fs (loop7): 2 truncates cleaned up
[ 1295.849742][T13396] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1296.006970][T13396] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1941'.
[ 1296.252232][ T8898] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1296.439851][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1296.472039][ T8898] usb 4-1: Using ep0 maxpacket: 8
[ 1296.569502][ T8898] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1296.601283][ T8898] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1296.611846][ T8898] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1296.622105][ T8898] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1296.632442][ T8898] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1296.646651][ T8898] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1296.656066][ T8898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.674304][T13391] loop8: detected capacity change from 0 to 512
[ 1296.754415][T13391] EXT4-fs: Ignoring removed nobh option
[ 1296.939843][T13391] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1296.951934][T13391] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[ 1296.963279][T13391] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1939: Corrupt directory, running e2fsck is recommended
[ 1297.102416][T13391] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[ 1297.122805][T13391] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.1939: corrupted in-inode xattr: invalid ea_ino
[ 1297.167136][ T8898] usb 4-1: usb_control_msg returned -32
[ 1297.173200][ T8898] usbtmc 4-1:16.0: can't read capabilities
[ 1297.203257][T13391] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.1939: couldn't read orphan inode 15 (err -117)
[ 1297.293312][T13391] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1297.682149][T13374] chnl_net:caif_netlink_parms(): no params data found
[ 1297.727744][T10196] Bluetooth: hci4: command tx timeout
[ 1297.766761][ T8898] usb 4-1: USB disconnect, device number 18
[ 1298.288952][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1298.448382][T13426] loop7: detected capacity change from 0 to 512
[ 1298.470746][T13426] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1298.527705][T13426] EXT4-fs: journaled quota format not specified
[ 1298.951129][T13430] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1947'.
[ 1299.094385][T13430] loop8: detected capacity change from 0 to 256
[ 1299.507326][T13430] FAT-fs (loop8): Directory bread(block 64) failed
[ 1299.514123][T13430] FAT-fs (loop8): Directory bread(block 65) failed
[ 1299.597293][T13430] FAT-fs (loop8): Directory bread(block 66) failed
[ 1299.648049][T13430] FAT-fs (loop8): Directory bread(block 67) failed
[ 1299.655761][T13430] FAT-fs (loop8): Directory bread(block 68) failed
[ 1299.765369][T13430] FAT-fs (loop8): Directory bread(block 69) failed
[ 1299.855296][T13430] FAT-fs (loop8): Directory bread(block 70) failed
[ 1299.932513][T13430] FAT-fs (loop8): Directory bread(block 71) failed
[ 1299.987972][T13430] FAT-fs (loop8): Directory bread(block 72) failed
[ 1299.994859][T13430] FAT-fs (loop8): Directory bread(block 73) failed
[ 1300.219296][T13374] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1300.227992][T13374] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.592186][T13374] bridge_slave_0: entered allmulticast mode
[ 1300.968706][T13374] bridge_slave_0: entered promiscuous mode
[ 1301.194557][T13374] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1301.210136][T13374] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1301.322545][T13374] bridge_slave_1: entered allmulticast mode
[ 1301.366603][T13374] bridge_slave_1: entered promiscuous mode
[ 1302.145727][T13374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1302.359326][T13374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1302.658417][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1302.658417][ T2954] loop8: rw=1, sector=1256, nr_sectors = 32 limit=256
[ 1302.787185][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1302.787185][ T2954] loop8: rw=1, sector=1320, nr_sectors = 32 limit=256
[ 1302.951755][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1302.951755][ T2954] loop8: rw=1, sector=1384, nr_sectors = 32 limit=256
[ 1303.015531][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1303.015531][ T2954] loop8: rw=1, sector=1448, nr_sectors = 32 limit=256
[ 1303.087108][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1303.087108][ T2954] loop8: rw=1, sector=1512, nr_sectors = 32 limit=256
[ 1303.121207][T13374] team0: Port device team_slave_0 added
[ 1303.148292][ T2954] kworker/u8:9: attempt to access beyond end of device
[ 1303.148292][ T2954] loop8: rw=1, sector=1576, nr_sectors = 8 limit=256
[ 1303.239405][T13374] team0: Port device team_slave_1 added
[ 1304.393660][T13374] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1304.401066][T13374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1304.429047][T13374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1304.515317][T13374] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1304.522629][T13374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1304.549677][T13374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1305.044545][T13374] hsr_slave_0: entered promiscuous mode
[ 1305.094786][T13374] hsr_slave_1: entered promiscuous mode
[ 1305.165902][T13374] debugfs: 'hsr0' already exists in 'hsr'
[ 1305.172124][T13374] Cannot create hsr debugfs directory
[ 1305.514452][T13458] loop8: detected capacity change from 0 to 8192
[ 1305.646873][   T30] audit: type=1800 audit(1769669707.490:61): pid=13458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1952" name="file2" dev="loop8" ino=1048753 res=0 errno=0
[ 1306.838522][T13464] loop3: detected capacity change from 0 to 512
[ 1306.891927][T13464] EXT4-fs: Ignoring removed nobh option
[ 1306.966027][T13464] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1306.978079][T13464] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1306.988570][T13464] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.1956: Corrupt directory, running e2fsck is recommended
[ 1307.056097][T13464] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[ 1307.147183][T13464] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.1956: corrupted in-inode xattr: invalid ea_ino
[ 1307.237512][T13464] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1956: couldn't read orphan inode 15 (err -117)
[ 1307.372927][T13464] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1308.297344][T13374] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1308.389839][T13374] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1308.465269][T13374] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1308.572274][T13374] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1308.799192][ T9896] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1309.432771][T13499] loop3: detected capacity change from 0 to 512
[ 1309.475902][T13499] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1309.657044][T13501] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1965'.
[ 1310.390881][T13374] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1310.675677][T13374] 8021q: adding VLAN 0 to HW filter on device team0
[ 1310.936356][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1310.944235][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1311.189779][T13509] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1311.328011][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1311.335852][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1311.715795][  T797] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1311.916248][  T797] usb 9-1: Using ep0 maxpacket: 8
[ 1312.022090][  T797] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1312.121681][  T797] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1312.132180][  T797] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1312.142427][  T797] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1312.152767][  T797] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1312.168313][  T797] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1312.178184][  T797] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1314.247756][  T797] usb 9-1: usb_control_msg returned -32
[ 1314.253664][  T797] usbtmc 9-1:16.0: can't read capabilities
[ 1315.335662][T10675] usb 9-1: USB disconnect, device number 3
[ 1316.343783][T13539] loop8: detected capacity change from 0 to 512
[ 1316.811828][T13539] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1316.946987][T13374] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1316.965198][T13539] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1317.983701][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1318.305826][T13374] veth0_vlan: entered promiscuous mode
[ 1318.566183][T13374] veth1_vlan: entered promiscuous mode
[ 1320.536072][T13374] veth0_macvtap: entered promiscuous mode
[ 1325.481941][T13374] veth1_macvtap: entered promiscuous mode
[ 1326.061229][T13374] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1326.380195][T13374] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1326.586938][ T1081] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.671338][ T1081] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.786852][ T1081] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.846033][ T1081] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1327.511807][T13570] loop7: detected capacity change from 0 to 512
[ 1327.573994][T13572] loop8: detected capacity change from 0 to 256
[ 1327.778610][T13570] EXT4-fs error (device loop7): ext4_iget_extra_inode:5073: inode #15: comm syz.7.1982: corrupted in-inode xattr: e_value size too large
[ 1327.830034][T13570] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1982: couldn't read orphan inode 15 (err -117)
[ 1327.919334][T13570] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1327.966861][  T797] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1328.157301][  T797] usb 4-1: Using ep0 maxpacket: 8
[ 1328.222061][  T797] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1328.273542][  T797] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1328.283739][  T797] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1328.294064][  T797] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1328.304410][  T797] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1328.318527][  T797] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1328.328172][  T797] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1328.339356][T13572] FAT-fs (loop8): Directory bread(block 64) failed
[ 1328.346114][T13572] FAT-fs (loop8): Directory bread(block 65) failed
[ 1328.397124][T13572] FAT-fs (loop8): Directory bread(block 66) failed
[ 1328.437231][T13572] FAT-fs (loop8): Directory bread(block 67) failed
[ 1328.482074][T13572] FAT-fs (loop8): Directory bread(block 68) failed
[ 1328.536901][T13572] FAT-fs (loop8): Directory bread(block 69) failed
[ 1328.567698][T13572] FAT-fs (loop8): Directory bread(block 70) failed
[ 1328.574585][T13572] FAT-fs (loop8): Directory bread(block 71) failed
[ 1328.632489][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1328.661860][T13572] FAT-fs (loop8): Directory bread(block 72) failed
[ 1328.726995][T13572] FAT-fs (loop8): Directory bread(block 73) failed
[ 1328.918999][  T797] usb 4-1: usb_control_msg returned -32
[ 1328.924948][  T797] usbtmc 4-1:16.0: can't read capabilities
[ 1329.571401][ T8898] usb 4-1: USB disconnect, device number 19
[ 1331.133586][T13596] loop7: detected capacity change from 0 to 512
[ 1331.210860][T13596] EXT4-fs: Ignoring removed nobh option
[ 1331.324889][T13596] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1331.337833][T13596] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it
[ 1331.348669][T13596] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.1987: Corrupt directory, running e2fsck is recommended
[ 1331.395338][T13596] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[ 1331.485428][T13596] EXT4-fs error (device loop7): ext4_iget_extra_inode:5073: inode #15: comm syz.7.1987: corrupted in-inode xattr: invalid ea_ino
[ 1331.608721][T13596] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1987: couldn't read orphan inode 15 (err -117)
[ 1331.786301][T13596] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1333.306361][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.345934][T13646] loop3: detected capacity change from 0 to 1024
[ 1336.268653][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1336.276838][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1336.599737][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1336.608093][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1337.670926][T13689] binder: 13682:13689 ioctl c0306201 80000180 returned -14
[ 1338.572347][T13699] loop2: detected capacity change from 0 to 512
[ 1338.660217][T13699] EXT4-fs: Ignoring removed bh option
[ 1338.844900][T13699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1338.941317][T13699] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1339.954800][T13709] loop7: detected capacity change from 0 to 512
[ 1340.048889][T13709] EXT4-fs: Ignoring removed oldalloc option
[ 1340.220957][T13709] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1340.313966][T13374] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1340.596931][T13709] EXT4-fs error (device loop7): ext4_iget_extra_inode:5073: inode #15: comm syz.7.2011: corrupted in-inode xattr: invalid ea_ino
[ 1340.739463][T13709] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2011: couldn't read orphan inode 15 (err -117)
[ 1340.828363][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1340.837700][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1340.941098][T13709] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1341.618858][T13709] 9p: Bad value for 'wfdno'
[ 1342.219510][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1344.808344][T13739] loop7: detected capacity change from 0 to 1024
[ 1349.094391][T13764] loop8: detected capacity change from 0 to 512
[ 1349.399972][T13764] EXT4-fs: Ignoring removed nobh option
[ 1349.801199][T13764] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1349.813342][T13764] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[ 1349.824148][T13764] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.2023: Corrupt directory, running e2fsck is recommended
[ 1349.868095][T13764] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[ 1350.037555][T13764] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.2023: corrupted in-inode xattr: invalid ea_ino
[ 1350.213117][T13764] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.2023: couldn't read orphan inode 15 (err -117)
[ 1350.334784][T13764] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1350.717211][T13787] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1351.073938][T10389] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1351.087380][T10389] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1351.114037][T10389] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1351.200542][T10389] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1351.259226][T10389] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1351.989538][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1353.115650][T13821] loop7: detected capacity change from 0 to 128
[ 1353.409396][T10389] Bluetooth: hci5: command tx timeout
[ 1353.725257][T13826] syz.7.2037: attempt to access beyond end of device
[ 1353.725257][T13826] loop7: rw=2049, sector=177, nr_sectors = 8 limit=128
[ 1353.777213][T13821] syz.7.2037: attempt to access beyond end of device
[ 1353.777213][T13821] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1353.955461][T13826] syz.7.2037: attempt to access beyond end of device
[ 1353.955461][T13826] loop7: rw=2049, sector=193, nr_sectors = 24 limit=128
[ 1354.107414][T13821] syz.7.2037: attempt to access beyond end of device
[ 1354.107414][T13821] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1354.265813][T13826] syz.7.2037: attempt to access beyond end of device
[ 1354.265813][T13826] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[ 1354.425030][T13821] syz.7.2037: attempt to access beyond end of device
[ 1354.425030][T13821] loop7: rw=2049, sector=241, nr_sectors = 32 limit=128
[ 1354.570254][T13821] syz.7.2037: attempt to access beyond end of device
[ 1354.570254][T13821] loop7: rw=2049, sector=281, nr_sectors = 8 limit=128
[ 1354.849860][T13798] chnl_net:caif_netlink_parms(): no params data found
[ 1355.489690][T10389] Bluetooth: hci5: command tx timeout
[ 1355.519421][   T12] kworker/u8:0: attempt to access beyond end of device
[ 1355.519421][   T12] loop7: rw=1, sector=177, nr_sectors = 1 limit=128
[ 1357.577797][T10389] Bluetooth: hci5: command tx timeout
[ 1358.250600][T13858] veth0_vlan: entered allmulticast mode
[ 1358.529415][T13798] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1358.537758][T13798] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1358.617269][T13798] bridge_slave_0: entered allmulticast mode
[ 1358.655849][T13798] bridge_slave_0: entered promiscuous mode
[ 1358.740165][T13798] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1358.753493][T13798] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1358.769960][T13798] bridge_slave_1: entered allmulticast mode
[ 1358.781240][T13798] bridge_slave_1: entered promiscuous mode
[ 1359.093732][T13798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1359.192164][T13798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1359.662927][T10389] Bluetooth: hci5: command tx timeout
[ 1359.711888][T13798] team0: Port device team_slave_0 added
[ 1359.841050][T13798] team0: Port device team_slave_1 added
[ 1360.347166][T13798] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1360.354491][T13798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1360.381071][T13798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1360.557326][T13798] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1360.564627][T13798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1360.594022][T13798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1360.732101][ T8898] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1360.966893][ T8898] usb 8-1: Using ep0 maxpacket: 16
[ 1361.039585][ T8898] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1361.050342][ T8898] usb 8-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice= 0.00
[ 1361.059933][ T8898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.173141][ T8898] usb 8-1: config 0 descriptor??
[ 1361.683320][ T8898] apple 0003:05AC:0252.0011: unknown main item tag 0x0
[ 1361.691827][ T8898] apple 0003:05AC:0252.0011: unknown main item tag 0x0
[ 1361.699781][ T8898] apple 0003:05AC:0252.0011: unexpected long global item
[ 1361.826980][ T8898] apple 0003:05AC:0252.0011: parse failed
[ 1361.833390][ T8898] apple 0003:05AC:0252.0011: probe with driver apple failed with error -22
[ 1361.946244][ T8898] usb 8-1: USB disconnect, device number 8
[ 1362.064926][T13798] hsr_slave_0: entered promiscuous mode
[ 1362.111382][T13798] hsr_slave_1: entered promiscuous mode
[ 1362.141293][T13798] debugfs: 'hsr0' already exists in 'hsr'
[ 1362.147573][T13798] Cannot create hsr debugfs directory
[ 1368.044053][T13798] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1368.183042][T13798] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1368.353017][T13798] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1368.484516][T13798] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1369.471665][T13943] warning: `syz.7.2072' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1369.525514][T13945] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.2073'.
[ 1370.157726][T13949] IPv6: Can't replace route, no match found
[ 1371.427383][T13798] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1371.741976][T13798] 8021q: adding VLAN 0 to HW filter on device team0
[ 1371.918276][T12978] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1371.925931][T12978] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1372.128003][T12978] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1372.135755][T12978] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1373.264593][T13975] loop8: detected capacity change from 0 to 2048
[ 1373.381379][   T30] audit: type=1800 audit(1769669775.240:62): pid=13978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2085" name="file1" dev="tmpfs" ino=953 res=0 errno=0
[ 1373.560341][T13980] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1373.692058][   T30] audit: type=1800 audit(1769669775.550:63): pid=13975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2084" name="file1" dev="loop8" ino=15 res=0 errno=0
[ 1375.755524][T13798] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1376.559726][T13798] veth0_vlan: entered promiscuous mode
[ 1376.817475][T13798] veth1_vlan: entered promiscuous mode
[ 1377.498460][T13798] veth0_macvtap: entered promiscuous mode
[ 1377.640254][T13798] veth1_macvtap: entered promiscuous mode
[ 1377.998047][T13798] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1378.175530][T13798] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1378.433474][ T9867] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1378.593932][ T9867] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1378.698458][ T9867] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1378.770521][T12979] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1378.879890][T14016] loop8: detected capacity change from 0 to 256
[ 1379.075247][T14014] loop7: detected capacity change from 0 to 2048
[ 1379.254759][T14014]  loop7: p1 < > p3
[ 1379.413645][T14014] loop7: p3 size 134217728 extends beyond EOD, truncated
[ 1380.272572][T14027] loop8: detected capacity change from 0 to 64
[ 1381.234081][T13579] udevd[13579]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[ 1381.259263][T13581] udevd[13581]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory
[ 1381.949224][T14042] loop2: detected capacity change from 0 to 512
[ 1382.037079][T14042] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1382.124687][T14042] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0102]
[ 1382.318147][T14042] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.2099: corrupted in-inode xattr: e_value size too large
[ 1382.448376][T14042] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2099: couldn't read orphan inode 15 (err -117)
[ 1382.570686][T14042] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1383.307962][T13374] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1387.997353][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1388.005592][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1388.352799][T14101] loop8: detected capacity change from 0 to 128
[ 1388.456319][ T9867] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1388.464672][ T9867] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1388.681394][T14101] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1388.797830][T14101] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1389.525376][T10752] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1390.157851][ T8898] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1390.399610][ T8898] usb 1-1: Using ep0 maxpacket: 8
[ 1390.453279][ T8898] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1390.517031][ T8898] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1390.527592][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1390.538028][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1390.548580][ T8898] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1390.562296][ T8898] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1390.572071][ T8898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1391.123811][ T8898] usb 1-1: usb_control_msg returned -32
[ 1391.130404][ T8898] usbtmc 1-1:16.0: can't read capabilities
[ 1392.343883][T14125] loop7: detected capacity change from 0 to 4096
[ 1392.453046][T14129] loop2: detected capacity change from 0 to 256
[ 1392.535589][T14133] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1392.737474][T14129] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1cb9a937, utbl_chksum : 0xe619d30d)
[ 1392.807491][T14129] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 0)
[ 1392.815729][T14129] exFAT-fs (loop2): failed to load alloc-bitmap
[ 1392.822494][T14129] exFAT-fs (loop2): failed to recognize exfat type
[ 1393.170120][ T8898] usb 1-1: USB disconnect, device number 2
[ 1394.514324][T14148] loop7: detected capacity change from 0 to 512
[ 1394.822052][T14148] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1394.927699][T14148] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1395.750607][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1396.452511][T14162] loop7: detected capacity change from 0 to 128
[ 1396.553927][T14162] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1398.053234][T14177] loop7: detected capacity change from 0 to 128
[ 1398.285254][T14177] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1398.361335][T14177] hpfs: filesystem error: improperly stopped
[ 1398.368142][T14177] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1398.376110][T14177] hpfs: You really don't want any checks? You are crazy...
[ 1398.492410][T14177] hpfs: hpfs_map_sector(): read error
[ 1398.498283][T14177] hpfs: code page support is disabled
[ 1398.528897][ T8898] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1398.558103][T14177] hpfs: hpfs_map_4sectors(): unaligned read
[ 1398.564502][T14177] hpfs: hpfs_map_4sectors(): unaligned read
[ 1398.571467][T14177] hpfs: filesystem error: unable to find root dir
[ 1398.791745][ T8898] usb 9-1: Using ep0 maxpacket: 8
[ 1398.843643][ T8898] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1398.898700][ T8898] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1398.909186][ T8898] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1398.919431][ T8898] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1398.931788][ T8898] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1398.945615][ T8898] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1398.955098][ T8898] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.386276][ T8898] usb 9-1: usb_control_msg returned -32
[ 1399.393282][ T8898] usbtmc 9-1:16.0: can't read capabilities
[ 1399.829927][T14192] loop7: detected capacity change from 0 to 128
[ 1400.280166][T14199] syz.7.2135: attempt to access beyond end of device
[ 1400.280166][T14199] loop7: rw=2049, sector=217, nr_sectors = 32 limit=128
[ 1400.358174][T14192] syz.7.2135: attempt to access beyond end of device
[ 1400.358174][T14192] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1400.497770][T14192] syz.7.2135: attempt to access beyond end of device
[ 1400.497770][T14192] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1400.617907][T14192] syz.7.2135: attempt to access beyond end of device
[ 1400.617907][T14192] loop7: rw=2049, sector=177, nr_sectors = 24 limit=128
[ 1400.639264][T14199] syz.7.2135: attempt to access beyond end of device
[ 1400.639264][T14199] loop7: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1400.751027][T14199] syz.7.2135: attempt to access beyond end of device
[ 1400.751027][T14199] loop7: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1400.793751][T14192] syz.7.2135: attempt to access beyond end of device
[ 1400.793751][T14192] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1400.873748][T14199] syz.7.2135: attempt to access beyond end of device
[ 1400.873748][T14199] loop7: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1400.914404][T14201] loop0: detected capacity change from 0 to 4096
[ 1400.970713][T14201] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1400.980330][T14209] syz.7.2135: attempt to access beyond end of device
[ 1400.980330][T14209] loop7: rw=8388608, sector=217, nr_sectors = 1 limit=128
[ 1401.039086][T14201] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1401.064008][T14192] syz.7.2135: attempt to access beyond end of device
[ 1401.064008][T14192] loop7: rw=2049, sector=297, nr_sectors = 8 limit=128
[ 1401.200716][T14191] Buffer I/O error on dev loop7, logical block 217, async page read
[ 1401.278992][T14201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1401.309223][T10933] usb 9-1: USB disconnect, device number 4
[ 1401.318135][T14191] Buffer I/O error on dev loop7, logical block 218, async page read
[ 1401.418186][T14191] Buffer I/O error on dev loop7, logical block 219, async page read
[ 1401.473185][T14191] Buffer I/O error on dev loop7, logical block 220, async page read
[ 1401.563000][T14191] Buffer I/O error on dev loop7, logical block 221, async page read
[ 1401.650092][T14191] Buffer I/O error on dev loop7, logical block 222, async page read
[ 1401.812660][T14191] Buffer I/O error on dev loop7, logical block 223, async page read
[ 1401.897599][T14191] Buffer I/O error on dev loop7, logical block 224, async page read
[ 1401.987127][T14191] Buffer I/O error on dev loop7, logical block 217, async page read
[ 1401.995389][T14191] Buffer I/O error on dev loop7, logical block 218, async page read
[ 1402.050527][T14218] loop8: detected capacity change from 0 to 47
[ 1402.079915][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1402.242156][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1402.249291][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1408.814588][T14253] loop8: detected capacity change from 0 to 128
[ 1408.932628][T14253] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1409.573613][T14259] loop7: detected capacity change from 0 to 2048
[ 1409.727727][   T36] FAT-fs (loop8): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1409.736261][   T36] FAT-fs (loop8): Filesystem has been set read-only
[ 1409.819692][T14259] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1409.876269][   T36] FAT-fs (loop8): error, corrupted file size (i_pos 548, 522)
[ 1409.947807][   T36] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1410.102837][T14266] loop0: detected capacity change from 0 to 512
[ 1410.209934][T14266] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1410.217128][T14266] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1410.369468][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1410.432706][T14266] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2154: bad orphan inode 131083
[ 1410.515633][T14266] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1410.927208][T14271] loop8: detected capacity change from 0 to 128
[ 1411.159552][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1411.435694][T14274] bio_check_eod: 51 callbacks suppressed
[ 1411.435784][T14274] syz.8.2155: attempt to access beyond end of device
[ 1411.435784][T14274] loop8: rw=2049, sector=185, nr_sectors = 32 limit=128
[ 1411.461874][T14271] syz.8.2155: attempt to access beyond end of device
[ 1411.461874][T14271] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1411.560699][T14271] syz.8.2155: attempt to access beyond end of device
[ 1411.560699][T14271] loop8: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1411.718430][T14271] syz.8.2155: attempt to access beyond end of device
[ 1411.718430][T14271] loop8: rw=2049, sector=177, nr_sectors = 8 limit=128
[ 1411.721238][T14276] syz.8.2155: attempt to access beyond end of device
[ 1411.721238][T14276] loop8: rw=8388608, sector=185, nr_sectors = 1 limit=128
[ 1411.850792][T14271] syz.8.2155: attempt to access beyond end of device
[ 1411.850792][T14271] loop8: rw=2049, sector=225, nr_sectors = 16 limit=128
[ 1412.002245][T14279] loop0: detected capacity change from 0 to 16
[ 1412.028419][T14271] syz.8.2155: attempt to access beyond end of device
[ 1412.028419][T14271] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[ 1412.118912][T14270] syz.8.2155: attempt to access beyond end of device
[ 1412.118912][T14270] loop8: rw=8388608, sector=185, nr_sectors = 1 limit=128
[ 1412.133322][T14270] buffer_io_error: 38 callbacks suppressed
[ 1412.133400][T14270] Buffer I/O error on dev loop8, logical block 185, async page read
[ 1412.228102][T14270] syz.8.2155: attempt to access beyond end of device
[ 1412.228102][T14270] loop8: rw=8388608, sector=186, nr_sectors = 1 limit=128
[ 1412.242825][T14270] Buffer I/O error on dev loop8, logical block 186, async page read
[ 1412.337036][T14270] syz.8.2155: attempt to access beyond end of device
[ 1412.337036][T14270] loop8: rw=8388608, sector=187, nr_sectors = 1 limit=128
[ 1412.351424][T14270] Buffer I/O error on dev loop8, logical block 187, async page read
[ 1412.444088][T14270] Buffer I/O error on dev loop8, logical block 188, async page read
[ 1412.601489][T14270] Buffer I/O error on dev loop8, logical block 189, async page read
[ 1412.630130][T14270] Buffer I/O error on dev loop8, logical block 190, async page read
[ 1412.683880][T14270] Buffer I/O error on dev loop8, logical block 191, async page read
[ 1412.732744][T14270] Buffer I/O error on dev loop8, logical block 192, async page read
[ 1412.766905][T14270] Buffer I/O error on dev loop8, logical block 185, async page read
[ 1412.824148][T14270] Buffer I/O error on dev loop8, logical block 186, async page read
[ 1413.489106][T14288] loop2: detected capacity change from 0 to 64
[ 1413.781489][   T30] audit: type=1800 audit(1769669815.640:64): pid=14288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2159" name="file1" dev="loop2" ino=22 res=0 errno=0
[ 1413.913009][   T30] audit: type=1800 audit(1769669815.690:65): pid=14288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2159" name="file1" dev="loop2" ino=22 res=0 errno=0
[ 1414.527233][T10196] Bluetooth: hci4: command 0x0406 tx timeout
[ 1415.215115][T14295] loop2: detected capacity change from 0 to 2048
[ 1415.408804][T14300] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1415.587424][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1415.683033][T14295] Remounting filesystem read-only
[ 1415.758952][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1415.851399][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1415.947922][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.017494][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.087415][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.171326][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.267979][T14295] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1416.327483][   T30] audit: type=1800 audit(1769669818.190:66): pid=14295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2161" name="file2" dev="loop2" ino=16 res=0 errno=0
[ 1416.414497][T14295] NILFS (loop2): error -2 truncating bmap (ino=16)
[ 1416.794254][T13374] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[ 1417.774691][T14314] loop2: detected capacity change from 0 to 1024
[ 1417.922554][T14316] loop7: detected capacity change from 0 to 512
[ 1418.058117][T14316] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1418.065141][T14316] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1418.230018][T14316] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.2167: bad orphan inode 131083
[ 1418.275533][T14316] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1419.026229][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1419.327977][T12978] hfsplus: b-tree write err: -5, ino 3
[ 1419.422875][T13374] hfsplus: node 4:3 still has 1 user(s)!
[ 1419.545112][T14329] loop8: detected capacity change from 0 to 128
[ 1420.019053][T14329] bio_check_eod: 45 callbacks suppressed
[ 1420.019142][T14329] syz.8.2170: attempt to access beyond end of device
[ 1420.019142][T14329] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[ 1420.058302][T14329] syz.8.2170: attempt to access beyond end of device
[ 1420.058302][T14329] loop8: rw=2049, sector=169, nr_sectors = 8 limit=128
[ 1420.950602][T14339] loop7: detected capacity change from 0 to 128
[ 1421.152855][T14339] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1421.261363][T14339] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1421.303433][T14335] loop2: detected capacity change from 0 to 4096
[ 1421.389927][   T30] audit: type=1800 audit(1769669823.240:67): pid=14339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2173" name="file1" dev="loop7" ino=12 res=0 errno=0
[ 1422.049901][T12406] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1422.714611][   T30] audit: type=1800 audit(1769669824.570:68): pid=14335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2172" name="file1" dev="loop2" ino=33 res=0 errno=0
[ 1424.031256][T14366] loop7: detected capacity change from 0 to 512
[ 1424.147027][T14366] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1424.154084][T14366] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1424.348114][T14366] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.2181: bad orphan inode 131083
[ 1424.556873][T14366] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1425.083447][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.507022][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1425.608829][T14374] loop8: detected capacity change from 0 to 4096
[ 1425.771318][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1425.982040][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1426.110780][   T30] audit: type=1800 audit(1769669827.970:69): pid=14372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2183" name="file1" dev="tmpfs" ino=1057 res=0 errno=0
[ 1426.159143][T14377] loop7: detected capacity change from 0 to 256
[ 1426.222976][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1426.244302][   T30] audit: type=1800 audit(1769669828.060:70): pid=14372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2183" name="file1" dev="tmpfs" ino=1057 res=0 errno=0
[ 1426.274237][T14377] exfat: Bad value for 'uid'
[ 1426.279335][T14377] exfat: Bad value for 'uid'
[ 1427.345695][   T36] bridge_slave_1: left allmulticast mode
[ 1427.352109][   T36] bridge_slave_1: left promiscuous mode
[ 1427.361818][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1427.541062][   T36] bridge_slave_0: left allmulticast mode
[ 1427.549047][   T36] bridge_slave_0: left promiscuous mode
[ 1427.556234][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1427.765085][T14387] loop0: detected capacity change from 0 to 64
[ 1427.802086][T14384] loop7: detected capacity change from 0 to 1024
[ 1427.884730][T14384] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1427.998647][T14384] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 1428.009239][T14384] EXT4-fs (loop7): group descriptors corrupted!
[ 1429.529402][T14404] loop8: detected capacity change from 0 to 64
[ 1429.788614][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.900130][ T8898] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1429.910747][T14404] hfs: request for non-existent node 65538 in B*Tree
[ 1429.920822][T14404] hfs: request for non-existent node 65538 in B*Tree
[ 1429.928353][T14404] hfs: fail to find leaf node: node ID 65538
[ 1429.961204][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1430.005449][T14408] overlayfs: failed to resolve './file0': -2
[ 1430.045010][   T36] bond0 (unregistering): Released all slaves
[ 1430.136134][ T8898] usb 8-1: Using ep0 maxpacket: 8
[ 1430.184448][ T8898] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1430.227417][ T8898] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1430.237828][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1430.248482][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1430.259010][ T8898] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1430.272579][ T8898] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1430.282102][ T8898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1430.776924][ T8898] usb 8-1: usb_control_msg returned -32
[ 1430.782841][ T8898] usbtmc 8-1:16.0: can't read capabilities
[ 1431.004520][T14417] loop2: detected capacity change from 0 to 128
[ 1431.128252][T14417] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1431.150160][T14417] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1431.243491][   T36] hsr_slave_0: left promiscuous mode
[ 1431.272931][   T36] hsr_slave_1: left promiscuous mode
[ 1431.309861][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1431.317906][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1431.404730][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1431.413433][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1431.575541][T13374] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1431.589732][   T36] veth1_macvtap: left promiscuous mode
[ 1431.610122][   T36] veth0_macvtap: left promiscuous mode
[ 1431.639060][   T36] veth1_vlan: left promiscuous mode
[ 1431.729842][   T36] veth0_vlan: left promiscuous mode
[ 1432.433968][T14425] loop2: detected capacity change from 0 to 128
[ 1432.591839][T14425] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1432.715205][T14425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1432.873311][ T8898] usb 8-1: USB disconnect, device number 9
[ 1433.768629][T14431] loop7: detected capacity change from 0 to 64
[ 1434.281118][T14435] loop2: detected capacity change from 0 to 128
[ 1434.353836][T14434] loop0: detected capacity change from 0 to 512
[ 1434.496671][T14434] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1434.582258][   T30] audit: type=1800 audit(1769669836.430:71): pid=14435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2201" name="file1" dev="loop2" ino=1048779 res=0 errno=0
[ 1434.717212][T14434] EXT4-fs (loop0): 1 truncate cleaned up
[ 1434.725332][T14434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1434.817249][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1434.963869][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1435.562561][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1436.278506][T14445] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2205'.
[ 1436.475344][T14448] overlayfs: failed to resolve './file0': -2
[ 1437.525544][T14460] loop8: detected capacity change from 0 to 128
[ 1437.826796][T10933] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1437.954423][T14457] syz.8.2211: attempt to access beyond end of device
[ 1437.954423][T14457] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1437.990000][T14460] syz.8.2211: attempt to access beyond end of device
[ 1437.990000][T14460] loop8: rw=2049, sector=217, nr_sectors = 32 limit=128
[ 1438.064682][T10933] usb 1-1: Using ep0 maxpacket: 8
[ 1438.133430][T10933] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1438.143116][T14460] syz.8.2211: attempt to access beyond end of device
[ 1438.143116][T14460] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1438.167964][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.167964][T14457] loop8: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1438.182789][T10933] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1438.182956][T10933] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1438.183111][T10933] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1438.218476][T10933] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1438.233552][T10933] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1438.243096][T10933] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1438.294246][T14460] syz.8.2211: attempt to access beyond end of device
[ 1438.294246][T14460] loop8: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1438.332334][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.332334][T14457] loop8: rw=2049, sector=177, nr_sectors = 24 limit=128
[ 1438.465098][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.465098][T14457] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1438.578151][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.578151][T14457] loop8: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1438.676316][T10933] usb 1-1: usb_control_msg returned -32
[ 1438.682365][T10933] usbtmc 1-1:16.0: can't read capabilities
[ 1438.736031][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.736031][T14457] loop8: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1438.837055][T14457] syz.8.2211: attempt to access beyond end of device
[ 1438.837055][T14457] loop8: rw=2049, sector=337, nr_sectors = 8 limit=128
[ 1439.319235][ T1110] buffer_io_error: 38 callbacks suppressed
[ 1439.319320][ T1110] Buffer I/O error on dev loop8, logical block 217, lost async page write
[ 1439.383854][T10933] usb 1-1: USB disconnect, device number 3
[ 1440.189835][T14486] overlayfs: failed to resolve './file0': -2
[ 1440.330133][T14488] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.2220'.
[ 1441.743508][T14504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1441.943592][T14504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1442.326366][T14509] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2228'.
[ 1443.550415][T10933] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1443.766881][T10933] usb 9-1: Using ep0 maxpacket: 8
[ 1443.802585][T10933] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1443.829025][T10933] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1443.839315][T10933] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1443.853170][T10933] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1443.864343][T10933] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1443.877893][T10933] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1443.887329][T10933] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1443.957000][T14529] netlink: 16186 bytes leftover after parsing attributes in process `syz.7.2234'.
[ 1444.310743][T10933] usb 9-1: usb_control_msg returned -32
[ 1444.320145][T10933] usbtmc 9-1:16.0: can't read capabilities
[ 1444.968613][T10933] usb 9-1: USB disconnect, device number 5
[ 1446.462230][T14558] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1446.640679][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2244'.
[ 1446.647577][T14563] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1447.111067][T14569] loop2: detected capacity change from 0 to 512
[ 1447.187316][T14569] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1447.194349][T14569] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1447.312059][T14569] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.2246: bad orphan inode 131083
[ 1447.451139][T14569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1447.638900][T14572] loop8: detected capacity change from 0 to 4096
[ 1447.776864][T14572] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1448.175836][T13374] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1448.228794][T14585] loop0: detected capacity change from 0 to 128
[ 1448.345445][T14585] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1448.540627][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1449.051267][ T9867] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1449.059838][ T9867] FAT-fs (loop0): Filesystem has been set read-only
[ 1449.163463][ T9867] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[ 1450.559996][T14608] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[ 1450.918281][T14620] syzkaller0: tun_chr_ioctl cmd 21731
[ 1451.697441][T14626] loop8: detected capacity change from 0 to 512
[ 1451.786779][T14626] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1451.793828][T14626] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1451.968437][T14626] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.2262: bad orphan inode 131083
[ 1452.054252][T14626] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1452.696120][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1452.745725][T14643] loop0: detected capacity change from 0 to 128
[ 1452.872738][T14643] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1453.282910][T14646] loop8: detected capacity change from 0 to 64
[ 1453.538192][T12979] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1453.550432][T12979] FAT-fs (loop0): Filesystem has been set read-only
[ 1453.608496][T14646] hfs: request for non-existent node 65538 in B*Tree
[ 1453.615492][T14646] hfs: request for non-existent node 65538 in B*Tree
[ 1453.622967][T14646] hfs: fail to find leaf node: node ID 65538
[ 1453.646792][T12979] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[ 1454.397348][ T8898] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1454.656863][ T8898] usb 8-1: Using ep0 maxpacket: 8
[ 1454.707936][ T8898] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1454.796985][ T8898] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1454.808779][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1454.820083][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1454.831831][ T8898] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1454.845624][ T8898] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1454.855127][ T8898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1455.322827][ T8898] usb 8-1: usb_control_msg returned -32
[ 1455.329039][ T8898] usbtmc 8-1:16.0: can't read capabilities
[ 1455.923106][ T8898] usb 8-1: USB disconnect, device number 10
[ 1456.252434][T14681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2278'.
[ 1458.048366][T14698] loop7: detected capacity change from 0 to 64
[ 1462.502576][T14726] loop7: detected capacity change from 0 to 128
[ 1462.611831][T14726] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1463.685608][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1463.692651][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1464.197168][   T36] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1464.752714][T14689] Set syz1 is full, maxelem 65536 reached
[ 1466.069656][T14749] loop7: detected capacity change from 0 to 4096
[ 1466.226605][T14749] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1466.407962][T14762] netlink: 'syz.8.2303': attribute type 6 has an invalid length.
[ 1466.416225][T14762] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2303'.
[ 1466.469920][T14762] block nbd0: not configured, cannot reconfigure
[ 1466.770197][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1467.646969][T10389] Bluetooth: hci5: command tx timeout
[ 1467.697197][T10933] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1467.866982][T10933] usb 3-1: Using ep0 maxpacket: 8
[ 1467.921121][T10933] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1467.971685][T10933] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1467.982274][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1467.992653][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1468.002986][T10933] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1468.020597][T10933] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1468.032959][T10933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1468.335748][T14784] loop7: detected capacity change from 0 to 128
[ 1468.363274][T10933] usb 3-1: usb_control_msg returned -32
[ 1468.372069][T10933] usbtmc 3-1:16.0: can't read capabilities
[ 1468.411146][T14784] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1469.025930][   T12] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1469.806180][T14800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2313'.
[ 1470.628513][ T8898] usb 3-1: USB disconnect, device number 3
[ 1471.273049][T14806] loop7: detected capacity change from 0 to 4096
[ 1471.552972][T14806] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1471.678485][T14817] batman_adv: batadv0: Adding interface: geneve2
[ 1471.710819][T14817] batman_adv: batadv0: Interface activated: geneve2
[ 1471.818584][T14806] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.2314: corrupted inode contents
[ 1471.850663][T14823] netlink: 72 bytes leftover after parsing attributes in process `syz.5.2319'.
[ 1471.955011][T14806] EXT4-fs error (device loop7): ext4_dirty_inode:6502: inode #15: comm syz.7.2314: mark_inode_dirty error
[ 1472.046020][T14806] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.2314: corrupted inode contents
[ 1472.176153][T14806] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.2314: mark_inode_dirty error
[ 1472.257603][T14806] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.2314: corrupted inode contents
[ 1472.326310][T14806] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.2314: mark_inode_dirty error
[ 1472.399987][T14806] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.2314: corrupted inode contents
[ 1472.509538][T14806] EXT4-fs error (device loop7): ext4_truncate:4635: inode #15: comm syz.7.2314: mark_inode_dirty error
[ 1472.587281][T14806] EXT4-fs error (device loop7) in ext4_setattr:6035: Corrupt filesystem
[ 1473.016750][T14836] loop0: detected capacity change from 0 to 128
[ 1473.044015][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.095351][T14836] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1473.632023][   T58] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1473.727704][T14845] loop7: detected capacity change from 0 to 128
[ 1473.797012][T14845] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1473.897374][T14845] hpfs: filesystem error: improperly stopped
[ 1473.903756][T14845] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1473.912674][T14845] hpfs: You really don't want any checks? You are crazy...
[ 1474.042185][T14845] hpfs: hpfs_map_sector(): read error
[ 1474.047935][T14845] hpfs: code page support is disabled
[ 1474.137668][T14845] hpfs: hpfs_map_4sectors(): unaligned read
[ 1474.144023][T14845] hpfs: hpfs_map_4sectors(): unaligned read
[ 1474.150401][T14845] hpfs: filesystem error: unable to find root dir
[ 1474.440583][T10389] Bluetooth: hci5: link tx timeout
[ 1474.446725][T10389] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.486951][T10196] Bluetooth: hci5: link tx timeout
[ 1474.492585][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.509635][T10196] Bluetooth: hci5: link tx timeout
[ 1474.514975][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.526308][T10196] Bluetooth: hci5: link tx timeout
[ 1474.531809][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.649881][T10196] Bluetooth: hci5: link tx timeout
[ 1474.655329][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.664800][T10196] Bluetooth: hci5: link tx timeout
[ 1474.677303][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.685234][T10196] Bluetooth: hci5: link tx timeout
[ 1474.690852][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.717395][T10196] Bluetooth: hci5: link tx timeout
[ 1474.722758][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.732305][T10196] Bluetooth: hci5: link tx timeout
[ 1474.738000][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.757604][T10196] Bluetooth: hci5: link tx timeout
[ 1474.762948][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.775560][T10196] Bluetooth: hci5: link tx timeout
[ 1474.781156][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.798116][T10196] Bluetooth: hci5: link tx timeout
[ 1474.803493][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.812975][T10196] Bluetooth: hci5: link tx timeout
[ 1474.818417][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.826312][T10196] Bluetooth: hci5: link tx timeout
[ 1474.831785][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.839855][T10196] Bluetooth: hci5: link tx timeout
[ 1474.845156][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.876819][T10196] Bluetooth: hci5: link tx timeout
[ 1474.882162][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.890389][T10196] Bluetooth: hci5: link tx timeout
[ 1474.895712][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.903951][T10196] Bluetooth: hci5: link tx timeout
[ 1474.917227][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.925251][T10196] Bluetooth: hci5: link tx timeout
[ 1474.930892][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.976930][T10196] Bluetooth: hci5: link tx timeout
[ 1474.982276][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1474.997514][T10196] Bluetooth: hci5: link tx timeout
[ 1475.002890][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.012906][T10196] Bluetooth: hci5: link tx timeout
[ 1475.018326][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.031570][T10196] Bluetooth: hci5: link tx timeout
[ 1475.039738][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.061301][T10196] Bluetooth: hci5: link tx timeout
[ 1475.066769][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.074811][T10196] Bluetooth: hci5: link tx timeout
[ 1475.084785][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.115045][T10196] Bluetooth: hci5: link tx timeout
[ 1475.120563][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.203915][T10196] Bluetooth: hci5: link tx timeout
[ 1475.213353][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.223655][T10196] Bluetooth: hci5: link tx timeout
[ 1475.229087][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.258931][T10196] Bluetooth: hci5: link tx timeout
[ 1475.264305][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.272370][T10196] Bluetooth: hci5: link tx timeout
[ 1475.278244][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.432901][T10196] Bluetooth: hci5: link tx timeout
[ 1475.438518][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1475.456837][T10196] Bluetooth: hci5: link tx timeout
[ 1475.463051][T10196] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1476.534569][T10196] Bluetooth: hci5: command 0x0406 tx timeout
[ 1476.553428][T14871] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2331'.
[ 1477.848319][T14893] loop0: detected capacity change from 0 to 128
[ 1477.919524][T14893] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1478.327699][T14900] loop2: detected capacity change from 0 to 64
[ 1478.459271][T12978] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1479.128083][T14904] loop8: detected capacity change from 0 to 128
[ 1479.277101][T14904] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1479.364131][T14904] hpfs: filesystem error: improperly stopped
[ 1479.371259][T14904] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1479.380627][T14904] hpfs: You really don't want any checks? You are crazy...
[ 1479.398337][T14906] syzkaller1: entered promiscuous mode
[ 1479.404189][T14906] syzkaller1: entered allmulticast mode
[ 1479.467348][T14904] hpfs: hpfs_map_sector(): read error
[ 1479.473085][T14904] hpfs: code page support is disabled
[ 1479.514896][T14911] loop7: detected capacity change from 0 to 64
[ 1479.559797][T14904] hpfs: hpfs_map_4sectors(): unaligned read
[ 1479.591175][T14904] hpfs: hpfs_map_4sectors(): unaligned read
[ 1479.597597][T14904] hpfs: filesystem error: unable to find root dir
[ 1479.932886][   T30] audit: type=1800 audit(1769669881.750:72): pid=14911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2343" name="file1" dev="loop7" ino=23 res=0 errno=0
[ 1481.792403][T14935] loop8: detected capacity change from 0 to 128
[ 1481.975871][T14935] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1482.526169][   T58] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1483.044587][T14944] loop7: detected capacity change from 0 to 64
[ 1483.221739][T14947] loop0: detected capacity change from 0 to 512
[ 1483.441416][T14947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1483.545595][T14947] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1484.330152][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1484.442700][T14961] loop7: detected capacity change from 0 to 128
[ 1484.562728][T14961] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1484.606994][T14961] hpfs: filesystem error: improperly stopped
[ 1484.613421][T14961] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1484.621938][T14961] hpfs: You really don't want any checks? You are crazy...
[ 1484.687782][T14961] hpfs: hpfs_map_sector(): read error
[ 1484.693383][T14961] hpfs: code page support is disabled
[ 1484.757393][T14961] hpfs: hpfs_map_4sectors(): unaligned read
[ 1484.797240][T14961] hpfs: hpfs_map_4sectors(): unaligned read
[ 1484.806806][T14961] hpfs: filesystem error: unable to find root dir
[ 1484.985568][T14959] loop8: detected capacity change from 0 to 4096
[ 1485.457449][ T8898] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1485.676960][ T8898] usb 1-1: Using ep0 maxpacket: 8
[ 1485.709612][ T8898] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1485.728398][ T8898] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1485.739261][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1485.749372][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1485.759590][ T8898] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1485.772907][ T8898] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1485.782312][ T8898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1486.154261][T14974] loop7: detected capacity change from 0 to 128
[ 1486.257710][T14974] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1486.312711][ T8898] usb 1-1: usb_control_msg returned -32
[ 1486.319548][ T8898] usbtmc 1-1:16.0: can't read capabilities
[ 1486.903161][   T12] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1486.964235][ T8898] usb 1-1: USB disconnect, device number 4
[ 1487.686383][T14990] loop7: detected capacity change from 0 to 64
[ 1487.908455][T14991] syzkaller0: entered promiscuous mode
[ 1487.914184][T14991] syzkaller0: entered allmulticast mode
[ 1488.082918][T14991] sch_tbf: burst 555 is lower than device syzkaller0 mtu (1514) !
[ 1488.726238][T15004] syz_tun: entered allmulticast mode
[ 1488.795746][T15003] syz_tun: left allmulticast mode
[ 1489.316280][T15009] loop2: detected capacity change from 0 to 128
[ 1489.678813][T15015] bio_check_eod: 3 callbacks suppressed
[ 1489.678898][T15015] syz.2.2372: attempt to access beyond end of device
[ 1489.678898][T15015] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[ 1489.768432][T15015] syz.2.2372: attempt to access beyond end of device
[ 1489.768432][T15015] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[ 1492.003622][T15039] loop2: detected capacity change from 0 to 64
[ 1492.051509][ T8898] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1492.316864][ T8898] usb 1-1: Using ep0 maxpacket: 8
[ 1492.385772][ T8898] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1492.444370][ T8898] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1492.454840][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1492.465593][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1492.475899][ T8898] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1492.490683][ T8898] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1492.500426][ T8898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1493.050643][ T8898] usb 1-1: usb_control_msg returned -32
[ 1493.056747][ T8898] usbtmc 1-1:16.0: can't read capabilities
[ 1493.259349][T15047] syzkaller0: entered promiscuous mode
[ 1493.265115][T15047] syzkaller0: entered allmulticast mode
[ 1493.482743][T15055] syz_tun: entered allmulticast mode
[ 1493.516106][T15053] syz_tun: left allmulticast mode
[ 1493.743544][ T8898] usb 1-1: USB disconnect, device number 5
[ 1494.603507][T15068] loop2: detected capacity change from 0 to 128
[ 1495.065990][T15074] syz.2.2388: attempt to access beyond end of device
[ 1495.065990][T15074] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[ 1495.109504][T15068] syz.2.2388: attempt to access beyond end of device
[ 1495.109504][T15068] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1495.318230][T15068] syz.2.2388: attempt to access beyond end of device
[ 1495.318230][T15068] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1495.334756][T15074] syz.2.2388: attempt to access beyond end of device
[ 1495.334756][T15074] loop2: rw=2049, sector=201, nr_sectors = 24 limit=128
[ 1495.493234][T15068] syz.2.2388: attempt to access beyond end of device
[ 1495.493234][T15068] loop2: rw=2049, sector=177, nr_sectors = 8 limit=128
[ 1495.605942][T15068] syz.2.2388: attempt to access beyond end of device
[ 1495.605942][T15068] loop2: rw=2049, sector=249, nr_sectors = 24 limit=128
[ 1495.752007][T15074] syz.2.2388: attempt to access beyond end of device
[ 1495.752007][T15074] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[ 1495.899846][T15068] syz.2.2388: attempt to access beyond end of device
[ 1495.899846][T15068] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[ 1496.028365][T15068] syz.2.2388: attempt to access beyond end of device
[ 1496.028365][T15068] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[ 1496.115577][T15068] syz.2.2388: attempt to access beyond end of device
[ 1496.115577][T15068] loop2: rw=2049, sector=313, nr_sectors = 8 limit=128
[ 1496.254405][T15087] loop0: detected capacity change from 0 to 128
[ 1496.360259][T15087] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1496.417121][T15087] hpfs: filesystem error: improperly stopped
[ 1496.423403][T15087] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1496.431808][T15087] hpfs: You really don't want any checks? You are crazy...
[ 1496.558268][T15087] hpfs: hpfs_map_sector(): read error
[ 1496.564083][T15087] hpfs: code page support is disabled
[ 1496.635688][T15087] hpfs: hpfs_map_4sectors(): unaligned read
[ 1496.661688][ T1110] Buffer I/O error on dev loop2, logical block 185, lost async page write
[ 1496.683686][T15087] hpfs: hpfs_map_4sectors(): unaligned read
[ 1496.692815][T15087] hpfs: filesystem error: unable to find root dir
[ 1497.513879][T15099] syz_tun: entered allmulticast mode
[ 1497.707038][T15095] syz_tun: left allmulticast mode
[ 1498.023328][T15107] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.2402'.
[ 1498.147529][ T8898] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1498.330448][ T8898] usb 1-1: Using ep0 maxpacket: 8
[ 1498.380314][ T8898] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1498.415406][ T8898] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1498.426888][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1498.438128][ T8898] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1498.448450][ T8898] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1498.462045][ T8898] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1498.471522][ T8898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1498.868998][ T8898] usb 1-1: usb_control_msg returned -32
[ 1498.875053][ T8898] usbtmc 1-1:16.0: can't read capabilities
[ 1499.484598][T10933] usb 1-1: USB disconnect, device number 6
[ 1500.154931][T15129] loop2: detected capacity change from 0 to 128
[ 1500.734028][T15133] bio_check_eod: 1 callbacks suppressed
[ 1500.734114][T15133] syz.2.2408: attempt to access beyond end of device
[ 1500.734114][T15133] loop2: rw=2049, sector=217, nr_sectors = 40 limit=128
[ 1500.753760][T15129] syz.2.2408: attempt to access beyond end of device
[ 1500.753760][T15129] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 1500.754321][T15129] syz.2.2408: attempt to access beyond end of device
[ 1500.754321][T15129] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 1500.851787][T15129] syz.2.2408: attempt to access beyond end of device
[ 1500.851787][T15129] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[ 1500.867516][T15129] syz.2.2408: attempt to access beyond end of device
[ 1500.867516][T15129] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1500.998253][T15133] syz.2.2408: attempt to access beyond end of device
[ 1500.998253][T15133] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[ 1501.107242][T15129] syz.2.2408: attempt to access beyond end of device
[ 1501.107242][T15129] loop2: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1501.223661][T15133] syz.2.2408: attempt to access beyond end of device
[ 1501.223661][T15133] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[ 1501.239811][T15143] syz_tun: entered allmulticast mode
[ 1501.261322][T15139] syz_tun: left allmulticast mode
[ 1501.280509][T15129] syz.2.2408: attempt to access beyond end of device
[ 1501.280509][T15129] loop2: rw=2049, sector=305, nr_sectors = 8 limit=128
[ 1501.522350][T15129] syz.2.2408: attempt to access beyond end of device
[ 1501.522350][T15129] loop2: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1502.222774][T15147] netlink: 16186 bytes leftover after parsing attributes in process `syz.7.2414'.
[ 1502.462033][T12979] Buffer I/O error on dev loop2, logical block 217, lost async page write
[ 1503.289833][T15158] loop7: detected capacity change from 0 to 512
[ 1503.539524][T15158] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1503.642010][T15158] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1504.389077][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1504.702171][ T8898] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1504.880290][ T8898] usb 3-1: Using ep0 maxpacket: 8
[ 1504.941766][ T8898] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1504.977646][ T8898] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1504.988115][ T8898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1504.998476][ T8898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1505.011188][ T8898] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1505.025096][ T8898] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1505.034917][ T8898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1505.545367][ T8898] usb 3-1: usb_control_msg returned -32
[ 1505.551491][ T8898] usbtmc 3-1:16.0: can't read capabilities
[ 1506.128310][T15185] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2425'.
[ 1506.148333][T10933] usb 3-1: USB disconnect, device number 4
[ 1508.568560][T15211] loop7: detected capacity change from 0 to 4096
[ 1509.335380][T15223] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1509.681167][T15223] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1510.886967][ T8898] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1511.086790][ T8898] usb 3-1: Using ep0 maxpacket: 8
[ 1511.116975][ T8898] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1511.167006][ T8898] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1511.177338][ T8898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1511.187759][ T8898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1511.200828][ T8898] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1511.214645][ T8898] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1511.225171][ T8898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1511.697024][ T8898] usb 3-1: usb_control_msg returned -32
[ 1511.703382][ T8898] usbtmc 3-1:16.0: can't read capabilities
[ 1512.311518][T10933] usb 3-1: USB disconnect, device number 5
[ 1512.819190][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888013813600: rx timeout, send abort
[ 1513.320218][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888013812800: rx timeout, send abort
[ 1513.329447][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888013813600: abort rx timeout. Force session deactivation
[ 1513.829112][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888013812800: abort rx timeout. Force session deactivation
[ 1514.164127][T15269] syzkaller0: entered promiscuous mode
[ 1514.170808][T15269] syzkaller0: entered allmulticast mode
[ 1518.101806][T10933] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1518.416288][T10933] usb 8-1: Using ep0 maxpacket: 8
[ 1518.460069][T10933] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1518.547039][T10933] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1518.557371][T10933] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1518.567634][T10933] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1518.583173][T10933] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1518.599486][T10933] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1518.610476][T10933] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.728921][T12978] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.477139][T10933] usb 8-1: usb_control_msg returned -32
[ 1519.483279][T10933] usbtmc 8-1:16.0: can't read capabilities
[ 1520.902326][T15331] loop2: detected capacity change from 0 to 4096
[ 1521.245064][T10933] usb 8-1: USB disconnect, device number 11
[ 1523.473050][T15368] syzkaller0: entered promiscuous mode
[ 1523.479369][T15368] syzkaller0: entered allmulticast mode
[ 1525.171081][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1525.178026][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1527.007038][T10933] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1527.206874][T10933] usb 3-1: Using ep0 maxpacket: 8
[ 1527.236290][T10933] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1527.278242][T10933] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1527.288808][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1527.302877][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1527.314191][T10933] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1527.329719][T10933] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1527.339606][T10933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1527.437320][T15399] loop7: detected capacity change from 0 to 128
[ 1527.583086][T15399] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1527.937867][T10933] usb 3-1: usb_control_msg returned -32
[ 1527.944000][T10933] usbtmc 3-1:16.0: can't read capabilities
[ 1528.348787][   T64] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1528.357578][   T64] FAT-fs (loop7): Filesystem has been set read-only
[ 1528.379942][   T64] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522)
[ 1528.401211][   T64] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1528.547934][T10933] usb 3-1: USB disconnect, device number 6
[ 1529.796266][T15413] loop7: detected capacity change from 0 to 4096
[ 1531.437822][T15438] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2490'.
[ 1532.643078][T15449] loop2: detected capacity change from 0 to 128
[ 1532.662772][T15449] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1532.705038][T15450] loop0: detected capacity change from 0 to 1024
[ 1532.716170][T15450] EXT4-fs: Ignoring removed orlov option
[ 1532.723360][T15450] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1532.952824][T15450] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1533.304943][ T9867] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1533.314398][ T9867] FAT-fs (loop2): Filesystem has been set read-only
[ 1533.527094][ T9867] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[ 1533.567827][ T9867] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1534.947077][T10933] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1535.167733][T10933] usb 3-1: Using ep0 maxpacket: 8
[ 1535.267612][T10933] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1535.276154][T10933] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1535.291833][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1535.303548][T10933] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1535.314834][T10933] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1535.335157][T10933] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1535.345202][T10933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1535.632773][T15460] syz.0.2494 (15460): drop_caches: 2
[ 1535.886166][T10933] usb 3-1: usb_control_msg returned -32
[ 1535.892400][T10933] usbtmc 3-1:16.0: can't read capabilities
[ 1536.370856][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1536.495692][ T8898] usb 3-1: USB disconnect, device number 7
[ 1536.828444][T15480] loop8: detected capacity change from 0 to 4096
[ 1539.853132][T15491] loop0: detected capacity change from 0 to 512
[ 1539.905505][T15491] EXT4-fs: Ignoring removed nobh option
[ 1540.032187][T15491] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1540.044241][T15491] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[ 1540.054971][T15491] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.2503: Corrupt directory, running e2fsck is recommended
[ 1540.274468][T15491] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[ 1540.325835][T15491] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.2503: corrupted in-inode xattr: invalid ea_ino
[ 1540.417433][T15491] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2503: couldn't read orphan inode 15 (err -117)
[ 1540.565414][T15491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1541.574487][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1543.150517][T15539] siw: device registration error -23
[ 1544.181124][T15545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2518'.
[ 1544.271504][T15542] loop8: detected capacity change from 0 to 4096
[ 1547.612761][T15575] siw: device registration error -23
[ 1548.123443][T15577] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1548.591291][T15579] bridge_slave_0: left allmulticast mode
[ 1548.598104][T15579] bridge_slave_0: left promiscuous mode
[ 1548.611089][T15579] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1548.695876][T15579] bridge_slave_1: left allmulticast mode
[ 1548.709269][T15579] bridge_slave_1: left promiscuous mode
[ 1548.716097][T15579] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1548.809246][T15579] bond0: (slave bond_slave_0): Releasing backup interface
[ 1548.920393][T15579] bond0: (slave bond_slave_1): Releasing backup interface
[ 1549.086038][T15579] team0: Port device team_slave_0 removed
[ 1549.200654][T15579] team0: Port device team_slave_1 removed
[ 1549.237909][T15579] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1549.245755][T15579] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1549.353500][T15579] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1549.361527][T15579] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1549.457904][T15579] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1549.478519][T15580] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1549.690211][T10675] syz1: Port: 1 Link DOWN
[ 1551.710562][T15609] loop8: detected capacity change from 0 to 4096
[ 1552.270625][T15609] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1553.793240][T10752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1556.878220][T15665] bridge0: port 1(syz_tun) entered blocking state
[ 1556.885180][T15665] bridge0: port 1(syz_tun) entered disabled state
[ 1557.047213][T15665] syz_tun: entered allmulticast mode
[ 1557.192334][T15665] syz_tun: entered promiscuous mode
[ 1557.238059][T15665] bridge0: port 1(syz_tun) entered blocking state
[ 1557.245324][T15665] bridge0: port 1(syz_tun) entered forwarding state
[ 1558.617612][T15674] siw: device registration error -23
[ 1559.205249][T15675] loop0: detected capacity change from 0 to 1024
[ 1559.290696][T15675] EXT4-fs: Ignoring removed oldalloc option
[ 1559.410311][T15675] EXT4-fs: Ignoring removed orlov option
[ 1559.416935][T15675] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1559.953007][T15675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1562.257084][T15709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2566'.
[ 1562.662421][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1565.158493][ T1081] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1565.428477][T15747] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2581'.
[ 1568.986628][   T30] audit: type=1326 audit(1769669970.840:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15766 comm="syz.0.2588" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f66539 code=0x0
[ 1569.269095][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1570.247565][T15798] syz_tun: entered allmulticast mode
[ 1570.562851][T15796] syz_tun: left allmulticast mode
[ 1574.256125][T15845] syz_tun: entered allmulticast mode
[ 1574.750085][T15841] syz_tun: left allmulticast mode
[ 1578.053585][ T8898] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1578.288444][ T8898] usb 8-1: Using ep0 maxpacket: 8
[ 1578.311597][ T8898] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1578.352624][ T8898] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1578.363293][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1578.373703][ T8898] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1578.384152][ T8898] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1578.398759][ T8898] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1578.408481][ T8898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1578.481849][T15887] syz_tun: entered allmulticast mode
[ 1578.541466][T15885] syz_tun: left allmulticast mode
[ 1578.944700][ T8898] usb 8-1: usb_control_msg returned -32
[ 1578.951153][ T8898] usbtmc 8-1:16.0: can't read capabilities
[ 1579.550415][ T8898] usb 8-1: USB disconnect, device number 12
[ 1581.226276][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1582.162852][T15930] syz_tun: entered allmulticast mode
[ 1582.177257][T10196] Bluetooth: hci0: hardware error 0x00
[ 1582.235404][T15929] syz_tun: left allmulticast mode
[ 1584.217870][T10196] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1585.248095][T15970] syz_tun: entered allmulticast mode
[ 1585.268280][T15969] input: syz0 as /devices/virtual/input/input14
[ 1585.344008][T15967] syz_tun: left allmulticast mode
[ 1586.389834][T15983] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2655'.
[ 1586.559437][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1586.566576][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1587.826958][T10675] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1588.011428][T10675] usb 9-1: Using ep0 maxpacket: 8
[ 1588.062875][T10675] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1588.095536][T10675] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1588.107088][T10675] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1588.117515][T10675] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1588.131364][T10675] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1588.146195][T10675] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1588.158048][T10675] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1588.465613][T10675] usb 9-1: usb_control_msg returned -32
[ 1588.472357][T10675] usbtmc 9-1:16.0: can't read capabilities
[ 1589.036244][ T5842] usb 9-1: USB disconnect, device number 6
[ 1593.704529][T10675] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1593.926757][T10675] usb 1-1: Using ep0 maxpacket: 8
[ 1593.968979][T10675] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1594.007787][T10675] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1594.018075][T10675] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1594.028592][T10675] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1594.038942][T10675] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1594.052542][T10675] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1594.062141][T10675] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1594.508475][T10675] usb 1-1: usb_control_msg returned -32
[ 1594.514500][T10675] usbtmc 1-1:16.0: can't read capabilities
[ 1595.036879][T16072] syz_tun: entered allmulticast mode
[ 1595.135603][T16071] syz_tun: left allmulticast mode
[ 1595.184667][T10665] usb 1-1: USB disconnect, device number 7
[ 1599.289016][T10665] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1599.496669][T10665] usb 1-1: Using ep0 maxpacket: 8
[ 1599.552929][T10665] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1599.596485][T10665] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1599.606814][T10665] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1599.617093][T10665] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1599.627487][T10665] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1599.641509][T10665] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1599.651026][T10665] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1599.735109][T16122] overlayfs: failed to clone upperpath
[ 1600.080150][T10665] usb 1-1: usb_control_msg returned -32
[ 1600.086079][T10665] usbtmc 1-1:16.0: can't read capabilities
[ 1600.668783][T10675] usb 1-1: USB disconnect, device number 8
[ 1605.308324][T10665] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1605.967100][T10665] usb 3-1: Using ep0 maxpacket: 8
[ 1606.027751][T10665] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1606.087067][T10665] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1606.097273][T10665] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1606.107424][T10665] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1606.117800][T10665] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1606.131336][T10665] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1606.140605][T10665] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1606.806823][T10665] usb 3-1: usb_control_msg returned -32
[ 1606.812946][T10665] usbtmc 3-1:16.0: can't read capabilities
[ 1608.559780][T10675] usb 3-1: USB disconnect, device number 8
[ 1614.207831][T10389] Bluetooth: hci5: command 0x0406 tx timeout
[ 1616.507412][T10665] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1616.700057][T10665] usb 3-1: Using ep0 maxpacket: 8
[ 1616.741268][T10665] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1616.751295][T10665] usb 3-1: config 179 has no interface number 0
[ 1616.806772][T10665] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1616.818607][T10665] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1616.830512][T10665] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1616.842298][T10665] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1616.854374][T10665] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1616.868375][T10665] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1616.877894][T10665] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1617.139429][T16261] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1617.687568][T10665] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input15
[ 1617.870628][T16261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1618.024931][T16261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1618.089218][T10675] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1618.377752][T10675] usb 8-1: Using ep0 maxpacket: 16
[ 1618.506970][T10675] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1618.513996][T10675] usb 8-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[ 1618.514141][T10665] usb 3-1: USB disconnect, device number 9
[ 1618.523510][T10675] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1618.524059][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1618.524278][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1618.639727][T10675] usb 8-1: config 0 descriptor??
[ 1618.710609][T10675] usb 8-1: can't set config #0, error -71
[ 1618.761471][T10675] usb 8-1: USB disconnect, device number 13
[ 1619.713068][T16281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1619.774707][T16282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1620.166772][T10665] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1620.337438][T10665] usb 8-1: Using ep0 maxpacket: 16
[ 1620.384024][T10665] usb 8-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1620.416011][T10665] usb 8-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1620.427811][T10665] usb 8-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1620.438535][T10665] usb 8-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1620.451738][T10665] usb 8-1: config 7 interface 0 has no altsetting 0
[ 1620.458955][T10665] usb 8-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[ 1620.468458][T10665] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1621.100144][T10665] hid (null): invalid report_size 26551
[ 1621.106153][T10665] hid (null): global environment stack underflow
[ 1621.113500][T10665] hid (null): report_id 36711 is invalid
[ 1621.119478][T10665] hid (null): unknown global tag 0x32
[ 1621.125089][T10665] hid (null): unknown global tag 0xc
[ 1621.372076][T10665] input: HID 0458:5010 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:7.0/0003:0458:5010.0012/input/input16
[ 1621.709509][T10665] kye 0003:0458:5010.0012: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.7-1/input0
[ 1621.877731][T10665] usb 8-1: USB disconnect, device number 14
[ 1622.663989][T16311] fido_id[16311]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[ 1624.698726][T16318] loop7: detected capacity change from 0 to 512
[ 1624.774876][T16318] EXT4-fs: Ignoring removed nobh option
[ 1624.932551][T16318] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1624.944873][T16318] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it
[ 1624.955397][T16318] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.2754: Corrupt directory, running e2fsck is recommended
[ 1625.098025][T16318] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[ 1625.120170][T16318] EXT4-fs error (device loop7): ext4_iget_extra_inode:5073: inode #15: comm syz.7.2754: corrupted in-inode xattr: invalid ea_ino
[ 1625.148596][T16318] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2754: couldn't read orphan inode 15 (err -117)
[ 1625.203894][T16318] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1626.033033][T16357] syz_tun: entered allmulticast mode
[ 1626.063816][T16356] syz_tun: left allmulticast mode
[ 1626.184480][T12406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1630.827193][T10665] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[ 1631.067312][T10665] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1631.134500][T10665] usb 8-1: not running at top speed; connect to a high speed hub
[ 1631.179201][T10665] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1631.190137][T10665] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1631.305553][T10665] usb 8-1: string descriptor 0 read error: -22
[ 1631.318402][T10665] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1631.328547][T10665] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1631.559596][T10665] usb 8-1: 0:2 : does not exist
[ 1632.169931][T10665] usb 8-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1632.273319][T10665] usb 8-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1632.376894][T10665] usb 8-1: 5:0: failed to get current value for ch 1 (-22)
[ 1632.637563][T10665] usb 8-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1632.827688][T10665] usb 8-1: USB disconnect, device number 15
[ 1634.233055][T16447] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2792'.
[ 1634.559240][T16454] syz_tun: entered allmulticast mode
[ 1635.855563][T16471] tmpfs: Unknown parameter 'usrqu'
[ 1637.406752][T10665] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1637.606684][T10665] usb 3-1: Using ep0 maxpacket: 16
[ 1637.657629][T10665] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[ 1637.666084][T10665] usb 3-1: config 1 has no interface number 0
[ 1637.710053][T10665] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1637.720837][T10665] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1637.735785][T10665] usb 3-1: config 1 interface 105 has no altsetting 0
[ 1637.889841][T10665] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1637.900781][T10665] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1637.909711][T10665] usb 3-1: Product: syz
[ 1637.914224][T10665] usb 3-1: Manufacturer: syz
[ 1637.919174][T10665] usb 3-1: SerialNumber: syz
[ 1638.048724][T16477] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1638.109132][T16477] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1638.464190][T16492] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2805'.
[ 1638.664293][T16477] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1638.735462][T16477] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1639.384331][T10665] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1639.457065][T10665] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1639.591645][T10665] aqc111 3-1:1.105 eth17: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 5a:ca:16:fb:37:bf
[ 1639.671901][T10665] usb 3-1: USB disconnect, device number 10
[ 1639.713013][T10665] aqc111 3-1:1.105 eth17: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1639.915399][T10665] aqc111 3-1:1.105 eth17 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1639.997690][T10665] aqc111 3-1:1.105 eth17 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1640.024358][T10665] aqc111 3-1:1.105 eth17 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1641.340757][T16523] tmpfs: Unknown parameter 'usrqu'
[ 1641.505602][T10665] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1641.752730][T10665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1641.764252][T10665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1641.775245][T10665] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1641.789704][T10665] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1641.799456][T10665] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1641.918073][T10665] usb 3-1: config 0 descriptor??
[ 1642.512179][T10665] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1642.649008][T16534] overlayfs: failed to clone upperpath
[ 1642.951974][T16538] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2818'.
[ 1644.531970][T15597] usb 3-1: USB disconnect, device number 11
[ 1645.000902][T16560] kvm: pic: non byte read
[ 1645.047951][T16560] kvm: pic: level sensitive irq not supported
[ 1645.061430][T16560] kvm: pic: non byte read
[ 1645.120250][T16560] kvm: pic: level sensitive irq not supported
[ 1645.120931][T16560] kvm: pic: non byte read
[ 1645.174432][T16560] kvm: pic: level sensitive irq not supported
[ 1645.180875][T16560] kvm: pic: non byte read
[ 1645.237473][T16560] kvm: pic: level sensitive irq not supported
[ 1645.237813][T16560] kvm: pic: non byte read
[ 1645.312669][T16560] kvm: pic: level sensitive irq not supported
[ 1645.327510][T16560] kvm: pic: non byte read
[ 1645.379501][T16560] kvm: pic: level sensitive irq not supported
[ 1645.379840][T16560] kvm: pic: non byte read
[ 1645.580835][T16569] tmpfs: Unknown parameter 'usrqu'
[ 1647.292083][T16589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2831'.
[ 1648.001165][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1648.008481][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1650.376893][T16613] tmpfs: Unknown parameter 'usrqu'
[ 1652.378131][T16636] random: crng reseeded on system resumption
[ 1653.925816][T16640] loop0: detected capacity change from 0 to 512
[ 1653.941142][T16640] EXT4-fs: Ignoring removed nobh option
[ 1654.081207][T16640] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1654.095505][T16640] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[ 1654.107060][T16640] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.2843: Corrupt directory, running e2fsck is recommended
[ 1654.160189][T16640] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[ 1654.172012][T16640] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.2843: corrupted in-inode xattr: invalid ea_ino
[ 1654.216280][T16640] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2843: couldn't read orphan inode 15 (err -117)
[ 1654.342612][T16640] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1654.595322][T16666] tmpfs: Unknown parameter 'usrqu'
[ 1656.081787][T13798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1658.727822][T12979] =====================================================
[ 1658.735397][T12979] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x77e/0xf00
[ 1658.744753][T12979]  n_tty_receive_buf_closing+0x77e/0xf00
[ 1658.752053][T12979]  n_tty_receive_buf_common+0x19c6/0x2610
[ 1658.758830][T12979]  n_tty_receive_buf2+0x4c/0x60
[ 1658.764351][T12979]  tty_ldisc_receive_buf+0xc6/0x2c0
[ 1658.773248][T12979]  tty_port_default_receive_buf+0xd7/0x1a0
[ 1658.781797][T12979]  flush_to_ldisc+0x43e/0xe40
[ 1658.791762][T12979]  process_scheduled_works+0xae7/0x1d60
[ 1658.799996][T12979]  worker_thread+0x1741/0x1de0
[ 1658.805440][T12979]  kthread+0xd5a/0xf00
[ 1658.810234][T12979]  ret_from_fork+0x207/0x6f0
[ 1658.815283][T12979]  ret_from_fork_asm+0x1a/0x30
[ 1658.821163][T12979] 
[ 1658.823773][T12979] Uninit was created at:
[ 1658.831158][T12979]  __kmalloc_noprof+0xae9/0x1bf0
[ 1658.837442][T12979]  __tty_buffer_request_room+0x3d4/0x7a0
[ 1658.843386][T12979]  __tty_insert_flip_string_flags+0x157/0x6e0
[ 1658.850111][T12979]  uart_insert_char+0x368/0x930
[ 1658.855355][T12979]  serial8250_read_char+0x1ba/0x670
[ 1658.861482][T12979]  serial8250_handle_irq+0x930/0x1110
[ 1658.867568][T12979]  serial8250_default_handle_irq+0x116/0x370
[ 1658.873794][T12979]  serial8250_interrupt+0xcb/0x420
[ 1658.879657][T12979]  __handle_irq_event_percpu+0x118/0xed0
[ 1658.890767][T12979]  handle_irq_event+0xe0/0x2a0
[ 1658.895817][T12979]  handle_edge_irq+0x2a9/0xb30
[ 1658.903192][T12979]  __common_interrupt+0x9d/0x180
[ 1658.908774][T12979]  common_interrupt+0x94/0xb0
[ 1658.914143][T12979]  asm_common_interrupt+0x2b/0x40
[ 1658.919620][T12979] 
[ 1658.922249][T12979] CPU: 1 UID: 0 PID: 12979 Comm: kworker/u8:5 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1658.934760][T12979] Tainted: [W]=WARN
[ 1658.939141][T12979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1658.949744][T12979] Workqueue: events_unbound flush_to_ldisc
[ 1658.955919][T12979] =====================================================
[ 1658.963729][T12979] Disabling lock debugging due to kernel taint
[ 1658.970259][T12979] Kernel panic - not syncing: kmsan.panic set ...
[ 1658.977015][T12979] CPU: 1 UID: 0 PID: 12979 Comm: kworker/u8:5 Tainted: G    B   W           syzkaller #0 PREEMPT(voluntary) 
[ 1658.989151][T12979] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1658.994908][T12979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1659.005272][T12979] Workqueue: events_unbound flush_to_ldisc
[ 1659.011469][T12979] Call Trace:
[ 1659.015047][T12979]  <TASK>
[ 1659.018104][T12979]  __dump_stack+0x26/0x30
[ 1659.022739][T12979]  dump_stack_lvl+0x50/0x1c0
[ 1659.027627][T12979]  ? dump_stack+0x12/0x25
[ 1659.032360][T12979]  dump_stack+0x1e/0x25
[ 1659.036769][T12979]  vpanic+0x435/0xd40
[ 1659.041217][T12979]  panic+0x15d/0x160
[ 1659.045654][T12979]  kmsan_report+0x31a/0x320
[ 1659.050780][T12979]  ? __msan_warning+0x1b/0x30
[ 1659.055722][T12979]  ? n_tty_receive_buf_closing+0x77e/0xf00
[ 1659.061952][T12979]  ? n_tty_receive_buf_common+0x19c6/0x2610
[ 1659.068454][T12979]  ? n_tty_receive_buf2+0x4c/0x60
[ 1659.073998][T12979]  ? tty_ldisc_receive_buf+0xc6/0x2c0
[ 1659.079776][T12979]  ? tty_port_default_receive_buf+0xd7/0x1a0
[ 1659.086411][T12979]  ? flush_to_ldisc+0x43e/0xe40
[ 1659.091613][T12979]  ? process_scheduled_works+0xae7/0x1d60
[ 1659.097778][T12979]  ? worker_thread+0x1741/0x1de0
[ 1659.103024][T12979]  ? kthread+0xd5a/0xf00
[ 1659.107736][T12979]  ? ret_from_fork+0x207/0x6f0
[ 1659.113134][T12979]  ? ret_from_fork_asm+0x1a/0x30
[ 1659.118503][T12979]  ? kmsan_get_metadata+0xf1/0x160
[ 1659.124204][T12979]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1659.130298][T12979]  ? kmsan_get_metadata+0xf1/0x160
[ 1659.135686][T12979]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1659.141785][T12979]  ? min_vruntime_cb_rotate+0x256/0x560
[ 1659.147713][T12979]  ? __rb_insert_augmented+0xd15/0x11b0
[ 1659.153548][T12979]  ? __pfx_min_vruntime_cb_rotate+0x10/0x10
[ 1659.159684][T12979]  ? kmsan_get_metadata+0xf1/0x160
[ 1659.165080][T12979]  __msan_warning+0x1b/0x30
[ 1659.170024][T12979]  n_tty_receive_buf_closing+0x77e/0xf00
[ 1659.176016][T12979]  n_tty_receive_buf_common+0x19c6/0x2610
[ 1659.182241][T12979]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1659.188448][T12979]  n_tty_receive_buf2+0x4c/0x60
[ 1659.193568][T12979]  ? __pfx_n_tty_receive_buf2+0x10/0x10
[ 1659.199378][T12979]  tty_ldisc_receive_buf+0xc6/0x2c0
[ 1659.204843][T12979]  tty_port_default_receive_buf+0xd7/0x1a0
[ 1659.210921][T12979]  flush_to_ldisc+0x43e/0xe40
[ 1659.215856][T12979]  ? __pfx_tty_port_default_receive_buf+0x10/0x10
[ 1659.222538][T12979]  ? __pfx_flush_to_ldisc+0x10/0x10
[ 1659.228364][T12979]  process_scheduled_works+0xae7/0x1d60
[ 1659.234244][T12979]  worker_thread+0x1741/0x1de0
[ 1659.239408][T12979]  kthread+0xd5a/0xf00
[ 1659.243665][T12979]  ? __pfx_worker_thread+0x10/0x10
[ 1659.249309][T12979]  ? __pfx_kthread+0x10/0x10
[ 1659.254101][T12979]  ret_from_fork+0x207/0x6f0
[ 1659.259067][T12979]  ? __switch_to+0x521/0x750
[ 1659.263883][T12979]  ? __pfx_kthread+0x10/0x10
[ 1659.268845][T12979]  ret_from_fork_asm+0x1a/0x30
[ 1659.273870][T12979]  </TASK>
[ 1659.277720][T12979] Kernel Offset: disabled
[ 1659.282140][T12979] Rebooting in 86400 seconds..