last executing test programs:

5m0.958948221s ago: executing program 2 (id=168):
fsopen(&(0x7f0000000200)='pvfs2\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e00000004000000040000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/11, @ANYBLOB], 0x48)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f00000002c0)={0x0, 0x0, 0x27f})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x0, 0x0, 0x401, 0x100, 0x400008, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="388219d25a8985d3a909841c8e956469a15e906a4fad26298b696426a81fcf0d6134c5dfa3dac33b6ea4c5d859c2e1333584935ed9d80c184939089e0cb436417aef5dcfb0c878732c6827d278c2910d390115e202c3162f4711bda810555b179a84d7df9f870f6c7510312f0255ce1bef6e875780543aaaebfbdf8208ee5dfd0de60437108b819a35569013870ba0bd0700000000000000c69ac3d0f174042b37d31f7821f65636376ab7bac88a99fc39c60286cac8d3edb5ac4c768a68a43fc77a52adea3b7397aaa2433cad989958c9a6118c72006208f95199efe7d08508913b00711053120551466066aebc0f3f5c6fdb9693ae6c2dc5fa839b808b8789cb1f88514918a6aa1d1a76eb131ebf84a0edaa97fbbcff14101f79a159222f4b4f31942f18bd6f1d393d3e298803a8435d214fe2f7bb31e02e2a75370bffa78d6752c8a6221b50162f7ec7174c258e4b65bf2797b4f7b7fec7488a0675990a075f7ec74b93fd845a6a9e12b0baeda5c81ce23be3b4cc15b493d4b9ae40736c55fcb8266f33760fd09c80bee60e1d5269770dd67c34d6c7ee57d67558f6421b3002c66df981a3114be6e62d4ff999c7985aa767f0a073eb499257c7b1b977f18dfae99f3be0664bb0c0d96fe4f3b1df5d904744570d01b517cccdbf17dada77ad37099ff69c040c0826cb23a80391f341749f2c21c32b5977b796b6af2d7194f1af44f2e0a84bf102b28dff97fa723c6792e16807939429c921dcd26d375fe58c59bb76e3d5227a5c4e2331337c3592a7d84ac45b1bd268a9d66fc2fd03aa23a7bcd7ab711c4fca2958883260b5d5741b145717012d4aa15f2d49b54660a46ec7cd7f9181213acb61074c65189bda02ac65f0e916f9b9260fc4cfc4bad08afb07fde1c2dfbe7807835958ac127021a7a2da901700483f8e5809a51fcb9a455fcc58d4dd8745ad4af3567fa9ee1b8750543117a970bd98d2595da38f3ea455b1611d32870677b0e0605ac387ca068892e1fb81411f901a1137ab9f5b78d350aeec44957e54e28f9ceb6d5ce046237b979ce4f7e7211167a6d3a3e99b151c08bc2a1593174e18196290e16e517e3ac66dceb7b1cabca97c38a6aefe048aff9fb203e1e58e5343062cd36b65198005d0b8ae336a47e8e4372a73aee7131804013d24e3d9bcd5ae2dd7baf036d571ba12ea7f17976e3e20887d8f24db24b2eb3c5e3f3b9ca8611ad4f4be7aa435c9641f290fb478168d3e204edb8181eebe3acb2552ddfa1f01d368d6604c03f84cbe78ce58284dc3b99aef5936adce8fb81118af0ef5a236391b9856bed6d1bc6cf02990c48b7f6c917efdab113ce0851f87258fb0d3f8633c6d41f33cf76f54492c4a1dcd4459153cd28c6473351371c73d73dd8f9a22f175959febadb76a866a9625b926fa1a12b32ba97df3c2e3b5d6893fab9a6352f168c423b38db9d13895afe3a017d27c84b7c20363f4e8a81f0af52c5368b856ecab23f52cf87f1ee3f73bdefc424b253c9c55f91df8a02b7df35a7c7defb7d260e4edf040503ed18f16aaf742b2c30ffb7f0108a48f50a7e603e24e0399c309781689118b2f1c23721e2528a3f020a4a43cf5439d169b4c116c284aac82ca2a5cecafb97d9dffb2b56af3cd73fe9ca2553ad33c12add00f01fbf7e11f8b30d3bee0096418b1bfdf2f458d8534c3660da46483bcf884088c171d105ff05e441d018dcc495eb35ea1f921f98ad1f5a0bc0f5cf69450b70bbb2a24d427511baf0638d3b4da0fbdcbe126e2e9e415b81fb12239b424f8f553d73520aff5f212fad8a15760759dd4726bd2d05eda93ddb10cc2ae01977d1030480fddea6045be4a5983fb67a263bdb86f722592880e4feaf9767dc5352cd898da96b647eacb41d7c97a1e2bf1e48b548172a06ff21962e79ff3724b94c3e339dae7ac1e67225846da5e1399639885fea22620c9501dbb4b8ec62292c1b8392e20ad72bdd72c85d5aff8e7432117097bb4cc173de0f8dfed12134024d92c2c8512cbb96b31f156d759770467abf602e3a580bb0ee26137229e11df6986f33c8de3921b81ecc56f600f6fbe39787b72293d567c3d396ea4d65baa3fae1a25df344c5f33ec1fdcafefc0bee2c5cdf59dbb0408e99ca27f7a6872bfd2c20e11bd8c5b9a38fa98f30b5a56eb3dd10be3cfc60f43264a40ba7e91676920540b87d9b4f88b59f6ed8b66d5144930f0f4d3748084923b27082d8a175f955687cc1598d02937af997018a871db6e0c1db1e2e4431e452cdb0110c65bea7da6c8a9e4a66f0957fcdf1b8c7cb4d808b896ff217db472709690bf7ff4d4ca912017fd57812e1dac1c4d1db8d5113739e917bfba37581118e950ba1a77aa124b4de0611ab834f8a82794bbd0b0b14ef60031642a6bfe152975b1aee3b466d3d9780c0c3b47aacaa8630a117b25409bb49af1f4b6105f0002b84325dce613054b6402d68e16bf3baa7ec6e9bc39cf324759f92cb82492e9b653015f1d795145fa911ed77ac5acbcff00cbbc2db04d2753c937dac0d09dbba128dc2f5c5918febb6ffaca8feb5bdd2c54853b9efe9b93f5356ab3bfe67bad1985e4c7e32c23e47140c540acdf30aaa966627923dc904f334a309789e17af70c2094ae28375a9414233115a635bb783ff422cd130b9efd41dd1c667d571241dab5d773f83e897787094f130f51c6c34f5af6d67ec94e57c5f9c37aba10f0a0433fa55b6ca2ce88b5ff1f44985312efc85fd31cfbf2412431763ec5ed6f39a799171aad1db74fa5c04295f5476446e5c148ddd3062a8ec4e773dba59139e9d0eb72b327cdc6b306bd475ca92ee5310d72c0906faab2950cec8f8619e009cb8c52e75fbec8aa4ce2736b3326583d365da32284f2b5f5d3c849623d15da5e6b2d780de22cf3504e5f06bc502a174db330d72214849ebd6887bdf4e7763db928b159698ef4e0755946d3a3508f92f332dae105a4c177d3ece1c7360dbade67e339934509e2f38b4f5022f5584255163d152f07b987ba838e45d1e62f14e46c45fe9e8a34dc4ba572081e96e9a33f31509d9bd0a362dace52d3a877fd238890d658ff776224609529e4ad4dc5d9138b3a2750dcafbd04de7d3d94d2b00128db71571ca361e4e257dcbecafa1f236c5c7990a37933a62ad28f575d5641b672fbd6b67b52075cc8daf420e4fe703326c05795ec388f6bfcdefeedf0d50617e086f749f7c37aaae655c5e059cdf0a1d2140273b3e6a22f6f79f843e3a4d05e92565260d354d068a71cc9ac41556e795c84291490821f5e5134ec03faf8b1073b774eb6e81a48f16ab2c2b4ecc0ca758cfcf4d2301f524a2dafa7a1a0cccf08b325dde92ee365c23ac818e673e60d887f8a24e3395e02379341b2a21959d01812f2d2de3eed3616e1d38249b4ccb0bfff4049725324c5d3dae738673e8849a889badf69237f98878efdb3c3136db8a902b83a7fbf62f08501f1e55c2fdee54fbb8e824648e58bd8f45e729261c6e75637e454b14b3e7175ef81551e9ce6609d7b7e9e53467aec2ce5b34a1761ad6a510838bf2611722885251732ba1aa8782a4316619bd49194fc0ecb67b3ec0f199e6af276bfa9cae0769d2779f6579792dd100bbc9b8bcd94bfe7bf1fb985789917c2d83b14a8b028d79236e0b01f1cfa00b34554148643a9ec25053baa4b56a1dfec6c84c1767989f2a400beaf4373daaa7f578846ba90de1bf47a921a0dd4f22746ea82800bb2d51bb80d916148b1fbe8e7ebb79cf11c8bf588e2a0b95f6984e866c623a9015371d5d3495a3f3d9b42ee7828f1a3dce118a648342d0b0b8e17dc9cbc95c16fc7410f5a7ade7bf921279611e6f2cec5c945e4115142075287203b65f8a3b14d026c465b83a4447891dacbc37de3f23b801abd1a628973b5858a9fcfcb1c3923eaddc6fa3787f28f5ed0f2e1df91bf9d7396891b4efbe008e0818cb57d3eb178844e98db8b09fc859c11427adb4a92630aafc2ce7ae644f077bbfe3a899b6014be74be9277177d10c72f0b13998fb666af0cf0b28757c5ae8f5021c00adb414d16aea5cb23f22c7f526d8266e4b67b85f124704769e1187c3415acbf81cb3c2d5cc04d95edbd75bfdd32847e984a55d4dc1a7d3781bad2b6b62a576c10ff471e107add2a74e59ab11071bf5fb57c0cc34a45dc8796fe47000811cfea6cfb22c22e2b4656efd5ced8da97ca0179a6c3a4d58a7bd77260516107a9a72036c92c2dc800d825c3f45c6123a0332d37d7e29f84184e19decc59102950da0b0cef36160153f5a453c9c7fcfe2e145aae343fb9bb726bc3aefb9a604708d3ab1c5f51228ef8987a00ab2abfee2f3c1a38c48797035d43f74d1d6ac26df34926ce8d95d1d57f9e442398822b5014367dd8dde2db00ea5972dc8e782a7a193744d3bfa0298f353207e442716d26ba943821a6b0d2e112bd7033d7df3c99f0d875dca45f466567c198c16039b00f1125b77c1c560ac21ca70db4a642ed58f5f55db9acf206fcb3adb31731d9efb1b7dd9cc124858bc8fd9fe2651e31f152f05d2be376f3854d3de9dc464541bbdab3902773b3b5b2a14a20c0e80ae3a2ca02ddb584fab1767af0428969d4a9035cef9092d8d3bb48b8be88bac57d53c6e50b07fa51e0d9351159eb97741e09f55317c802fdb0cb172fa79b2ad25fd55613dbcad1f070a407facbcce6a229f4bc88de1ab99dea251a677209e9bc08fdb2e0299535beea1189044ab8c69c9196fb9d39b6c609c0c815ec929a01cd974d08b6f0e301991101ccb8c7e591f9cf1dd6fb6cfa17d6925d13bf18508103c44a52efb3701176d31e34207aed48792f5d7c4ddb6bb3bf6f0869f528363b7e0650b06b0e4caf53dc30157e80ae1e2432b60a1c64088eec7013a213ed65340adddf6940d277e87802729c3a6dc9c3d5919d835fd55642e15ffce4a9bd8553be5ec276d0867311f2b0e11173eedf0d7d5dcac0d44f8076ffd9ce8e90f828c4443c8b602db35ca19220f2cbc295e8fda0602e6437a46abc775da4237bede18196bb1e1106220235fd2072fa4375fd8bffa037afeddedc4477b315799176a23f47f48afc652fff5083c917ed1b4097cddd186921531357cd0da18996a152639692f5a2bf4c7745c3b640d7ca69e236edca95934c36ca4b9236d9cbbd3f248b948c942f65dfce17167628b4eb0c5893512c2d8439812bcea8d5fe6a229264723b66e4f2cb6f970139415440dde9946c5ad40032a1c5a18c248d35b73100d8f38aac9c5c302354a9db4e8d99a2d845f54a767c4a0623d40b998e28d454aff7defc9bb4cd3673374a33e641a6614c6b5546b3f70ed288f53def2e49baa32d1afb93b4c04a22b5c9ac3a23f1e0cb423eab40f51e2b3c170b501dc517abbac962784e1bd151815494d04e336ae2f16064ca27c7d776f8c5974a76e9b3d313446336e696e24202b2cb94603e2929906ad4000b13f0f7e7ecf6c2d7243e12d0aba4fb5d4a30de4e2c5a0ea8ade6d79bef8dead7b49ceaf6d7157a427382570771040c084c9feba727019c3b03dae0c5880b0a2dbd8150b743f987b5019b421c5d164150592ae0646217618c92e7876e6c4a2b0ecdfde08f04265e0bfa096a2d6f83953af12209e892a9a326368e0270f8e669ed5aca72579d1d6b806eaba059bb28c7f80fc1ce39b994e6816cac5df5cf9d40582bf9301b12deeb09a2eeab9c8a83a7d44d04a87ae0d4a590cb5f5e3824dc381fc56aca6787be5899aa3694f3b9a872b61dd5876c0f8ff3c81f38b4e52792254edfb954b157abd7b2ae2f4f8caee5b78886894e467e38a93c26cbc546022371b44360a317513341933a0db7ba88929844489e51259a489854f8160ad46594a19cbe799515f396168505520a5288d00f8093d3aef119d94a7863e67c9a7d6f900ba9834fd886044513ee1853713c2a4b5121487db6e7424a0b7f19895e5cf5e41e69c34b3378bae46e2e1c7d29c1cfe1bd0370bc2c0649ea144cd1d4d40fa57160cf856f3fb3dd3cd9ff014b4194837af58189305226b534e1a82297adb14e7af42693fa5065873cbb7fd7ceef5a41d8a63c1ec4a0b214182c5ee3cb9430f6dd7cd57fa56e1b6df932c683905f111867e5bc229bedbb3099a72644d96c38aef3e93268dcab401a2882f1f48c63dc068fc102adf0c8e8a1debdf454919cf7042c6b80955bd63cbc27d785e06ef360feb725748e8359e1fe6d64851ad9faf834d28e6273db6830eb655e6ca3d0d437dee2bd6d0ffbe9aac4e54af0e8436ab653f8d6580acb7388634f342b36fac1feb35526eeeb8602a31a65843c18a9bd463c365e42192f6aadaa1a6e4991e9340258532f4f4811788d8662925405b76db6aba7965aee669441818c5e96a3d945d81baebd00ba2d97414f1840b3dfc7d34d9fb13877d241744cad6a367dea3ff5c4f29fd41e06f85c67c614cfa307463b3a8550a5a31cadc8c7111f1236c9113b18c631cf9ede683818be932fc0c8f389457a05c1b02e7a380b27b10853c79d9495ffa702aa01a1953f269c952e4ee95b001c5ebbba33c902a7d3aa81ac9ff01b1f9ed97a6f280f3caae24cf236e41993cf991e7d8f3ff50a173997179a190d92a26beaef64eae0ebf824b485962089f8675c2cc176c2c052948176937a4074f2506edb7e60a65149ab319f76fff07cfde46f6799869202d735e5ae9f91f4d23150de807efd933ecab245fe128554664fc8a3f411a9e45e050ea40c68e45f57403dc62b3a6908df7f6d8cf9ef45133e56b5682757415093b49b86630758075103fe98f1d380f58829b796b9ea4f06499beaa81108976a3a70174c3542eb2130070b1c4354166049b412b2256be40a9d20e18a2600540e1e1c15549892310c09870dbf70874be181a0ed4009592bea754fe30ff3cd96a551071d7ce21c6cfd3e449dd8c39bd97ed47b16bf00096578342112fd1aaef915962aa9a3141276c7442aab367fdaa02b2db13bb1e1be5c7486464196541d584096200520a6a57a228466fef61e2f6f678ba9f3733f6ae80bdd6bf67dda5b13bb7c8d05d20825566ee3ddfb9c94dc270aebe3d5a24933ba6befcb65226de3f2d8fc6fb518a36bb655289d2daa616121a4ce08c9f4effc5127c90d93369d8345357c67e3bdc024263fd43d090b8f1643c75236ce000ba02001c5974035f733ecb05f35d3d205027b393b4bf33dd86050a9e2c8f779de8947a38ee7b2b2b39d427cf48a359f10bc0fbd50763c8f4727ba82a55f6c2e944b71f8e05626bef8e7598c55cd4e587686446adf394282e312d48e02b9ce324b8523b33978c9ed7e67b886479c8c36d136d276b34de843ccb98d624daee93cd3d5db695189a5b1f730091b6339d8ecb93485f9091b46e998ff1efad6d647a2b6d5f4647e84835cb1d863386a337c9ef4ec0ad827fd0acff7498422f8277052c53f0a7001b3771a19241b1d14021d6dbae44dc7fd92365012d1ced3c4f494699e398c404d8ffa5a6cd824e2f7638a4087693dc5191a7c6fb4fd29967e27988234c015a33db9ac71a416a8469f871b7da09c95f3331576c1b4f4c72b7b127ad2e48a57e28804efe74f8145aeaef16c03e2c3e99fe3ccaddded1da622fc62172e8f55d04e1305df63e789774d3640e6cf36ed53c2fcdeef189178dde1b60c640742c68d8d06cae2538b7b7d0ffe1905037537a754ba44950c4194c8013b5a4eb2a2b6406f9795d70e4321c7ab7e630381ce04e2e4f15e49153842118abb5179e246e41ffa49ed2b39b62ea47001f35229be23d332a81b5d47f88a5737b480f27ca75a653efa3afa257ef05e1b4da1cb84653b074e9aace9f6f4b94f48cf50b3fe2b1658d30e3f288b6d6a1164f3c9153b0f185c10a64c861889dc3faf8bebd6caab6f751a31109756cbc8b9a62384faa1a88b2ef8803855414dcc209329752a65b05a0784be9837e3a4a7cdc49b302a1e3e9be08080b6af5049702613b777e55b0033eab3ad76024a6132522289df20d753b595a48b1d116e792b51c9840541f16f56ef185a3c14e64b7e293c178ade690abeffc9d8f908bab3db2460d7f692e48dbdda353b6df648a98411bd8c70f95f6fb27390e6d3241f36fea36c0aea9198cd40fcc23b181d41fd91cf66570aaaf0688a4eff348b6f0e4c8bbda629cf269eafe2d60cab7108dbaeb0119ed441b7c4b379d0198be27dc6de0b53acca37dd9e5a40a558d8405de127fdd4b381a83d6d33b11061ef5428c08a8c64e73a3a6ccb11037cda942aa937f1ec14a9e2088acbb7b5489d173ce08ea04febb1cd93d7c0e1b3fb2facf8536e6568ea349647e2e449fe220516f5e94ab5727a91b92f9ac957cadb2e107b101c286e521d7742b86dc53df904cd29e6b7488ac8d149226254976858d25d388eb6842271f051a082e18d0549232dd0fdc8da13aaa44f925dc3f462a188cdc8e1573bf989d25243f975a7765cbe01e84ae4654fa60e20a39f89b53f008796c5360ca8ad4cd9adf0bac7862002f9a02a30aebadb738673bb12edb7f61755ca16defb8aca9bbcbf2fd39cd556369050407d4a7077b14cf922f3597af3e967ae63f1c1e8a6b6d10fcdb8aca23c2596b72155962438889005fb8a835153ac594f1a8edfef2ffc66db8d642beee43524f6f271a1c24824c92ad58531251df443d712615f7fff6a385298183cfce80296dc95ef4728b5b1b98549460efaa2d230453f8156b4c6d76e5bce6aa9e1b4da827a96949af8681edd094d0d63dc3b582a156480b1800130ec5543c40be0c561d90bb379db82a4b59b657b05333c958908bc65b3a26fa8d745d579b09b5fd5e2223e7c182bc7610d414a379ff9a8922909340433ac17b77130ed417bf23e4ae48ca4a834b038f977d0deefe1291e76395c35b4107b2de4178b1051251cacb6bff04fd2d092d6ae2a72b25213605ab08b71fe478927cf82353ebcf382630cee84d03bd38227bf8b12c1bca16686ec9ffe61aed4635328f39ee09aafebf30da052e0e4bf28da6badd62636022b130dc4f1e196ffce2051d3e7f80ae29a38abf6367f2555d93f6ad2ab346f3037737ca141dad639771645fd683361c2b67abf0b04c1846dff0ce319ae12a9c79a7bad5e8e6fac23ce85860d1201e69319c41924d87066f6f320006bb3fe802d04a5bedbf50dd15e22df446cd94be3486047315f9ba0fea5af6915ea399075704308653b03f29d4e99419a1a7f848302a46537a297f6331abc7c36df88bb535096135b971d41c4335eb8d2a9eac87061d16f2e6899662d327deb8fd788661d6d151a7e4d3f8cb8312a0b8b60807cb6abc7bad6b66e8d5a492cef77759055e15c7c37a20c751b9571e02ad40b65c0b17668eda7ef989f8bde821d2e9c7a119cac9ca3e925f51cf6c2bab2a406699555099e016944554222144a3e970220e01bfe3b152c955ee4e21716c1e521a4bb0228dcd9b0a237f8fc2ccf9b4ecd8d6e2eec4508cd6c6453db134def3be0808a9f0df28960e28385611ec490cdabd63cd76bc53fe10d67af82c755721f6ba406969969008dc072d1a3c0a64a95f5265e9529575bf1038fe0df1925bc40bd7d8831e891aab8f888d1906681a08fccac5bb4cb3c7e67ccdeff175b76d9bd7029f53e0ee15d8845504476940d05b87156cce1d5ed93671d5ee0ce0874f0606f7d09d15cf16d98a1cbb456a5704cffc0a3918ef543a6e9a67e965c4fbb8186991ac3ca2218244cdc44af93a08763e04cce549c5ab00146278a63c2c94859a91544efc6559061cf781ce86969f8b1f5b65389ab3b19c0cc41ddd39e614803b06599b8653ed64cf8e3605c69afc879ae03e6cc5f80f88fedae281d1adf53a9204c491204edb99d1106b68ccb21004d51c419842f3e1564b5a4e01e71a47135178d8d045b07c045cba01436cd0ce6a1ce9a480b1bd6eb48fe2888214ca31766f5c5144edf8bdf7edefe015cf95bc6834bb06aa157b76f9fbcbade1ceb547fa678ff33a24ed4cca831654c0b03bd1a52ceca4287171d524e37d42899a4c5c66da0586ffb7b4aead7cdf892ce24d66eaff3530dcca213f70cec1d24cd59bbdc12e3f6f4bd4d0a2b232fa5f9ce2c70aa529fc85d4d2183f4c20f154da58103cfeffd477901d188ea888aad45f778dc48969936ce7519d2e1f0e14b2fc8b02340af1f83119cb69ab38e5122223950d5045479cbfb0b989013e2b1b995d6c45656b8124e8fc54f7daf9409ff4ad5babdc9789e3d420cccb792bf06a75cbf2bcc8b45a394e62dce6ed5188495c0de5a86d00694fc70a41b1cede2e986a33c13a7bc88d9c79775dbb624b9d66c577466547183ca48a0279ccfc7bffe699d0f4f82bca906d0118865e8851b75f9914ae12a368c0e2881fbf8c1f4374c37fce575034bdac4a06e022e62b34874966952f0ffb6c9fc8138eff8e07ad630635772e84993af6d71dc3eb534bdb00475eeb433da5b6cdf9051a8898a8893ef0ea4102aa24968c2c8be9b5b02e07c075f59c3398e08876054135ad6be1c51a5e98e1400edcca8061640a0d20b3f7a92acff856d20703f70c2159f91f9419d34cfb87f890b578bed938ec52eb1b45fbef56828774cba3704e0a22b1fff7ff6bb94620c9f0317728ee32d09615d186138238fc529247e80fcf71e9269e72fa25962695e40a38a816c2eb5d5e3f169e5c54ae20cecdc206b8cc093f6f5d3461268ff8a7154bafe92cf145aa415556cd9c6b4f5693050d00d6e1f5441c67b4c3abf561803ef525f4e199b2cdd03b806c0d8606ecaf25ca51a750dab89d91aaab170fcb7b6f50766ab8f11cf177bd75e58d432c051cdafccde5fd81233f524d37a6ae391da09b381d46b1333a07d5632b9f83c1aa8cd44f417320550d5b9ae5118502ff8fe89fffba8e0cf4f8fa4c096ea4937b7b3ea6f9dc0fc13e2e2b4ca172c97b67a58404a335436658063a9bd1c71422e9ee5ef345df6534be0b0482273c4750b9ae92c463bb87e7de173b40a8709a4018bdbe9e799b0a95c5946dc424efaac67eb3fe869d49e040d94d42c1c7680c47c9bba3344f7034d68394e65f6d31b9e5b21a763429432b91b85e274a5675011b2d5442f1d329ccf1220275ba714738022742135bb9674a2544d23b09c93d1d07f35738abf59f44b894048faf09bf0467b9d8171afe57ee10c828640fed3801dc8711e0b678b30f42f396be642975cc2724110d48a59d3ae7160781b7a3f4973fc2d720440408ffced0e2b62728e7ef1f5228fab181fb9b7a1077e376df6c5aeba81e9fe3fc9f82919bf476f1e97c64da1aaa0fc7d1e0b31d8519717717a1ca1856bae339cb612e4880d0aed31500c80e63fc888389c20be12e73cb3299f7a23cfcfd47834ce9b0d92d7b732d15b2df232158cc9b690a0c7e9fd2c511bbce0a6aced586059a9446019ac26ce6eb9ab507dfb24c58acfe596dc2d67ff19569211078498f31e7998135b47a5e2f39b23e474bf74484690c080fc1b818474094d960fe89d45b43c926cc0e6b60bdf3fed333ade75161441c622005e243964d6603a29888a5e921a713e7403785a86103c7fa700", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x0, {0x0, 0x1, 0x0, {0x2, 0x0, 0x0, 0x0, 0x40, 0x3, 0x200, 0x2, 0x42, 0x8000, 0x0, 0x0, 0x0, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/protocols\x00')
read$FUSE(r4, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0xfffffffffffffe84)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000540)=0xc)
r7 = getgid()
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000640)={{}, {}, [{0x2, 0x2}, {0x2, 0x6}, {0x2, 0x1}, {0x2, 0x7}, {0x2, 0x1}], {0x4, 0x3}, [{0x8, 0x5}, {0x8, 0x1}, {0x8, 0x5, r5}, {0x8, 0x0, r6}, {0x8, 0x6, r7}, {}], {0x10, 0x3}, {0x20, 0x2}}, 0x7c, 0x2)

4m56.48360791s ago: executing program 2 (id=180):
futex(&(0x7f000000cffc)=0xfffffffe, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000100)={0x3, @pix={0x1, 0xfffffffa, 0x3234564e, 0x0, 0x1c, 0x8, 0x8, 0x0, 0x1, 0x7, 0x0, 0x2}})
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x84)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0x6, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'bond_slave_0\x00', &(0x7f00000004c0)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}})
close_range(r4, 0xffffffffffffffff, 0x0)

4m56.089508758s ago: executing program 2 (id=181):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000ec0)={0x1c, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)
syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f0000000180), 0x0, 0x80200)
read$hiddev(r6, &(0x7f0000001200)=""/249, 0xf9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
close_range(r8, 0xffffffffffffffff, 0x0)

4m54.031702683s ago: executing program 2 (id=187):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xf0b, 0x13, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x5}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x8000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xe, 0x9}, {0xfff3, 0x5}, {0x1c, 0x2613a1b406814a86}}}, 0x24}}, 0x44804)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m53.292249881s ago: executing program 2 (id=190):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd2d, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}}, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a500000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$sg(&(0x7f0000000380), 0x4, 0x49a341)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r5, &(0x7f0000008880), 0x483, 0x44000102, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r6 = dup(r4)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/diskstats\x00', 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00', <r9=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000feffffff0000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000ff7f000000000000000055090100000000009500000000000000dda5feff0000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000400), 0x0)

4m51.473236147s ago: executing program 2 (id=194):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f0000000580)=0x100000001, 0x4)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000600)=[@sack_perm], 0x8cbd752)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00\"00000000000004093\x00'], 0x2a, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r4, 0x4)
fanotify_init(0x0, 0x0)
epoll_create1(0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0xc3, &(0x7f0000000740)=""/195, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

4m35.206764095s ago: executing program 32 (id=194):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f0000000580)=0x100000001, 0x4)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000600)=[@sack_perm], 0x8cbd752)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00\"00000000000004093\x00'], 0x2a, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r4, 0x4)
fanotify_init(0x0, 0x0)
epoll_create1(0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0xc3, &(0x7f0000000740)=""/195, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

3m11.775636978s ago: executing program 4 (id=423):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x80003, 0x0)
sendmsg$nl_generic(r3, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000b80)=[{&(0x7f00000000c0)='\x00\x00\x00\x00\x00', 0x5}], 0x1, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r5, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x8042, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x4800)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x30, r8, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x8}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x9004)

3m8.117065199s ago: executing program 4 (id=431):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x8000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xe, 0x9}, {0xfff3, 0x5}, {0x1c, 0x2613a1b406814a86}}}, 0x24}}, 0x44804)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m6.818448055s ago: executing program 4 (id=435):
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r1=>0x0})
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x2, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r1, {0x1f, 0x3}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000)
r6 = landlock_create_ruleset(&(0x7f0000000080)={0xc9d, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r6, 0x0)
ioperm(0x0, 0x1, 0x6)
utimes(0x0, 0xffffffffffffffff)

3m4.620103849s ago: executing program 4 (id=441):
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x235, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x2b1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x8201}})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
read$midi(r5, 0x0, 0x0)

3m1.291630951s ago: executing program 4 (id=443):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x8, 0x0, &(0x7f00000004c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
landlock_create_ruleset(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x108, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x14, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2002, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
close(0x3)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, 0x0, 0x0)

2m57.25967628s ago: executing program 4 (id=452):
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = gettid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x11, "8f997fa6ce8400a0286048c10b6b"}}]}, 0x30}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002d80)={0x2020}, 0xcf9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r3, 0x0, 0x0)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000c68000/0x3000)=nil, 0x7fffffff, 0x0, 0x0, 0x6, 0x0, 0x2})
close(0x3)
openat$audio1(0xffffffffffffff9c, 0x0, 0x68000, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ipv6_route\x00')
lseek(r5, 0xae7d, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

2m41.93079736s ago: executing program 33 (id=452):
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = gettid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x11, "8f997fa6ce8400a0286048c10b6b"}}]}, 0x30}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002d80)={0x2020}, 0xcf9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r3, 0x0, 0x0)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000c68000/0x3000)=nil, 0x7fffffff, 0x0, 0x0, 0x6, 0x0, 0x2})
close(0x3)
openat$audio1(0xffffffffffffff9c, 0x0, 0x68000, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ipv6_route\x00')
lseek(r5, 0xae7d, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

1m12.79563915s ago: executing program 6 (id=652):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

1m12.7665546s ago: executing program 6 (id=653):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, &(0x7f0000000140)=ANY=[@ANYBLOB='nostrict,umask=00000000000000000000010,unhide,longad,utf8,lastblock=00000000000000002304,anchor=18446744073709551615,gid=', @ANYRESDEC=r0, @ANYBLOB=',gid=forget,uid=forget,noadinicb,shortad,iocharset=ascii,lastblock=00000000000000000009,iocharset=cp950,fileset=00000000000000000001,undelete,anchor=00000000000000000006,partition=00000000000000000008,`nchor=00000000000008421375,session=00000000000000000001,anchor=00000000000000000005,gid=', @ANYBLOB="ef51de8878", @ANYBLOB="2c66fefb470f725c", @ANYRES8, @ANYBLOB=',uid=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b66736465663d233f9d1abf59c53229ddd780b162f44a0e44f3436d598025e596d23078a3e733e07b480ad2f41c3ccd7956530c3be5c0d1833ad4954140d857bb924e0f613fe32a0c1461263f77581d8ed8b341959c53a341493644534a4b27223d1faac6bf7df530d100a57452b6a3abc826bb0f0b82809ca1e13376959935f589115abe267b25f42757304b4d6c7ffaec13f3079a4658933152fe693cc762ce82776b4003c4ac3d9d3478da3da1f79ad788d3b25f59422ba668e32c00"], 0x9, 0xc1e, &(0x7f0000001240)="$eJzs3U9sHNd9B/DfG5HiUmkrJnYUu42LTVukMmO5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLppYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUsZvatuKRIixFFibI+H5v67s6+N/PevPWMLOjNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4vdfu3T6THrUrQAAHqYrY185fdb9HwCeKFf9/z8AAAAAAAAAAAAAABx2KYp4KlLMX1lPE9X7ttrlVu+t2+PDIztX609VzSNV+fKndubsufNffGnoQicvt2Y/ov6D9my8MXb1Uv3VuZvzC9OLi9NT9fHZ1uTc1PSe97Df+tsNViegfvPNW1PXry/Wz754bsvHtwc+7PvEiYGLQ8+feq5Tdnx4ZGRss0jtvo+9g91meByNIk5Fihe++5PUjIgi9n8uag937LfrrzoxWHVifHik6shMqzm7VH442jkRRUS9q1Kjc452Hovo6X2ofdhdI2K5bH7Z4MGye2PzzYXmtZnp+mhzYam11JqbHU3t1pb9qUcRF1LESkSs9d29u94ooidSfPv4eroWEUc65+EL1cTg3dtRHGAf96BsZ703YqV4DMbsEOuLIl6PFD9972RMlucs/8TnI14v8/sR75T5SkQqvxjnIz7Y4XvE46kniviLcvwvrqep6nrQua5c/mr9y7PX57rKdq4rv+D94a4rxSO6P/Rvy4fjkF+balFEs7rir6f7/80OAAAAAAAAAAAAAAAAAA9afxTxbKR47d//uJpXHNW89OMXh/5g4Je754w/c4/9lGVfjIjlYm9zco/miYGjaTSlRzyX+ElWiyL+JM//++ajbgwAAAAAAAAAAAAAAAAAAMATrYgfR4qX3z+ZVqJ7TfHW7I361ea1mfaqsJ21fztrpm9sbGzUUzsbOSdyLudcybmacy1nFLl+zkbOiZzLOVdyruZcyxlHcv2cjZwTOZdzruRczbmWM3py/ZyNnBM5l3Ou5FzNuZYzDsnavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHydFFPHzSPGtr6+nSBHRiJiIdq72PerWAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAClvlTE9yJF/Q8bd7b1RESq/m07Wf5yPhpHy/xUNIbKfCUal3I2q+xpfPMRtJ/96U1F/ChS9NXevTPgefx72+/ufA3inW9svvvVnnYe6Xw48GHfJ04cvzg08uvP7PY67dSAwcut2Vu36+PDIyNjXZt78tE/1bVtIB+3eDBdJyIW33r7zebMzPTC/b8ovwL7qO6FF4f1RfQcimY8mr7zBCjv/x9Eit95/z86N/zO/f+X2u/u3OHjZ3+6ef9/efuO9nj/79le7x73/6e6tr2cfzfS2xNRW7o533siorb41tunWjebN6ZvTM+eP336S0NDXzp3uvdoRO16a2a669UDOV0AAAAAAAAAAAAAAAAAD08q4vciRfNH66keEber+VoDF4eeP/XckThSzbfaMm/7jbGrl+qvzt2cX5heXJyeqo/Ptibnpqb3erhaNd1rfHjkQDpzT/0H3P7+2qtz828ttG780dKOnx+rXbq2uLTQnNz54+iPIqLRvWWwavD48EjV6JlWc7aqOrrjZPpfXG8q4j8jxeT5evpc3pbn/22f4b9l/v/y9h0d0Pz/T3ZtK4+ZUhE/ixS//ZfPxOeqdh6Lu85ZLve3kWLwwmdzuThaluu0of1cgfbMwLLs/0aKf/z51rKd+ZBPbZY9s+cT+5gox/94pPjen38nfiNv2/r8h53H/9j2HR3Q+D/dte3YlucV7Lvr5PE/FSleeerd+M287aOe/9F59sbJXPjO8zkOaPw/3bVtIB/3tx5M1wEAAAAAAAAAAB5rvamIv4sUPxjpSS/lbXv5+39T23d0QH//6zNd26YezHpF93yx75MKAAAAAIdEbyrix5HixtK7d+ZQb53/3TX/83c3538Op22fVn/O9yvVcwMe5J//dRvIx53Yf7cBAAAAAAAAAAAAAAAAAADgUEmpiJfyeuoT1Xz+qV3XU1+NFK/99wu5XDpRluusAz9Q/Vq7Mjd76tLMzNxkc6l5bWa6PjbfnJwu6z4dKdb/5rO5blGtr95Zb769xvvmWuwLkWLk7ztl22uxd9Ymf3qz7Jmy7CcjxX/9w9aynXWsP71Z9mxZ9q8jxdf+eeeyJzbLnivLfidS/PBr9U7ZY2XZzvNRP7NZ9sXJueIARgUAAAAAAAAAAAAAAAAAAIAnTW8q4s8ixf/cXLkzlz+v/9/b9bbyzje61vvf5na1zv9Atf7/bq/vZ/3/6rkCy7sdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPp5SFPF2pJi/sp5W+8r3bbXLrdlbt8eHR3au1p+qmkeq8uVP7czZc+e/+NLQhU5+dP0H7dl4Y+zqpfqrczfnF6YXF6en6uOzrcm5qek972G/9bcbrE5A/eabt6auX1+sn33x3JaPbw982PeJEwMXh54/9Vyn7PjwyMhYV5me3vs++l3SLtuPRhF/FSle+O5P0g/6IorY/7m4x3fnoPVXnRisOjE+PFJ1ZKbVnF0qPxztnIgiot5VqdE5Rw9hLPalEbFcNr9s8GDZvbH55kLz2sx0fbS5sNRaas3NjqZ2a8v+1KOICyliJSLW+u7eXW8U8Wak+Pbx9fQvfRFHOufhC1fGvnL67O7tKA6wj3tQtrPeG7FSPAZjdoj1RRH/FCl++t7J+Ne+iJ5o/8TnI14v8/sR70R7vFP5xTgf8cEO3yMeTz1RxP+V439xPb3XV14POteVy1+tf3n2+lxX2c515bG/PzxMh/zaVIsiflhd8dfTv/nvGgAAAAAAAAAAAAAAAOAQKeLXIsXL759M1fzgO3OKW7M36leb12ba0/o6c/86c6Y3NjY26qmdjZwTOZdzruRczbmWM4pcP2ejzNrGxkR+v5xzJedqzrWccSTXz9nIOZFzOedKztWcazmjJ9fP2cg5kXM550rO1ZxrOeOQzN0DAAAAAAAAAAAAAAAAAAA+XorqnxTf+vp62uhrry89Ee1ctR7ox97/BwAA///bhfta")

1m12.215482599s ago: executing program 6 (id=660):
futex(&(0x7f0000000240)=0x1, 0x5, 0x4, 0x0, 0x0, 0x40000080)

1m12.004124058s ago: executing program 6 (id=661):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77a08347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1"], 0xf, 0x2a4, &(0x7f00000001c0)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
fsmount(0xffffffffffffffff, 0x0, 0x100)
open(&(0x7f0000000480)='./file1\x00', 0x44e06, 0x0)

1m11.475623517s ago: executing program 6 (id=666):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000021c0)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @private}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}]}, 0x38}}, 0x0)

1m10.255757264s ago: executing program 6 (id=673):
r0 = syz_io_uring_setup(0x1cbe, &(0x7f0000000480)={0x0, 0x521c, 0x800, 0x0, 0x2e}, &(0x7f0000000140), &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r0, 0x19, &(0x7f0000000340)={0xfffffffe, 0x64312655, 0x100000001}, 0x0)

1m9.803059833s ago: executing program 34 (id=673):
r0 = syz_io_uring_setup(0x1cbe, &(0x7f0000000480)={0x0, 0x521c, 0x800, 0x0, 0x2e}, &(0x7f0000000140), &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r0, 0x19, &(0x7f0000000340)={0xfffffffe, 0x64312655, 0x100000001}, 0x0)

35.217230052s ago: executing program 1 (id=847):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
write$tcp_congestion(r0, &(0x7f0000000080)='scalable\x00', 0x9)

34.671653961s ago: executing program 1 (id=853):
personality(0x619641b6fb4b8591)
syz_io_uring_setup(0x2621, &(0x7f0000000140)={0x0, 0xcef5, 0x1000, 0x1, 0x161}, &(0x7f0000000100), &(0x7f00000000c0))

34.31959284s ago: executing program 1 (id=856):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00cfffe3149d70f320a489c0000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000100000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
socket$inet(0x2, 0xa, 0xb)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
r4 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key(0x0, 0x0, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b041bfc026dc41fb9b9761a1b44", 0x24, r4)
keyctl$revoke(0x3, r5)
keyctl$search(0xa, r4, &(0x7f0000000400)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff)
syz_open_dev$usbmon(0x0, 0x7, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4010, r6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x8f, &(0x7f0000000480)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xeb, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)

31.496864532s ago: executing program 1 (id=859):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77a08347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1"], 0xf, 0x2a4, &(0x7f00000001c0)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

30.969520931s ago: executing program 1 (id=863):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = timerfd_create(0x1, 0x80800)
timerfd_gettime(r3, 0x0)

30.386948119s ago: executing program 1 (id=867):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setitimer(0x1, &(0x7f0000000380)={{}, {0x77359400}}, &(0x7f0000000300))

29.909041698s ago: executing program 35 (id=867):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setitimer(0x1, &(0x7f0000000380)={{}, {0x77359400}}, &(0x7f0000000300))

8.083421632s ago: executing program 0 (id=954):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0x19, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x10200, 0x1, 0xeeef0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$OSF_MSG_REMOVE(r1, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000480)={&(0x7f0000001340)={0x4bc, 0x1, 0x5, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}, [{{0x254, 0x1, {{0x2, 0x7f}, 0x34, 0x3, 0x1, 0x5, 0x1d, 'syz0\x00', "bbe1e0b4b4a63e09f9733e321bba32de92a6db9d1aafe77c356bbd6f35c36616", "70fbbe022b8fbc72b8b837487f15217d94ff2cd7cdd30de61e83661ec3c9e991", [{0x8, 0xffff, {0x3, 0x9}}, {0xfe, 0x40, {0x0, 0xcf}}, {0x5, 0xd, {0x1, 0x2}}, {0x0, 0xfd, {0x1, 0x20000000}}, {0x2, 0x8, {0x2}}, {0x80, 0x8, {0x1, 0x7}}, {0x6, 0x5, {0x0, 0x5}}, {0xbb9, 0x1, {0x2, 0x4}}, {0xfff8, 0xdd4c, {0x2, 0x4}}, {0x0, 0x539, {0x2, 0x7}}, {0x5, 0x46, {0x0, 0xe}}, {0x3, 0x6, {0x0, 0x270f}}, {0x101, 0x0, {0x0, 0x8}}, {0x8, 0x9, {0x3, 0xffff}}, {0x7, 0x7, {0x1, 0x81}}, {0x3, 0x2, {0x0, 0x10000}}, {0x6, 0x59, {0x0, 0x10}}, {0xc, 0x1, {0x2, 0x10}}, {0x8, 0xe0, {0x2, 0x7}}, {0x5f, 0x7, {0x3}}, {0xa6, 0x196, {0x1, 0x3}}, {0x26f9, 0x9, {0x2, 0x9}}, {0x401, 0x9, {0x0, 0x6}}, {0x1bf, 0x5, {0x2, 0xb845}}, {0xe, 0x3ff, {0x3, 0x5}}, {0x2, 0xb, {0x3, 0x3}}, {0x7f, 0x0, {0x1, 0x7}}, {0x6, 0x0, {0x0, 0xef}}, {0x7, 0x7fff}, {0x2, 0x9, {0x2, 0x3e4c}}, {0x0, 0x36, {0x2, 0xa}}, {0x7, 0x9, {0x3, 0x4}}, {0xce97, 0x2, {0x0, 0x7ff}}, {0x1, 0x8, {0x1, 0x9}}, {0xff, 0x3, {0x1, 0x3}}, {0x1ff, 0x200, {0x3, 0x7}}, {0x0, 0x8, {0x1, 0x2}}, {0x800, 0x3e, {0x1, 0x83}}, {0x5, 0xe, {0x2, 0xe6}}, {0x401, 0x401, {0x2, 0x4}}]}}}, {{0x254, 0x1, {{0x2}, 0xe, 0x5, 0x7, 0x3, 0x1f, 'syz1\x00', "5f6e01917b921d2ac36748f117aa54588f11ad27b9a53fa8537de427a82829ac", "41050c900614fe8f718b4879c08de47af46892c61f5b01a27ee632290853e50f", [{0x0, 0x5, {0x0, 0x200}}, {0x1ff, 0x9, {0x0, 0xb660}}, {0x657, 0x80, {0x0, 0x8}}, {0x0, 0x7, {0x3, 0x101}}, {0x6, 0x7425, {0x1, 0xd}}, {0x9, 0xd, {0x1, 0x1}}, {0x7, 0x36, {0x3}}, {0xb, 0x1000, {0x3, 0x4}}, {0x5f9, 0x6, {0x0, 0xe566}}, {0x1, 0x53, {0x0, 0x6}}, {0x7, 0xd, {0x3, 0x7ff}}, {0x0, 0xe, {0x2, 0x4}}, {0x2, 0xc, {0x2, 0x4}}, {0x1, 0x4, {0x2, 0xe8d6}}, {0x5, 0x6, {0x0, 0x7}}, {0x1, 0x5, {0x1, 0x3}}, {0x2, 0x8, {0x0, 0x3}}, {0xfffa, 0xfffb, {0x0, 0x7}}, {0x8, 0xff, {0x1, 0x6}}, {0x3, 0x4, {0x2}}, {0x7fff, 0x8, {0x0, 0x120000}}, {0xe, 0x7f, {0x3, 0x4}}, {0x2, 0x8, {0x2, 0x7}}, {0x7, 0x5, {0x3, 0x401}}, {0x254, 0x1000, {0x2, 0x2ff}}, {0x2, 0x22, {0x0, 0x2a9}}, {0xed, 0x4, {0x2, 0x6}}, {0x8600, 0x401, {0x3, 0x7}}, {0xc0d0, 0x7, {0x3, 0xffffffff}}, {0x5, 0x0, {0x3, 0xb7f8}}, {0x0, 0x5, {0x2}}, {0xf28c, 0x1, {0x3, 0x3}}, {0x10, 0x81, {0x0, 0x9}}, {0x100, 0x7fff, {0x3, 0x2}}, {0x7, 0x5, {0x0, 0xfffffff9}}, {0x3, 0x8, {0x1, 0x80000001}}, {0x1, 0x4, {0x0, 0x5}}, {0x4, 0x4, {0x1, 0x7f}}, {0x1d0, 0x8, {0x1, 0xdb01}}, {0x2, 0xb0, {0x3, 0x86d}}]}}}]}, 0x4bc}}, 0x4040001)
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0130014010ff"})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r3, 0x80047210, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00'})
getresuid(0x0, &(0x7f0000001bc0), &(0x7f0000000040))
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r3)
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, r4, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x9}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5}]}, 0x3c}}, 0x10)

6.758732498s ago: executing program 7 (id=958):
unshare(0x20040600)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

6.571184818s ago: executing program 5 (id=960):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, 0x6, 0x10000, @value}, 0x28)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000540)=ANY=[@ANYBLOB='allow_utime=00000000000000000000006,umask=00000000000000000000002,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000000,umask=00000000000000000000001,namecase=1,fmask=00000000000000000000006,fmask=00000000000000000000005,zero_size_dir,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d7265e13097d660dbb1456d6f756e742d726f2c00"], 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
r6 = epoll_create1(0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r7, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000000))
mount$bind(0x0, 0x0, 0x0, 0x110000, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
rename(0x0, &(0x7f0000000080)='./file2\x00')
r8 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
write$evdev(r8, &(0x7f0000000040), 0x373)
ioctl$EVIOCGKEY(r8, 0x80404518, &(0x7f0000000200)=""/36)

6.351696037s ago: executing program 7 (id=961):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x2000000, 0x1, 0x20000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

5.286886505s ago: executing program 7 (id=962):
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x100c007, &(0x7f00000016c0)=ANY=[@ANYBLOB='shortad,longad,adinicb,novrs\x00noadinicb,lastblock=00000000000000001313,partition=00000000000000000004,session=\x00\x00\x00\x000000000000000009,dmode=00000000000000000002007,defcontext=root,\x00'], 0xfd, 0xc2f, &(0x7f0000000280)="$eJzs3UFsHNd9B+D/G5IiaTcVEyeK3cbFui1SmbFcWVJMxSrcVU2zDSDLRCjmFoArcqUuTJEESTWykbZMLz30EKAoesiJQGsUSNHAqIugR7Z1geTiQ5FTT0QLG0HRA1sEyMlgMLNvpSVFWYxISpT1fTb12515b+bNm+EMJfDtCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4vdePX/yhfSgWwEA3E8XJ7528pTnPwA8Ui75+z8AAAAAAAAAAAAAABx2KYp4IlIsXNxIU9X7toELrbnrNyZHx3auNpiqmj1V+fJr4IVTp898+cWRs538+Pr77al4feLS+dor89cWFptLS82Z2uRca3p+ptj1Fnau37znFg2XHdAfEddnrlxZqp16/vSW1TeGPux//NjQuZFnTzzdLnujNjk6NjbRVaa37573fps7jfA4EkWciBTPff8nqRERVYftsS/ucu0ctMHqIIarg5gcHasOZLbVmFsuV453OqKIqHVVqnf66D6ciz2pR6yUzS8bPFwe3sRCY7FxebZZG28sLreWW/Nz46nd2vJ4alHE2RSxGhHr/bdvri+K6I0U3z26kS5HRE+nH75UDQy+czt2/511IMp21voiVouH4JwdYv1RxGuR4qfvHY/pss/yV3wx4rUyfxDxdpkvR6TywjgT8cEO1xEPp94o4i/K839uI81U94POfeXC12tfnbsy31W2c1/Z2/NhM1899/35MLgt749Dfm8aiCIa1R1/I937DzsAAAAAAAAAAAAAAAAA7LfBKOKpSPHqf/xRNa44qnHpR8+N/P7Qp7rHjD95l+2UZZ+PiJVid2Nyj+QhxONpPKUHPJb4UTYQRfxxHv/37QfdGAAAAAAAAAAAAAAAAAAAgEdaET+OFC+9fzytRvec4q25q7VLjcuz7VlhO3P/duZM39zc3KyldtZzTuVcybmacy3nes4ocv2c9ZxTOVdyruZcy7meM3py/Zz1nFM5V3Ku5lzLuZ4zenP9nPWcUzlXcq7mXMu5njMOydy9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfJEUU8VGk+M43N1KkiKhHTEU71/ofdOsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFJ/KuLdSFH7g/rNZb0Rkar/246Xf5yJ+pEyPxP1kTJfjvr5nI0qe+vffgDtZ2/6UhE/ihT9A+/cPOGfap//vva7m5dBvP2tW+9+pbedPZ2VQx/2P37s6LmRsV978k6v004NGL7Qmrt+ozY5OjY20bW4N+/9M13LhvJ+i/05dCJi6c233mjMzjYX7/1FeQnsoboXu35xRD/f24vNfLX/otWj9xA0/gG9eMA3Ju6L8vn/QaT47ff/s/PA7/z890vtdzef8PGzP7n1/H9p+4YO6Pn/RNeyl/JPI329EQPL1xb6jkUMLL351onWtcbV5tXm3JmTJ78yMvKV0yf7jkQMXGnNNrte7bmrAAAAAAAAAAAAAAAAAO6vVMTvRorGjzZSLSJuVOO1hs6NPHvi6Z7oqcZbbRm39frEpfO1V+avLSw2l5aaM7XJudb0/Exzt7sbqIZ7TY6OHcjB3NXgAbd/cOCV+YU3F1tX/3B5x/WPDZy/vLS82JjeeXUMRhFR714yXDV4cnSsavRsqzFXVR3fcTDdL64vFfFfkWL6TC09k5fl8X/bR/hvGf+/sn1DBzT+79Ndy8p9plTEzyLFb/3lk/FM1c7H4rY+y+X+NlIMn/1CLhdHynKdNrQ/V6A9MrAs+3+R4h8/2lq2Mx7yiVtlX9h1xz4kyvN/NFK8++ffi1/Py3q3fP7Dzuf/se0b2uX53/zTbfXucv4/27XssS2fV7A/x/+oK8//iUjx8hPvxG/kZb0f8/kfnc/eOJ4L3/x8jgP6/v9c17KhvN/f3J9DBwAAAAAAAAAAeKj1pSL+LlI8PdabXszLdvP7fzPbN3RAv//1+a5lM/szX9FdX+y5UwEAAADgkOhLRfw4UlxdfufmGOqt47+7xn/+zq3xn6Np29rq3/l+ufrcgP38979uQ3m/U3s/bAAAAAAAAAAAAAAAAAAAADhUUirixTyf+tRd5lNfixSv/s9zuVw6VpbrzAM/VP05cHF+7sT52dn56cZy4/Jsszax0JhulnU/Gyk2/uYLuW5Rza/+zLZ9dOZiX4wUY3/fKduei70zN3l7PvD2XOxl2U9Hiv/+h61lO/NYf+5W2VNl2b+OFN/4553LHrtV9nRZ9nuR4offqHXKPlaW7Xw+6udvlX1+er7Y1/MBAAAAAAAAAAAAAAAAAADAo6kvFfFnkeJ/r63eHMuf5//v63pbeftbXfP9b3Ojmud/qJr//06v72X+/6Hba3y02RaxefQejxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA63FEW8FSkWLm6ktf7yfdvAhdbc9RuTo2M7VxtMVc2eqnz5NfDCqdNnvvziyNlOfnz9/fZUvD5x6XztlflrC4vNpaXmTG1yrjU9P9Pc9Rb2Wn+74aoDatfeuD5z5cpS7dTzp7esvjH0Yf/jx4bOjTx74ulO2cnRsbGJrjK9ffe899ukOyw/EkX8VaR47vs/Sf/SH1HE3vviLtfOQRusDmK4OojJ0bHqQGZbjbnlcuV4pyOKiFpXpXqnj+7DudiTesRK2fyywcPl4U0sNBYbl2ebtfHG4nJruTU/N57arS2PpxZFnE0RqxGx3n/75vqiiDcixXePbqR/7Y/o6fTDly5OfO3kqTu3ozjAY9yFsp21vojV4iE4Z4dYfxTxT5Hip+8dj3/rj+iN9ld8MeK1Mn8Q8Xa0z3cqL4wzER/scB3xcOqNIv6/PP/nNtJ7/eX9oHNfufD12leX3+0u27mvPPTPh/vpkN+bBqKIH1Z3/I30776vAQAAAAAAAAAAAAAAAA6RIn41Urz0/vFUjQ/uDIpebM1drV1qXJ5tD+vrjP3rrN7c3NyspXbWc07lXMm5mnMt53rOKHL9nPUyBzY3p/L7lZyrOddyrueMnlw/Zz3nVM6VnKs513Ku54zeXD9nPedUzpWcqznXcq7njEMydg8AAAAAAAAAAAAAAAAAAPhkKar/Unznmxtps789v/RUtHPNfKCfeD8PAAD//4Vl++I=")

5.118870314s ago: executing program 5 (id=964):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r1, r0}, 0xc)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x23, 0x0, 0x0)

4.925583743s ago: executing program 0 (id=965):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, 0x0)

4.759659483s ago: executing program 5 (id=967):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x5, @rand_addr=' \x01\x00'}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x18, 0x3, "c6a41d106c720000000000000000000002000000"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x4048010)
connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x0, {0x4e23, 0x4}}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

4.656525423s ago: executing program 3 (id=968):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
r2 = creat(&(0x7f0000000440)='./bus\x00', 0x0)
splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

4.291615371s ago: executing program 7 (id=969):
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
epoll_create(0x101)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000000000000000000000100000000000000", @ANYRES32=r4])
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040))

3.887063921s ago: executing program 0 (id=970):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000040)=0x26, 0xe)
shutdown(r0, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c0000000400000004000000"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000140)="ead31738087b86e840e603d10d7a0b71d7ace3d566a4de3ae14767098d78146de6c19d0f8c0ce9495a55b030f5fec037a48ae37d05a40ea51332372e330aad3d1668f0f136de5b7d34d3fb4cbfc1fcc6d8210622068912902199c426d5c0dc", 0x6, r1}, 0x38)
connect$bt_rfcomm(r0, &(0x7f0000005dc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x15}, 0xa)

3.719811561s ago: executing program 0 (id=971):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r2}, 0x10)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r1, &(0x7f0000000240)="94", 0x1)
vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
tee(r0, r3, 0x8f5, 0x0)

3.71606197s ago: executing program 5 (id=972):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

3.5721126s ago: executing program 3 (id=973):
write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x11, 0x1, {0x0, 0x400000, 0xf}}, 0x14)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r1 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x0, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001740)=""/192, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

3.5234188s ago: executing program 7 (id=974):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, 0x6, 0x10000, @value}, 0x28)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000540)=ANY=[@ANYBLOB='allow_utime=00000000000000000000006,umask=00000000000000000000002,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000000,umask=00000000000000000000001,namecase=1,fmask=00000000000000000000006,fmask=00000000000000000000005,zero_size_dir,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d7265e13097d660dbb1456d6f756e742d726f2c00"], 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
r6 = epoll_create1(0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r7, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000000))
mount$bind(0x0, 0x0, 0x0, 0x110000, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
rename(0x0, &(0x7f0000000080)='./file2\x00')
r8 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
write$evdev(r8, &(0x7f0000000040), 0x373)
ioctl$EVIOCGKEY(r8, 0x80404518, &(0x7f0000000200)=""/36)

3.348619929s ago: executing program 5 (id=975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0x19, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x10200, 0x1, 0xeeef0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$OSF_MSG_REMOVE(r1, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000480)={&(0x7f0000001340)={0x4bc, 0x1, 0x5, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}, [{{0x254, 0x1, {{0x2, 0x7f}, 0x34, 0x3, 0x1, 0x5, 0x1d, 'syz0\x00', "bbe1e0b4b4a63e09f9733e321bba32de92a6db9d1aafe77c356bbd6f35c36616", "70fbbe022b8fbc72b8b837487f15217d94ff2cd7cdd30de61e83661ec3c9e991", [{0x8, 0xffff, {0x3, 0x9}}, {0xfe, 0x40, {0x0, 0xcf}}, {0x5, 0xd, {0x1, 0x2}}, {0x0, 0xfd, {0x1, 0x20000000}}, {0x2, 0x8, {0x2}}, {0x80, 0x8, {0x1, 0x7}}, {0x6, 0x5, {0x0, 0x5}}, {0xbb9, 0x1, {0x2, 0x4}}, {0xfff8, 0xdd4c, {0x2, 0x4}}, {0x0, 0x539, {0x2, 0x7}}, {0x5, 0x46, {0x0, 0xe}}, {0x3, 0x6, {0x0, 0x270f}}, {0x101, 0x0, {0x0, 0x8}}, {0x8, 0x9, {0x3, 0xffff}}, {0x7, 0x7, {0x1, 0x81}}, {0x3, 0x2, {0x0, 0x10000}}, {0x6, 0x59, {0x0, 0x10}}, {0xc, 0x1, {0x2, 0x10}}, {0x8, 0xe0, {0x2, 0x7}}, {0x5f, 0x7, {0x3}}, {0xa6, 0x196, {0x1, 0x3}}, {0x26f9, 0x9, {0x2, 0x9}}, {0x401, 0x9, {0x0, 0x6}}, {0x1bf, 0x5, {0x2, 0xb845}}, {0xe, 0x3ff, {0x3, 0x5}}, {0x2, 0xb, {0x3, 0x3}}, {0x7f, 0x0, {0x1, 0x7}}, {0x6, 0x0, {0x0, 0xef}}, {0x7, 0x7fff}, {0x2, 0x9, {0x2, 0x3e4c}}, {0x0, 0x36, {0x2, 0xa}}, {0x7, 0x9, {0x3, 0x4}}, {0xce97, 0x2, {0x0, 0x7ff}}, {0x1, 0x8, {0x1, 0x9}}, {0xff, 0x3, {0x1, 0x3}}, {0x1ff, 0x200, {0x3, 0x7}}, {0x0, 0x8, {0x1, 0x2}}, {0x800, 0x3e, {0x1, 0x83}}, {0x5, 0xe, {0x2, 0xe6}}, {0x401, 0x401, {0x2, 0x4}}]}}}, {{0x254, 0x1, {{0x2}, 0xe, 0x5, 0x7, 0x3, 0x1f, 'syz1\x00', "5f6e01917b921d2ac36748f117aa54588f11ad27b9a53fa8537de427a82829ac", "41050c900614fe8f718b4879c08de47af46892c61f5b01a27ee632290853e50f", [{0x0, 0x5, {0x0, 0x200}}, {0x1ff, 0x9, {0x0, 0xb660}}, {0x657, 0x80, {0x0, 0x8}}, {0x0, 0x7, {0x3, 0x101}}, {0x6, 0x7425, {0x1, 0xd}}, {0x9, 0xd, {0x1, 0x1}}, {0x7, 0x36, {0x3}}, {0xb, 0x1000, {0x3, 0x4}}, {0x5f9, 0x6, {0x0, 0xe566}}, {0x1, 0x53, {0x0, 0x6}}, {0x7, 0xd, {0x3, 0x7ff}}, {0x0, 0xe, {0x2, 0x4}}, {0x2, 0xc, {0x2, 0x4}}, {0x1, 0x4, {0x2, 0xe8d6}}, {0x5, 0x6, {0x0, 0x7}}, {0x1, 0x5, {0x1, 0x3}}, {0x2, 0x8, {0x0, 0x3}}, {0xfffa, 0xfffb, {0x0, 0x7}}, {0x8, 0xff, {0x1, 0x6}}, {0x3, 0x4, {0x2}}, {0x7fff, 0x8, {0x0, 0x120000}}, {0xe, 0x7f, {0x3, 0x4}}, {0x2, 0x8, {0x2, 0x7}}, {0x7, 0x5, {0x3, 0x401}}, {0x254, 0x1000, {0x2, 0x2ff}}, {0x2, 0x22, {0x0, 0x2a9}}, {0xed, 0x4, {0x2, 0x6}}, {0x8600, 0x401, {0x3, 0x7}}, {0xc0d0, 0x7, {0x3, 0xffffffff}}, {0x5, 0x0, {0x3, 0xb7f8}}, {0x0, 0x5, {0x2}}, {0xf28c, 0x1, {0x3, 0x3}}, {0x10, 0x81, {0x0, 0x9}}, {0x100, 0x7fff, {0x3, 0x2}}, {0x7, 0x5, {0x0, 0xfffffff9}}, {0x3, 0x8, {0x1, 0x80000001}}, {0x1, 0x4, {0x0, 0x5}}, {0x4, 0x4, {0x1, 0x7f}}, {0x1d0, 0x8, {0x1, 0xdb01}}, {0x2, 0xb0, {0x3, 0x86d}}]}}}]}, 0x4bc}}, 0x4040001)
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0130014010ff"})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r3, 0x80047210, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00'})
getresuid(0x0, &(0x7f0000001bc0), &(0x7f0000000040))
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r3)
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, r4, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x9}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5}]}, 0x3c}}, 0x10)

3.214904739s ago: executing program 3 (id=976):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

2.366658816s ago: executing program 0 (id=977):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x1010000, &(0x7f0000000780)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@utf8no}, {@uni_xlateno}, {@numtail}, {@numtail}, {}, {@utf8}, {@utf8no}, {@shortname_win95}, {@shortname_lower}, {@shortname_lower}, {@shortname_lower}, {@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1ff}}]}, 0x1, 0x363, &(0x7f0000000280)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ8Hmpy+57znnPtDcntJTp9bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6f/+fOazNzEEVr5zIlACAEzZ2///efdW13k+1+LVa+lQAAHBaPfH0M48urUQ83mjMRKy9udncbMZDw/qly/FSdGI1zsVs3IzILxS6D5Xe44WLK8vnGo3GTvw0F82ImOonNvMrhaWsl1+PhZiNuX5+/2ojpZRd+GRleaHRExG7O73xY62y2ZyOs/3xvz8bq8MLj6KT3lPExZXl841+B821In8nYm9436I7//mYjW+fH3STUvEJxpXlKwvFpIf5m816XBrshQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2ZbwzMDdbPSd3nfKWc+fkJ9b31cfL8/vpAe/n6QKmeIqXfXnug+VYW+9YHGl2fZ9NCggAAAAAAAAAAAAAAAAAAADCwsVWLVqezur6xtd0uF3bWN7amIqIbefnrj744E+NtblGo5kPUIwZDNPrDbrdbKSsapyxiPD3rDl5EPvh0MONym/pgKyZOo35wVafzv3t+fHcYuTsrev5z2CaLyRuYlabx8EjPa//Pp3ScHTUonC9H6uOjX00plSJvlNOvPDveYVQiqsc/cNvtqTi4TeoWvrr24p3F3m99nnL33T/75NV33v+l3ep0R47eEaytb9xM7ValaHy83dLd1UWkEnmhUj4Tqoel7+2PtLLvfn3qrre/OdroqRx5tXs+j7TJ8s35eDS9lhe60xypOjNMn+5vRGd1esLJf6vCbRzTO9777MOUfvj5yEMMTY29bFT+nlcfAAAAAAAAAAAAAAAAAACgrPRd8b7+l32nD8t68LGTnxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HOG//+/VNjbjZHIUQp/7EzIqq+ub0TU/u3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA///tLFqQ")
socket$unix(0x1, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

2.208609836s ago: executing program 7 (id=978):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000002c0)={[{@mb_optimize_scan}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@auto_da_alloc}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000c00)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000360002000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')

2.151586996s ago: executing program 3 (id=979):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

1.924298176s ago: executing program 3 (id=980):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xf, 0x0, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
chdir(0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x1, 0x1b8, [0x20000080, 0x0, 0x0, 0x200000b0, 0x20000208], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000000a2da8114a0c26fbc00000003000a1000000000000000000000000000000000000000ffffffff00000000000000000000000a065f18a00f8b822400000000000000007fffffff000000000000020000000000ffffffff0100000003000000000000000000726f736530020000000000000000000069705f767469300000000000000000fc687064647001003800000000000400007465716c30000000000008000000eddcaaaaaaaaaa00fffffff35d6e000005ffffef00020000ddff0000"]}, 0x13c)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000640), 0x610800, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000007c0)=ANY=[@ANYRES16=r4, @ANYBLOB="00032abd7000ffdbdf255c00000008006b006e00000008006b001c0200000800"], 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4008800)
r5 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x9, 0x1, 0x6, '\x00', 0x7})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.910259325s ago: executing program 8 (id=868):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
msgget(0x3, 0x710)
msgctl$IPC_RMID(0x0, 0x0)

1.232588864s ago: executing program 5 (id=981):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x102, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x2a)

675.223893ms ago: executing program 3 (id=982):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x5, @rand_addr=' \x01\x00'}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x18, 0x3, "c6a41d106c720000000000000000000002000000"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x4048010)
connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x0, {0x4e23, 0x4}}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

0s ago: executing program 0 (id=983):
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
epoll_create(0x101)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000000000000000000000100000000000000", @ANYRES32=r4])
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

pending, handler #8a!!!
[   86.323520][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[   86.879768][ T4331] syz.0.1: attempt to access beyond end of device
[   86.879768][ T4331] loop0: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[   86.914873][ T4331] Buffer I/O error on dev loop0, logical block 100663296, async page read
[   86.934076][ T4339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.938504][ T4331] syz.0.1: attempt to access beyond end of device
[   86.938504][ T4331] loop0: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[   86.942098][ T4339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.967641][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.994973][   T26] cfg80211: failed to load regulatory.db
[   87.019289][ T4331] Buffer I/O error on dev loop0, logical block 100663296, async page read
[   87.038463][ T4343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.047300][ T4343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.200119][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   87.574627][ T4351] input: syz0 as /devices/virtual/input/input5
[   87.630909][ T4333] program syz.4.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.641791][ T4333] program syz.4.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.651634][ T4333] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   87.668307][ T4333] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5'.
[   87.782416][ T4348] loop1: detected capacity change from 0 to 4096
[   87.904314][ T4346] fuse: Unknown parameter 'tmode'
[   88.277844][ T4354] loop0: detected capacity change from 0 to 2048
[   88.460871][ T4333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   88.613178][ T4333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   88.625207][ T4333] bond0 (unregistering): Released all slaves
[   88.835752][ T4359] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.393394][ T4359] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[   89.784571][ T4359] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[   90.424829][ T4359] Remounting filesystem read-only
[   90.436634][ T4252] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[   90.443330][ T4252] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[   90.448801][ T4250] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[   91.739020][ T4377] loop4: detected capacity change from 0 to 64
[   91.791674][ T4377] hfs: get root inode failed
[   92.245718][ T4382] loop3: detected capacity change from 0 to 16
[   92.272050][ T4382] erofs: (device loop3): mounted with root inode @ nid 36.
[   92.310797][ T4382] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   92.323221][ T4382] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[46, 4050] out[1851]
[   92.334669][ T4382] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117]
[   93.126946][ T4371] loop1: detected capacity change from 0 to 32768
[   93.238492][ T4371] XFS (loop1): Mounting V5 Filesystem
[   93.351839][ T4371] XFS (loop1): Starting recovery (logdev: internal)
[   94.060846][ T4371] XFS (loop1): Ending recovery (logdev: internal)
[   94.169872][ T4252] XFS (loop1): Unmounting Filesystem
[   94.224169][ T4399] Zero length message leads to an empty skb
[   94.566770][ T4406] loop3: detected capacity change from 0 to 4096
[   94.591745][ T4410] loop2: detected capacity change from 0 to 24
[   95.153773][   T22] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   95.447564][   T22] usb 2-1: config 7 descriptor has 1 excess byte, ignoring
[   95.499492][   T22] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2
[   95.536081][   T22] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[   95.563958][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.572945][   T22] usb 2-1: Product: syz
[   95.588945][   T22] usb 2-1: Manufacturer: syz
[   95.603844][   T22] usb 2-1: SerialNumber: syz
[   95.662982][   T22] rndis_wlan 2-1:7.0: skipping garbage
[   95.668880][   T22] usb 2-1: bad CDC descriptors
[   95.679182][   T22] rndis_host 2-1:7.0: skipping garbage
[   95.685217][   T22] usb 2-1: bad CDC descriptors
[   95.691110][   T22] option 2-1:7.0: GSM modem (1-port) converter detected
[   95.793842][ T4421] loop2: detected capacity change from 0 to 32768
[   95.840232][ T4421] =======================================================
[   95.840232][ T4421] WARNING: The mand mount option has been deprecated and
[   95.840232][ T4421]          and is ignored by this kernel. Remove the mand
[   95.840232][ T4421]          option from the mount to silence this warning.
[   95.840232][ T4421] =======================================================
[   95.898118][ T4421] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.25 (4421)
[   96.033529][ T4300] usb 2-1: USB disconnect, device number 2
[   96.057581][ T4300] option 2-1:7.0: device disconnected
[   96.343338][ T4421] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   96.365138][ T4421] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[   96.422387][ T4421] BTRFS info (device loop2): enabling disk space caching
[   96.792988][ T4421] BTRFS info (device loop2): turning off barriers
[   97.180485][ T4421] BTRFS info (device loop2): doing ref verification
[   97.234235][ T4421] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[   97.260491][ T4435] loop3: detected capacity change from 0 to 512
[   97.289995][ T4421] BTRFS info (device loop2): use zstd compression, level 3
[   97.297490][ T4421] BTRFS info (device loop2): force clearing of disk cache
[   97.306336][ T4421] BTRFS info (device loop2): setting nodatacow, compression disabled
[   97.315758][ T4421] BTRFS info (device loop2): doing ref verification
[   97.322514][ T4421] BTRFS info (device loop2): disk space caching is enabled
[   97.470850][ T4435] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   97.534217][ T4435] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.612153][ T4435] fs-verity (loop3, inode 15): Unrecognized descriptor size: 0 bytes
[   97.661111][ T4421] BTRFS info (device loop2): enabling ssd optimizations
[   97.693712][ T4421] BTRFS info (device loop2): rebuilding free space tree
[   97.875475][ T4421] BTRFS info (device loop2): disabling free space tree
[   97.924060][ T4421] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   97.949676][ T4421] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.145434][ T4446] loop0: detected capacity change from 0 to 32768
[   98.194525][ T4431] loop4: detected capacity change from 0 to 32768
[   98.230619][ T4251] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   98.337776][ T4431] XFS (loop4): Mounting V5 Filesystem
[   98.436729][ T4446] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   98.488489][ T4262] EXT4-fs (loop3): unmounting filesystem.
[   98.543938][ T4446] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   98.572546][ T4431] XFS (loop4): Starting recovery (logdev: internal)
[   98.605737][ T4446] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   98.616986][ T3714] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   98.626077][ T3714] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   98.664613][ T4431] XFS (loop4): Ending recovery (logdev: internal)
[   98.785901][ T3714] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 159ms
[   98.822009][ T3714] gfs2: fsid=syz:syz.0: jid=0: Done
[   98.826140][ T4475] loop3: detected capacity change from 0 to 2048
[   98.844692][ T4446] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   98.899245][ T4475] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   99.026932][ T4479] loop1: detected capacity change from 0 to 2048
[   99.096730][   T27] audit: type=1800 audit(1740571973.053:2): pid=4475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.34" name="file1" dev="loop3" ino=1346 res=0 errno=0
[   99.933676][ T4489] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.323429][ T4489] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  100.387399][ T4489] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  100.482643][ T4489] Remounting filesystem read-only
[  100.535978][ T4252] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  101.443235][ T4249] XFS (loop4): Unmounting Filesystem
[  102.192626][ T4506] loop2: detected capacity change from 0 to 64
[  102.630123][ T4492] loop3: detected capacity change from 0 to 32768
[  102.909239][ T4492] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.37 (4492)
[  103.011527][ T4492] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  103.073766][ T4492] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  103.108467][ T4492] BTRFS info (device loop3): setting nodatacow, compression disabled
[  103.253941][ T4492] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  103.346506][ T4492] BTRFS info (device loop3): trying to use backup root at mount time
[  103.364019][ T4492] BTRFS info (device loop3): enabling auto defrag
[  103.480941][ T4492] BTRFS info (device loop3): max_inline at 4096
[  103.606152][ T4492] BTRFS info (device loop3): using free space tree
[  104.597425][ T4536] Invalid ELF header magic: != ELF
[  105.144218][ T4492] BTRFS error (device loop3): open_ctree failed: -12
[  106.208529][ T4542] loop0: detected capacity change from 0 to 24
[  106.802484][ T4548] loop3: detected capacity change from 0 to 4096
[  107.379274][ T4560] Bluetooth: (null): Invalid header checksum
[  108.103218][ T4555] sched: RT throttling activated
[  110.196889][ T4566] loop1: detected capacity change from 0 to 4096
[  110.357931][ T4574] netlink: 'syz.0.54': attribute type 21 has an invalid length.
[  111.086419][ T4580] loop4: detected capacity change from 0 to 512
[  111.270240][ T4262] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  111.279685][ T4262] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  111.311750][ T4582] process 'syz.0.54' launched './file0' with NULL argv: empty string added
[  111.430880][ T4585] loop1: detected capacity change from 0 to 64
[  112.138573][ T4586] block nbd0: shutting down sockets
[  112.405090][ T4587] loop2: detected capacity change from 0 to 4096
[  112.539747][ T4594] Invalid ELF header magic: != ELF
[  113.998851][ T4580] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  114.036566][ T4580] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  114.070431][ T4580] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  114.122055][ T4580] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  114.210083][ T4264] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.278659][ T4580] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  114.341909][ T4580] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  114.354389][ T4580] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  114.429731][ T4580] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  114.476845][ T4580] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  114.505296][ T4580] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  114.537528][ T4580] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  114.632866][ T4580] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  114.658184][ T4580] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  114.687921][ T4580] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  114.694839][ T4580] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  114.729939][ T4598] device veth1_macvtap left promiscuous mode
[  116.639688][ T4258] Bluetooth: hci1: command 0x0c1a tx timeout
[  116.640647][ T4264] Bluetooth: hci0: command 0x0406 tx timeout
[  116.646460][ T4258] Bluetooth: hci3: command 0x0c1a tx timeout
[  116.658063][ T4258] Bluetooth: hci2: command 0x0c1a tx timeout
[  116.725339][  T126] libceph: connect (1)[c::]:6789 error -101
[  116.733728][ T4264] Bluetooth: hci4: command 0x0c1a tx timeout
[  116.735324][  T126] libceph: mon0 (1)[c::]:6789 connect error
[  116.776919][ T4603] ceph: No mds server is up or the cluster is laggy
[  117.074788][ T4614] loop4: detected capacity change from 0 to 512
[  117.109658][ T4614] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  117.217329][ T4614] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  117.263859][ T4614] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.403812][  T953] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  117.791536][  T953] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  118.041893][  T953] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  118.089693][  T953] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  118.143641][  T953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.197206][ T4621] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  118.297935][ T4249] EXT4-fs (loop4): unmounting filesystem.
[  118.485923][  T953] usb 4-1: USB disconnect, device number 2
[  118.733756][ T4258] Bluetooth: hci3: command 0x0406 tx timeout
[  118.734025][ T4264] Bluetooth: hci2: command 0x0406 tx timeout
[  118.739845][ T4258] Bluetooth: hci1: command 0x0406 tx timeout
[  118.813653][ T4264] Bluetooth: hci4: command 0x0406 tx timeout
[  118.844367][ T4642] program syz.4.67 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  119.217751][ T4633] loop1: detected capacity change from 0 to 40427
[  119.283671][ T4633] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  119.350651][ T4633] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  120.334226][ T4652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.69'.
[  121.100266][ T4633] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-12)
[  121.194291][ T4657] netlink: 12 bytes leftover after parsing attributes in process `syz.4.71'.
[  122.226152][ T4666] Invalid ELF header magic: != ELF
[  124.146326][ T4668] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  125.440349][ T4697] program syz.4.84 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.829339][ T4701] loop2: detected capacity change from 0 to 2048
[  125.907544][ T4701] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.974069][   T27] audit: type=1800 audit(1740571999.933:3): pid=4701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.86" name="file1" dev="loop2" ino=1346 res=0 errno=0
[  126.050318][ T4703] IPVS: persistence engine module ip_vs_pe_
� not found
[  126.611695][ T4691] loop3: detected capacity change from 0 to 32768
[  126.697266][ T4691] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  126.723703][ T4691] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  126.867013][ T4691] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  126.925089][  T953] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  126.932086][  T953] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  127.908523][  T953] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 976ms
[  127.932757][  T953] gfs2: fsid=syz:syz.0: jid=0: Done
[  127.956796][ T4691] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  128.370015][ T4732] overlayfs: missing 'lowerdir'
[  128.475980][ T4732] netlink: 'syz.0.95': attribute type 1 has an invalid length.
[  128.568098][ T4732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.95'.
[  128.777185][ T4739] netlink: 28 bytes leftover after parsing attributes in process `syz.4.97'.
[  128.811236][ T4739] device bridge_slave_1 left promiscuous mode
[  128.855775][ T4739] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.894581][ T4739] device bridge_slave_0 left promiscuous mode
[  128.902299][ T4739] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.569225][ T4763] device veth1_macvtap left promiscuous mode
[  133.058496][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  133.065231][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.791137][ T4784] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  133.855703][ T4790] syz.1.112 uses obsolete (PF_INET,SOCK_PACKET)
[  134.001573][ T4779] loop4: detected capacity change from 0 to 32768
[  134.051422][ T4779] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  134.084416][ T4779] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  134.125511][ T4258] Bluetooth: unknown link type 108
[  134.299881][ T4779] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  134.357352][ T4300] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  134.369911][ T4300] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  134.380412][ T4793] syz.1.112 (4793) used greatest stack depth: 20032 bytes left
[  134.545925][ T4300] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 176ms
[  134.568554][ T4300] gfs2: fsid=syz:syz.0: jid=0: Done
[  134.583886][ T4779] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  134.866893][ T4810] 9pnet_virtio: no channels available for device syz
[  135.109251][ T4815] device lo entered promiscuous mode
[  135.975124][ T4819] device lo left promiscuous mode
[  136.102765][ T4815] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  136.173628][ T4258] Bluetooth: hci3: command 0x0409 tx timeout
[  136.180253][ T4829] loop1: detected capacity change from 0 to 2048
[  136.329036][ T4829] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  136.741999][ T4258] Bluetooth: hci4: unexpected event for opcode 0x0401
[  137.361919][ T4841] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.119: bg 0: block 234: padding at end of block bitmap is not set
[  137.412304][ T4841] EXT4-fs (loop1): Remounting filesystem read-only
[  137.490341][ T4837] device veth1_macvtap left promiscuous mode
[  138.513696][  T953] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  138.698880][  T953] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  138.698952][  T953] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  138.698989][  T953] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  138.699014][  T953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.703137][ T4851] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  139.022487][  T953] usb 1-1: USB disconnect, device number 2
[  140.240355][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  140.618601][ T4874] loop1: detected capacity change from 0 to 2048
[  140.696829][ T4874] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.750818][   T27] audit: type=1800 audit(1740572014.703:4): pid=4874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.132" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  140.815621][ T4258] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  140.824511][ T4258] Bluetooth: hci4: Injecting HCI hardware error event
[  140.835363][ T4264] Bluetooth: hci4: hardware error 0x00
[  142.209431][ T4870] loop3: detected capacity change from 0 to 32768
[  142.399079][ T4870] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  142.423757][ T4870] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  142.973649][ T4264] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  144.058735][ T4870] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  144.077196][ T4539] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  144.084336][ T4539] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  144.151684][ T4539] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 67ms
[  144.170359][ T4539] gfs2: fsid=syz:syz.0: jid=0: Done
[  144.198737][ T4870] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  144.230769][ T4870] gfs2: fsid=syz:syz.0: can't start logd thread: -4
[  144.375767][ T4264] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260
[  144.397654][ T4904] loop4: detected capacity change from 0 to 2048
[  144.454564][ T4904] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  145.562098][ T4915] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.142: bg 0: block 234: padding at end of block bitmap is not set
[  145.583193][ T4915] EXT4-fs (loop4): Remounting filesystem read-only
[  145.656384][ T4919] netlink: 12 bytes leftover after parsing attributes in process `syz.3.145'.
[  146.576375][ T4936] netlink: 64 bytes leftover after parsing attributes in process `syz.1.147'.
[  150.256299][ T4956] tmpfs: Unknown parameter 'usrquota'
[  150.584392][ T4249] EXT4-fs (loop4): unmounting filesystem.
[  151.178141][ T4966] loop1: detected capacity change from 0 to 2048
[  151.234353][ T4966] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.271392][   T27] audit: type=1800 audit(1740572025.223:5): pid=4966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.157" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  153.212218][ T4991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.161'.
[  153.465171][ T4997] loop2: detected capacity change from 0 to 2048
[  153.520868][ T4998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.161'.
[  153.526466][ T4997] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  153.555105][ T5002] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  153.718501][ T5002] EXT4-fs (loop2): Remounting filesystem read-only
[  155.336401][ T4251] EXT4-fs (loop2): unmounting filesystem.
[  155.619066][ T5025] loop4: detected capacity change from 0 to 2048
[  155.679617][ T5025] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.810249][   T27] audit: type=1800 audit(1740572029.763:6): pid=5025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.169" name="file1" dev="loop4" ino=1346 res=0 errno=0
[  156.645726][ T5040] mmap: syz.4.172 (5040) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  159.298673][ T5059] loop1: detected capacity change from 0 to 2048
[  159.391709][ T5059] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  159.518043][ T5060] infiniband syz0: set active
[  159.523160][ T5060] infiniband syz0: added bond0
[  159.622056][ T5060] RDS/IB: syz0: added
[  159.627135][ T5060] smc: adding ib device syz0 with port count 1
[  159.633474][ T5060] smc:    ib device syz0 port 1 has pnetid 
[  160.117072][   T11] Bluetooth: hci5: Frame reassembly failed (-84)
[  160.501874][ T5078] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.178: bg 0: block 234: padding at end of block bitmap is not set
[  160.520073][ T5078] EXT4-fs (loop1): Remounting filesystem read-only
[  160.699295][ T4297] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  160.869278][ T5080] netlink: 64 bytes leftover after parsing attributes in process `syz.3.182'.
[  160.915838][ T4297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.941342][ T4297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.975112][ T4258] Bluetooth: hci2: command 0x0405 tx timeout
[  160.978058][ T4297] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  161.043692][ T4297] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.071871][ T4297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.121322][ T4297] usb 3-1: config 0 descriptor??
[  161.549836][ T4297] usbhid 3-1:0.0: can't add hid device: -71
[  161.576510][ T4297] usbhid: probe of 3-1:0.0 failed with error -71
[  161.614859][ T4297] usb 3-1: USB disconnect, device number 2
[  162.064551][ T5086] 9pnet_virtio: no channels available for device syz
[  162.094135][ T4264] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  162.172629][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  163.013846][ T4297] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  163.216230][ T4297] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.236702][ T4297] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  163.307492][ T4297] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.364439][ T4297] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.378886][ T4297] usb 4-1: config 0 descriptor??
[  163.386055][ T4297] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  163.403019][ T5103] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.637020][ T4538] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  163.763503][ T5103] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.824362][ T4538] usb 5-1: Using ep0 maxpacket: 16
[  163.838232][ T4538] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  163.882970][ T4538] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  163.922501][ T4538] usb 5-1: Product: syz
[  163.963709][ T4538] usb 5-1: Manufacturer: syz
[  163.979760][ T4538] usb 5-1: SerialNumber: syz
[  164.040499][ T4538] usb 5-1: config 0 descriptor??
[  164.568311][ T4297] usb 5-1: USB disconnect, device number 2
[  164.657465][ T5103] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.040119][ T5103] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.430574][ T5103] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.461367][ T5103] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.492054][ T5103] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.522280][ T5103] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.986576][ T5131] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  165.994639][ T5127] sctp: failed to load transform for md5: -2
[  166.014327][ T5131] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  166.306829][ T5131] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  166.363320][ T5131] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.411508][ T5131] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  166.461472][ T4297] usb 4-1: USB disconnect, device number 3
[  166.502526][ T5131] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  166.561725][ T5143] can0: slcan on ttyS3.
[  166.568676][ T5131] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  166.605818][ T5131] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  166.642121][ T5131] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  166.715902][ T5131] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.757151][ T5146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.197'.
[  166.794301][ T5131] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.833369][ T5131] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  167.254458][ T5146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.197'.
[  167.304526][ T5138] can0 (unregistered): slcan off ttyS3.
[  167.393943][ T5154] netlink: set zone limit has 8 unknown bytes
[  167.853833][ T4264] Bluetooth: hci0: command 0x0c1a tx timeout
[  168.463646][ T4264] Bluetooth: hci1: command 0x0c1a tx timeout
[  169.799298][ T4264] Bluetooth: hci3: command 0x0c1a tx timeout
[  169.805645][ T4266] Bluetooth: hci2: command 0x0c1a tx timeout
[  169.943691][ T4266] Bluetooth: hci0: command 0x0406 tx timeout
[  170.493646][ T4266] Bluetooth: hci1: command 0x0406 tx timeout
[  171.853898][ T4264] Bluetooth: hci2: command 0x0406 tx timeout
[  171.860792][ T4266] Bluetooth: hci3: command 0x0406 tx timeout
[  175.174767][ T5210] capability: warning: `syz.1.209' uses deprecated v2 capabilities in a way that may be insecure
[  176.658727][ T4258] Bluetooth: hci3: Malformed LE Event: 0x0b
[  176.751251][ T5244] netlink: set zone limit has 4 unknown bytes
[  179.199350][ T5274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.218'.
[  179.365743][ T5277] netlink: 12 bytes leftover after parsing attributes in process `syz.3.218'.
[  179.654243][ T5283] vivid-007: disconnect
[  180.981291][ T5288] vivid-007: reconnect
[  181.596528][ T5302] loop3: detected capacity change from 0 to 64
[  183.094612][ T4266] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  183.105940][ T4266] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  183.115047][ T4264] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  183.126550][ T4264] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  183.136964][ T4266] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  183.144343][ T4264] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  184.456819][ T5323] chnl_net:caif_netlink_parms(): no params data found
[  184.819521][ T4358] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.160520][ T4358] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.213854][ T4258] Bluetooth: hci5: command 0x0409 tx timeout
[  185.319165][ T4358] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.370263][ T5323] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.398584][ T5323] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.417398][ T5323] device bridge_slave_0 entered promiscuous mode
[  185.495799][ T4358] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.548722][ T5323] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.561660][ T5323] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.595490][ T5323] device bridge_slave_1 entered promiscuous mode
[  185.868883][ T5323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.990065][ T5372] fuse: Bad value for 'fd'
[  186.013240][ T5372] kAFS: unable to lookup cell 'sy>7 ��O-z1'
[  186.193901][ T4299] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  186.506353][ T4299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.526668][ T5323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.566429][ T4299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.613629][ T4299] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  186.653594][ T4299] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  186.683215][ T4299] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.724648][ T4299] usb 5-1: config 0 descriptor??
[  186.885145][ T5323] team0: Port device team_slave_0 added
[  186.905939][ T5323] team0: Port device team_slave_1 added
[  187.041144][ T5323] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.090760][ T5323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.230972][ T5382] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  187.299836][ T4258] Bluetooth: hci5: command 0x041b tx timeout
[  187.786630][ T5386] loop0: detected capacity change from 0 to 64
[  187.797819][ T5323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.084067][ T5323] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.084123][ T5323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.084169][ T5323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.446513][ T5323] device hsr_slave_0 entered promiscuous mode
[  188.463657][ T5323] device hsr_slave_1 entered promiscuous mode
[  188.501862][ T5323] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.503269][ T5323] Cannot create hsr debugfs directory
[  188.995157][ T4299] usbhid 5-1:0.0: can't add hid device: -71
[  188.995236][ T4299] usbhid: probe of 5-1:0.0 failed with error -71
[  189.000301][ T4299] usb 5-1: USB disconnect, device number 3
[  189.373671][ T4258] Bluetooth: hci5: command 0x040f tx timeout
[  189.520799][ T5323] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  189.732977][ T5323] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  189.744743][ T5323] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  189.773866][ T5323] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  191.032473][ T5323] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.111894][ T5416] sctp: failed to load transform for md5: -2
[  191.127223][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  191.144545][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.246738][ T5323] 8021q: adding VLAN 0 to HW filter on device team0
[  191.350757][ T4358] device hsr_slave_0 left promiscuous mode
[  191.404416][ T4358] device hsr_slave_1 left promiscuous mode
[  191.425342][ T4358] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.445740][ T4358] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.453883][ T4266] Bluetooth: hci5: command 0x0419 tx timeout
[  191.475140][ T4358] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.482634][ T4358] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.505112][ T4358] device bridge_slave_1 left promiscuous mode
[  191.520082][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.555975][ T4358] device bridge_slave_0 left promiscuous mode
[  191.574163][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.679644][ T4358] device veth1_macvtap left promiscuous mode
[  191.710185][ T4358] device veth0_macvtap left promiscuous mode
[  191.733288][ T4358] device veth1_vlan left promiscuous mode
[  191.751648][ T4358] device veth0_vlan left promiscuous mode
[  192.560115][ T5443] loop4: detected capacity change from 0 to 2048
[  192.646844][ T5443] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  193.352214][ T5454] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.248: bg 0: block 234: padding at end of block bitmap is not set
[  193.407505][ T5454] EXT4-fs (loop4): Remounting filesystem read-only
[  193.485658][  T953] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  193.554425][ T4358] team0 (unregistering): Port device team_slave_1 removed
[  193.645634][ T4358] team0 (unregistering): Port device team_slave_0 removed
[  193.683687][  T953] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  193.703616][  T953] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  193.719972][ T4358] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.723627][  T953] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  193.753573][  T953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.780931][ T5453] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  193.823051][ T4358] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  194.041855][  T953] usb 2-1: USB disconnect, device number 3
[  194.281206][ T4249] EXT4-fs (loop4): unmounting filesystem.
[  194.505046][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.511386][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.729947][ T4358] bond0 (unregistering): Released all slaves
[  194.885054][ T5461] loop1: detected capacity change from 0 to 64
[  194.919372][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  194.969946][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  195.012762][ T4314] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.019957][ T4314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.110924][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  195.129620][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  195.139858][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  195.177407][ T4314] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.184655][ T4314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.274134][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  195.318054][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  195.387009][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  195.399809][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  195.421662][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  195.441412][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  195.645126][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  195.730474][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  195.797281][ T5323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  195.926342][ T5323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  195.962338][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  196.002058][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  196.281622][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.020597][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  198.045617][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  198.473202][ T5323] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.058316][ T5517] 9pnet_virtio: no channels available for device syz
[  199.973261][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  200.002887][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  200.561066][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  200.571774][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  200.624982][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  200.644739][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  200.672079][ T5323] device veth0_vlan entered promiscuous mode
[  200.871635][ T5323] device veth1_vlan entered promiscuous mode
[  200.976178][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  200.996607][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  201.029878][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  201.080197][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  201.146157][ T5323] device veth0_macvtap entered promiscuous mode
[  201.226934][ T5323] device veth1_macvtap entered promiscuous mode
[  201.389748][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.448179][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.528904][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.529033][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.529078][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.529320][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.529424][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.529436][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.540026][ T5323] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.541007][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  201.541535][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  201.543203][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  201.550009][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  201.582334][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.582353][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.582360][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.582370][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.582377][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.582392][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.582400][ T5323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.582409][ T5323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.591668][ T5323] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.591797][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  201.592452][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  201.617904][ T5323] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.617995][ T5323] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.618022][ T5323] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.618047][ T5323] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.693656][ T4258] Bluetooth: hci2: command 0x0406 tx timeout
[  201.703893][ T4266] Bluetooth: hci3: command 0x0406 tx timeout
[  202.561291][ T5563] tty tty27: ldisc open failed (-12), clearing slot 26
[  202.903700][ T5545] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  202.943818][ T4258] Bluetooth: hci0: command 0x0c1a tx timeout
[  202.951747][ T5545] Bluetooth: hci0: Opcode 0x0406 failed: -110
[  202.958062][ T5545] Bluetooth: hci0: Suspend notifier action (1) failed: -110
[  203.654288][ T5545] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  203.660338][ T5545] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  203.666413][ T5545] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  203.673704][ T5545] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  203.679669][ T5545] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  203.685685][ T5545] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  203.692888][ T5545] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  203.698982][ T5545] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  203.704977][ T5545] Bluetooth: hci5: Suspend notifier action (1) failed: -4
[  204.272226][ T4509] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.314999][ T4509] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.363287][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  204.454754][ T4549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.462905][ T4549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.462931][ T4334] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  204.539176][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  204.763710][ T4295] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  206.853957][ T4258] Bluetooth: hci3: command 0x0c1a tx timeout
[  206.860102][ T4258] Bluetooth: hci0: command 0x0406 tx timeout
[  206.866168][ T4258] Bluetooth: hci5: command 0x0c1a tx timeout
[  206.872213][ T4258] Bluetooth: hci2: command 0x0c1a tx timeout
[  207.193600][ T4334] usb 2-1: device not accepting address 4, error -71
[  207.258188][ T5601] device syzkaller1 entered promiscuous mode
[  207.346735][ T4295] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.383232][ T4295] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  207.414696][ T4295] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  207.471503][ T4295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.543244][ T4295] usb 5-1: config 0 descriptor??
[  207.695146][ T5607] block device autoloading is deprecated and will be removed.
[  208.183737][ T4295] usb 5-1: can't set config #0, error -71
[  208.241544][ T4295] usb 5-1: USB disconnect, device number 4
[  208.923691][ T4266] Bluetooth: hci2: command 0x0406 tx timeout
[  208.930020][ T4266] Bluetooth: hci5: command 0x0406 tx timeout
[  208.936166][ T4266] Bluetooth: hci3: command 0x0406 tx timeout
[  209.055588][ T5630] loop5: detected capacity change from 0 to 2048
[  209.142727][ T5630] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  209.204899][   T27] audit: type=1800 audit(1740572083.163:7): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.282" name="file1" dev="loop5" ino=1346 res=0 errno=0
[  215.153632][ T4539] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  215.365287][ T4539] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  215.394758][ T4539] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.429726][ T4539] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  215.478652][ T4539] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  215.525109][ T4539] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.583700][ T4539] usb 4-1: config 0 descriptor??
[  216.122450][ T5726] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  218.070598][ T5748] netlink: 40 bytes leftover after parsing attributes in process `syz.1.304'.
[  218.553463][ T4539] usbhid 4-1:0.0: can't add hid device: -71
[  218.563113][ T4539] usbhid: probe of 4-1:0.0 failed with error -71
[  218.704107][ T4539] usb 4-1: USB disconnect, device number 4
[  223.745607][ T5796] netlink: 20 bytes leftover after parsing attributes in process `syz.4.314'.
[  228.631248][ T5844] loop3: detected capacity change from 0 to 64
[  231.888065][ T5879] ptrace attach of "./syz-executor exec"[4262] was attempted by "./syz-executor exec"[5879]
[  232.010638][ T5885] netlink: 40 bytes leftover after parsing attributes in process `syz.5.334'.
[  232.063783][ T5868] random: crng reseeded on system resumption
[  235.503772][  T953] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  235.694524][  T953] usb 1-1: Using ep0 maxpacket: 8
[  235.702845][  T953] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  235.724758][  T953] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  235.752944][  T953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  235.790932][  T953] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  235.830770][  T953] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  235.885874][  T953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.932318][  T953] hub 1-1:1.0: bad descriptor, ignoring hub
[  235.952702][  T953] hub: probe of 1-1:1.0 failed with error -5
[  235.977475][  T953] cdc_wdm 1-1:1.0: skipping garbage
[  236.011243][  T953] cdc_wdm 1-1:1.0: skipping garbage
[  236.071244][  T953] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  236.096896][  T953] cdc_wdm 1-1:1.0: Unknown control protocol
[  236.121621][ T5985] 9pnet_virtio: no channels available for device syz
[  236.197006][  T953] usb 1-1: USB disconnect, device number 3
[  239.933882][ T4258] Bluetooth: hci5: command 0x0405 tx timeout
[  240.374529][ T5969] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.524863][ T5969] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.738119][ T5969] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.747948][ T5969] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.758120][ T5969] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.767509][ T5969] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.009563][ T6034] netlink: 12 bytes leftover after parsing attributes in process `syz.3.353'.
[  242.457621][ T6047] 9pnet_virtio: no channels available for device syz
[  242.653643][ T4266] Bluetooth: hci5: command 0x0405 tx timeout
[  245.650648][ T6073] 9pnet_virtio: no channels available for device syz
[  250.293573][    T7] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  250.485557][    T7] usb 5-1: unable to get BOS descriptor or descriptor too short
[  250.486012][    T7] usb 5-1: not running at top speed; connect to a high speed hub
[  250.487527][    T7] usb 5-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 911, setting to 64
[  250.487550][    T7] usb 5-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  250.487569][    T7] usb 5-1: config 1 interface 0 has no altsetting 0
[  250.489386][    T7] usb 5-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40
[  250.489406][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.489419][    T7] usb 5-1: Product: syz
[  250.489430][    T7] usb 5-1: Manufacturer: syz
[  250.489440][    T7] usb 5-1: SerialNumber: syz
[  250.491494][ T6108] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  251.771624][ T6149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.381'.
[  251.893815][ T4298] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  252.069407][ T6150] block device autoloading is deprecated and will be removed.
[  252.102469][ T4258] Bluetooth: hci0: command 0x0409 tx timeout
[  252.112428][    T7] usbhid 5-1:1.0: can't add hid device: -71
[  252.143642][    T7] usbhid: probe of 5-1:1.0 failed with error -71
[  252.157678][ T4298] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  252.173143][ T4298] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.197114][ T4298] usb 6-1: Product: syz
[  252.209547][ T4298] usb 6-1: Manufacturer: syz
[  252.223628][ T4298] usb 6-1: SerialNumber: syz
[  252.230003][    T7] usb 5-1: USB disconnect, device number 5
[  252.270605][ T4298] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  252.295554][ T6159] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.358253][ T6158] loop1: detected capacity change from 0 to 64
[  252.524130][ T4298] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  252.670643][ T6164] ALSA: mixer_oss: invalid OSS volume 'SPEA'
[  253.226073][   T26] usb 6-1: USB disconnect, device number 2
[  253.427660][ T6169] loop4: detected capacity change from 0 to 2048
[  253.620413][ T6169] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  253.623561][ T4298] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  253.725089][ T4298] ath9k_htc: Failed to initialize the device
[  253.734351][   T26] usb 6-1: ath9k_htc: USB layer deinitialized
[  253.762404][ T6152] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.771166][ T6152] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.981787][ T6152] infiniband syz0: set down
[  254.021084][ T6182] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.386: bg 0: block 234: padding at end of block bitmap is not set
[  254.071094][ T6182] EXT4-fs (loop4): Remounting filesystem read-only
[  254.771796][ T6152] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.869023][ T6152] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.877401][ T6184] loop5: detected capacity change from 0 to 2048
[  254.913036][ T6184] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  255.092281][ T4249] EXT4-fs (loop4): unmounting filesystem.
[  255.231974][ T6192] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.398: bg 0: block 234: padding at end of block bitmap is not set
[  255.299212][ T6192] EXT4-fs (loop5): Remounting filesystem read-only
[  255.890675][ T6152] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.900436][ T6152] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.909748][ T6152] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.923415][ T6152] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.935731][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.942171][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  255.979118][   T14] bond0 speed is unknown, defaulting to 1000
[  256.014002][  T126] bond0 speed is unknown, defaulting to 1000
[  256.298171][ T6207] 9pnet_virtio: no channels available for device syz
[  257.069188][ T6207] ISOFS: Unable to identify CD-ROM format.
[  257.233105][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.391'.
[  257.242312][ T6207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.249971][ T6207] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.266160][ T6207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.273691][ T6207] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.720096][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  259.052697][ T4296] kernel write not supported for file /sysvipc/msg (pid: 4296 comm: kworker/0:4)
[  259.275279][ T6249] syz.0.399[6249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  259.275786][ T6249] syz.0.399[6249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  259.861519][ T4258] Bluetooth: hci1: command 0x1003 tx timeout
[  259.893612][ T4266] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  260.519328][ T6241] netlink: 'syz.5.400': attribute type 4 has an invalid length.
[  261.116749][ T4300] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  261.238335][ T6282] tmpfs: Unknown parameter 'usrquota'
[  261.306694][ T4300] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  261.368729][ T4300] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  261.376110][ T6283] can0: slcan on ttyS3.
[  261.429149][ T4300] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  261.458817][ T4300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.700606][ T4300] usb 4-1: USB disconnect, device number 5
[  261.889776][ T6303] 9pnet_virtio: no channels available for device syz
[  262.084451][ T6279] can0 (unregistered): slcan off ttyS3.
[  265.269664][ T6358] rdma_rxe: rxe_register_device failed with error -23
[  265.277696][ T6358] rdma_rxe: failed to add bond0
[  266.198531][ T4296] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  266.299451][ T6366] netlink: 4 bytes leftover after parsing attributes in process `syz.5.429'.
[  266.415499][ T4296] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  266.430317][ T4296] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  266.440369][ T4296] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  266.457170][ T4296] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.886335][ T4300] usb 4-1: USB disconnect, device number 6
[  268.007717][ T6362] ALSA: mixer_oss: invalid OSS volume 'SPEA'
[  269.274067][ T6388] loop1: detected capacity change from 0 to 2048
[  269.298263][ T6392] loop5: detected capacity change from 0 to 64
[  269.440429][ T6388] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  269.616491][ T6388] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.432: bg 0: block 234: padding at end of block bitmap is not set
[  269.630949][ T6388] EXT4-fs (loop1): Remounting filesystem read-only
[  270.124498][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  270.227508][ T6401] 9pnet_virtio: no channels available for device syz
[  270.318292][ T4266] Bluetooth: hci2: unexpected event for opcode 0x1005
[  270.769628][ T6415] ISOFS: Unable to identify CD-ROM format.
[  270.856505][ T6415] netlink: 4 bytes leftover after parsing attributes in process `syz.4.435'.
[  270.865569][ T6415] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.878891][ T6415] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.632455][ T6453] 9pnet_virtio: no channels available for device syz
[  276.699098][ T6454] loop1: detected capacity change from 0 to 2048
[  276.865074][ T6454] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  277.747347][ T6454] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.446: bg 0: block 234: padding at end of block bitmap is not set
[  277.761990][ T6454] EXT4-fs (loop1): Remounting filesystem read-only
[  277.851618][ T6464] loop5: detected capacity change from 0 to 64
[  277.882491][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  278.662418][ T6472] 9pnet_virtio: no channels available for device syz
[  284.149875][ T6518] 9pnet_virtio: no channels available for device syz
[  285.890649][ T6519] loop5: detected capacity change from 0 to 2048
[  285.980581][ T6519] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  286.139193][ T6519] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.460: bg 0: block 234: padding at end of block bitmap is not set
[  286.164347][ T6519] EXT4-fs (loop5): Remounting filesystem read-only
[  286.353800][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  288.391393][ T6540] netlink: 4 bytes leftover after parsing attributes in process `syz.1.464'.
[  288.392084][ T6540] netlink: 12 bytes leftover after parsing attributes in process `syz.1.464'.
[  290.381703][   T22] libceph: connect (1)[c::]:6789 error -101
[  290.381805][   T22] libceph: mon0 (1)[c::]:6789 connect error
[  290.458784][ T6546] ceph: No mds server is up or the cluster is laggy
[  290.921563][ T6559] 9pnet_virtio: no channels available for device syz
[  294.588057][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.1.470'.
[  295.220010][ T6587] loop3: detected capacity change from 0 to 2048
[  295.590954][ T6587] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  296.722073][ T6603] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.473: bg 0: block 234: padding at end of block bitmap is not set
[  296.883543][ T6603] EXT4-fs (loop3): Remounting filesystem read-only
[  297.064113][ T4262] EXT4-fs (loop3): unmounting filesystem.
[  297.258215][ T4258] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  297.269263][ T4258] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  297.278228][ T4258] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  297.286286][ T4258] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  297.295992][ T4258] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  297.303654][ T4258] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  297.357745][ T6601] input: syz0 as /devices/virtual/input/input6
[  297.419779][ T6607] bond0 speed is unknown, defaulting to 1000
[  300.494850][ T4258] Bluetooth: hci0: command 0x0409 tx timeout
[  300.751091][ T6607] chnl_net:caif_netlink_parms(): no params data found
[  300.754336][ T6638] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  300.791575][ T6638] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  300.828144][ T6638] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  300.846531][ T6638] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  300.862850][ T6638] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  300.892521][ T6638] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  300.910225][ T6638] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  300.919337][ T6638] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  300.929696][ T6638] Bluetooth: hci5: Suspend notifier action (1) failed: -4
[  300.939996][ T6638] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  300.949025][ T6638] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  300.961494][ T6638] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  301.463971][ T6607] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.483855][ T6607] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.492108][ T6607] device bridge_slave_0 entered promiscuous mode
[  301.549149][ T6607] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.600635][ T6607] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.650115][ T6607] device bridge_slave_1 entered promiscuous mode
[  302.875373][ T4258] Bluetooth: hci3: command 0x0c1a tx timeout
[  302.903001][ T4258] Bluetooth: hci2: command 0x0c1a tx timeout
[  302.966260][ T6656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'.
[  302.976775][ T4258] Bluetooth: hci0: command 0x040f tx timeout
[  302.976802][ T4266] Bluetooth: hci5: command 0x0c1a tx timeout
[  302.979613][ T6607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.537869][ T6607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.751575][ T6688] netlink: 12 bytes leftover after parsing attributes in process `syz.0.492'.
[  304.281306][ T6607] team0: Port device team_slave_0 added
[  304.297506][ T6607] team0: Port device team_slave_1 added
[  304.992401][ T4258] Bluetooth: hci3: command 0x0406 tx timeout
[  304.998747][ T4258] Bluetooth: hci2: command 0x0406 tx timeout
[  305.140888][ T4264] Bluetooth: hci5: command 0x0406 tx timeout
[  305.147667][ T4258] Bluetooth: hci0: command 0x0419 tx timeout
[  305.174356][ T6697] device netdevsim0 entered promiscuous mode
[  305.272784][ T6607] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.293069][ T6607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.327521][ T6607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.541919][ T6607] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.553046][ T6607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.584181][ T6607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.233813][ T6721] random: crng reseeded on system resumption
[  306.944177][ T6722] bond0 speed is unknown, defaulting to 1000
[  307.213589][ T4258] Bluetooth: hci0: command 0x0407 tx timeout
[  307.283104][ T6728] input: syz0 as /devices/virtual/input/input7
[  307.312366][ T6607] device hsr_slave_0 entered promiscuous mode
[  307.352530][ T6607] device hsr_slave_1 entered promiscuous mode
[  307.628710][ T6607] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  307.628972][ T6607] Cannot create hsr debugfs directory
[  308.163371][ T4343] device hsr_slave_0 left promiscuous mode
[  308.164285][ T4343] device hsr_slave_1 left promiscuous mode
[  309.293883][ T4264] Bluetooth: hci0: command 0x0c1a tx timeout
[  311.405153][ T4264] Bluetooth: hci0: command 0x0406 tx timeout
[  311.922428][ T4343] team0 (unregistering): Port device team_slave_1 removed
[  312.030919][ T4343] team0 (unregistering): Port device team_slave_0 removed
[  312.968939][ T6785] 9pnet_virtio: no channels available for device syz
[  313.453586][ T6775] ALSA: mixer_oss: invalid OSS volume ''
[  315.960539][ T6607] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  316.032715][ T6607] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  316.118113][ T6607] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  316.147534][ T6607] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  316.253632][ T4258] Bluetooth: hci0: command 0x0405 tx timeout
[  317.204390][ T6607] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.389058][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  317.395442][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  317.416895][ T5936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  317.474352][ T5936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  317.522477][ T6607] 8021q: adding VLAN 0 to HW filter on device team0
[  317.732509][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  318.120383][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.330027][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.337264][ T5934] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.607965][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  318.640322][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.668026][ T6825] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  318.675036][ T6825] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  318.683074][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.691606][ T5934] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.732173][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  318.757071][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  318.773744][ T6825] vhci_hcd vhci_hcd.0: Device attached
[  318.928430][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  318.951222][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  319.013626][ T4300] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  319.026384][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  319.065050][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  319.095904][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  319.126775][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  319.154497][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  319.183875][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  319.213917][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.248950][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  319.287655][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  320.759650][ T6827] vhci_hcd: connection reset by peer
[  320.779423][ T5929] vhci_hcd: stop threads
[  320.794818][ T5929] vhci_hcd: release socket
[  320.805950][ T5929] vhci_hcd: disconnect device
[  321.796777][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  321.815529][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  321.828559][ T6607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.646694][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  323.665019][ T6173] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  323.668557][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  323.820632][ T5946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  323.846743][ T5946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  323.863595][ T6173] usb 1-1: Using ep0 maxpacket: 8
[  323.870372][ T6173] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  323.909131][ T6607] device veth0_vlan entered promiscuous mode
[  323.933166][ T6173] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  323.959435][ T5946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  323.967633][ T5946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  323.975396][ T6173] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  323.986430][ T6173] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  323.998092][ T6173] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.017673][ T6173] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  324.039675][ T6173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.039956][ T6607] device veth1_vlan entered promiscuous mode
[  324.150238][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  324.177620][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  324.185594][ T4300] vhci_hcd: vhci_device speed not set
[  324.396077][ T6173] usb 1-1: GET_CAPABILITIES returned 0
[  324.401590][ T6173] usbtmc 1-1:16.0: can't read capabilities
[  324.418330][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  325.156968][   T26] usb 1-1: USB disconnect, device number 4
[  325.193876][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  325.263226][ T6607] device veth0_macvtap entered promiscuous mode
[  325.311319][ T6607] device veth1_macvtap entered promiscuous mode
[  325.357603][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.397734][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.407784][ T6173] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  325.467155][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.522431][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.550008][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.569538][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  325.588772][ T6173] usb 2-1: unable to get BOS descriptor or descriptor too short
[  325.600917][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  325.610973][ T6173] usb 2-1: not running at top speed; connect to a high speed hub
[  325.623304][ T6173] usb 2-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 911, setting to 64
[  325.655702][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.662738][ T6173] usb 2-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  325.676818][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.696564][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.720473][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.803572][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.812491][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  325.836871][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  325.891077][ T6607] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.914722][ T6173] usb 2-1: config 1 interface 0 has no altsetting 0
[  325.922954][ T6607] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.933027][ T6607] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.942968][ T6607] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.952401][ T6173] usb 2-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40
[  325.969917][ T6173] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.033026][ T6173] usb 2-1: Product: syz
[  326.107958][ T6173] usb 2-1: Manufacturer: syz
[  326.112892][ T6173] usb 2-1: SerialNumber: syz
[  326.137929][ T6894] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  327.235887][ T4258] Bluetooth: hci2: command 0x0409 tx timeout
[  327.463325][ T6173] usbhid 2-1:1.0: can't add hid device: -71
[  327.540067][ T5946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.578599][ T5946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.593640][ T6173] usbhid: probe of 2-1:1.0 failed with error -71
[  327.610328][ T6173] usb 2-1: USB disconnect, device number 6
[  327.675942][ T5934] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  327.861484][ T5934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.905868][ T5934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.977280][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  335.574095][ T7001] tmpfs: Bad value for 'mpol'
[  339.659781][ T7034] netlink: set zone limit has 8 unknown bytes
[  341.463705][ T7044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  341.531271][ T7035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  341.594199][ T7038] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  343.688615][ T7064] team0: No ports can be present during mode change
[  343.734347][ T7068] XFS (nullb0): Invalid superblock magic number
[  343.942190][ T7064] device vlan0 entered promiscuous mode
[  344.079581][ T7064] team0: Port device vlan0 added
[  347.775117][ T4258] Bluetooth: hci0: link tx timeout
[  347.792555][ T4258] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  349.146782][ T7120] Bluetooth: MGMT ver 1.22
[  349.853611][ T4258] Bluetooth: hci0: command 0x0406 tx timeout
[  354.132230][ T4264] Bluetooth: hci0: link tx timeout
[  354.137509][ T4264] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  355.303818][ T4264] Bluetooth: hci5: command 0x0406 tx timeout
[  357.730230][ T7204] netlink: 268 bytes leftover after parsing attributes in process `syz.3.597'.
[  360.681384][ T7225] netlink: 32 bytes leftover after parsing attributes in process `syz.0.603'.
[  361.004356][ T7219] device veth1_macvtap left promiscuous mode
[  361.341039][ T4258] Bluetooth: hci0: link tx timeout
[  361.346944][ T4258] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  361.356144][ T4258] Bluetooth: hci0: link tx timeout
[  361.361984][ T4258] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  362.203825][ T7225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.603'.
[  363.272003][ T7225] device macvtap1 entered promiscuous mode
[  363.279557][ T7225] device bridge0 entered promiscuous mode
[  363.339120][ T7229] device bridge0 left promiscuous mode
[  364.334600][ T7263] netlink: 268 bytes leftover after parsing attributes in process `syz.0.612'.
[  368.303511][   T22] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  369.043521][   T22] usb 6-1: Using ep0 maxpacket: 32
[  369.050842][   T22] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  369.082226][   T22] usb 6-1: config 0 has no interface number 0
[  369.107524][   T22] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  369.147615][   T22] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.166528][   T22] usb 6-1: Product: syz
[  369.194223][   T22] usb 6-1: Manufacturer: syz
[  369.212741][   T22] usb 6-1: SerialNumber: syz
[  369.242782][   T22] usb 6-1: config 0 descriptor??
[  369.271287][   T22] smsc95xx v2.0.0
[  369.275083][   T22] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  369.285528][   T22] smsc95xx: probe of 6-1:0.67 failed with error -22
[  371.694081][   T22] usb 6-1: USB disconnect, device number 3
[  372.793794][ T7329] random: crng reseeded on system resumption
[  373.113316][ T7330] bond0 speed is unknown, defaulting to 1000
[  376.757894][   T27] audit: type=1326 audit(1740572250.713:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  376.926149][   T27] audit: type=1326 audit(1740572250.713:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  376.993793][   T27] audit: type=1326 audit(1740572250.713:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.116510][   T27] audit: type=1326 audit(1740572250.713:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.232918][ T7387] netlink: 28 bytes leftover after parsing attributes in process `syz.0.628'.
[  377.295328][   T27] audit: type=1326 audit(1740572250.713:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.424413][   T27] audit: type=1326 audit(1740572250.713:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.531415][   T27] audit: type=1326 audit(1740572250.713:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.677669][   T27] audit: type=1326 audit(1740572250.713:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  377.795780][ T7396] loop3: detected capacity change from 0 to 16
[  378.380501][ T7396] erofs: (device loop3): mounted with root inode @ nid 36.
[  378.490436][   T27] audit: type=1326 audit(1740572250.713:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  378.573778][   T27] audit: type=1326 audit(1740572250.713:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.3.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f572438d169 code=0x7fc00000
[  378.706007][ T4297] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  378.847590][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  378.854085][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  379.083301][ T4297] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  379.238514][ T7411] random: crng reseeded on system resumption
[  380.622809][ T7426] loop6: detected capacity change from 0 to 8192
[  382.989373][ T7505] loop1: detected capacity change from 0 to 1024
[  383.118429][ T7505] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  383.162894][ T7505] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  383.207683][ T7505] EXT4-fs error (device loop1): ext4_get_journal_inode:5723: inode #5: comm syz.1.646: unexpected bad inode w/o EXT4_IGET_BAD
[  383.291030][ T7505] EXT4-fs (loop1): no journal found
[  383.309269][ T7505] EXT4-fs (loop1): can't get journal size
[  383.357823][ T7505] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  383.460268][ T7505] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  383.663058][ T7526] loop6: detected capacity change from 0 to 2048
[  383.701572][ T7526] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  383.719605][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  383.779423][ T7526] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  384.416880][ T7558] loop6: detected capacity change from 0 to 256
[  384.565623][ T7563] loop5: detected capacity change from 0 to 2048
[  384.582360][ T7558] loop6: detected capacity change from 256 to 0
[  384.609679][    C1] I/O error, dev loop6, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  384.614318][ T7563] EXT4-fs: Ignoring removed mblk_io_submit option
[  384.625841][ T7564] FAT-fs (loop6): Directory bread(block 3) failed
[  384.708703][ T7563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  384.744575][    C1] I/O error, dev loop6, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  384.764654][ T7572] loop1: detected capacity change from 0 to 2048
[  384.795089][ T7572] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  384.897296][ T6607] FAT-fs (loop6): Directory bread(block 3) failed
[  385.566581][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  385.575853][ T6607] FAT-fs (loop6): unable to read boot sector to mark fs as dirty
[  385.853044][ T4336] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm kworker/u4:7: bg 0: block 234: padding at end of block bitmap is not set
[  385.901176][ T4336] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 968 with error 28
[  385.933485][ T4336] EXT4-fs (loop5): This should not happen!! Data will be lost
[  385.933485][ T4336] 
[  385.947584][ T4336] EXT4-fs (loop5): Total free blocks count 0
[  385.954039][ T6607] syz-executor (6607) used greatest stack depth: 19960 bytes left
[  385.963218][ T4336] EXT4-fs (loop5): Free/Dirty block details
[  385.972041][ T4336] EXT4-fs (loop5): free_blocks=0
[  385.991933][ T4336] EXT4-fs (loop5): dirty_blocks=976
[  386.003832][ T4336] EXT4-fs (loop5): Block reservation details
[  386.018823][ T4336] EXT4-fs (loop5): i_reserved_data_blocks=61
[  386.122825][ T5921] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.124691][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  386.330420][ T5921] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.500791][ T5921] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.813728][ T4296] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  386.891269][ T5921] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.895393][ T4296] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  387.934157][ T4296] usb 6-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  387.943254][ T4296] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.028083][ T4296] usb 6-1: config 0 descriptor??
[  388.296962][ T4264] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  388.309604][ T4264] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  388.319552][ T4264] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  388.328967][ T4264] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  388.338115][ T4266] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  388.345906][ T4266] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  388.445449][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.452857][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.490890][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.510548][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.539763][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.540734][ T7629] bond0 speed is unknown, defaulting to 1000
[  388.560084][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.578085][ T4296] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  388.616325][ T7641] loop3: detected capacity change from 0 to 1024
[  388.641405][ T4296] lg-g15 0003:046D:C222.0002: hidraw0: USB HID v10.00 Device [HID 046d:c222] on usb-dummy_hcd.5-1/input0
[  388.756500][ T4296] usb 6-1: USB disconnect, device number 4
[  388.804788][ T7641] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  388.986124][ T7651] loop1: detected capacity change from 0 to 2048
[  389.078094][ T7651] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  389.487494][ T7665] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.690: bg 0: block 234: padding at end of block bitmap is not set
[  389.509844][ T7665] EXT4-fs (loop1): Remounting filesystem read-only
[  389.671043][ T4262] EXT4-fs (loop3): unmounting filesystem.
[  390.064605][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  390.128432][ T7629] chnl_net:caif_netlink_parms(): no params data found
[  390.403581][ T7685] Bluetooth: MGMT ver 1.22
[  390.413721][ T4266] Bluetooth: hci0: command 0x0409 tx timeout
[  390.635218][ T4297] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  390.923576][ T4297] usb 6-1: Using ep0 maxpacket: 8
[  391.209140][ T4297] usb 6-1: unable to get BOS descriptor or descriptor too short
[  391.235733][ T4297] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  391.254864][ T4297] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  391.272537][ T4297] usb 6-1: config 1 has no interface number 1
[  391.279082][ T4297] usb 6-1: too many endpoints for config 1 interface 2 altsetting 255: 40, using maximum allowed: 30
[  391.290749][ T4297] usb 6-1: config 1 interface 2 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 40
[  391.305544][ T4297] usb 6-1: config 1 interface 2 has no altsetting 0
[  391.319047][ T7629] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.325601][ T4297] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  391.338013][ T7629] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.345459][ T4297] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.345487][ T4297] usb 6-1: Product: syz
[  391.345503][ T4297] usb 6-1: Manufacturer: syz
[  391.345520][ T4297] usb 6-1: SerialNumber: syz
[  391.419379][ T7629] device bridge_slave_0 entered promiscuous mode
[  391.465260][ T7629] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.522865][ T7629] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.541620][ T7629] device bridge_slave_1 entered promiscuous mode
[  391.719126][ T4297] hub 6-1:1.2: Invalid hub with more than one config or interface
[  391.793640][ T4297] hub: probe of 6-1:1.2 failed with error -22
[  392.987186][ T4266] Bluetooth: hci0: command 0x041b tx timeout
[  393.214183][ T4297] usb 6-1: USB disconnect, device number 5
[  393.436897][ T7629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.512929][ T7629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.838333][ T5921] device hsr_slave_0 left promiscuous mode
[  393.859981][ T5921] device hsr_slave_1 left promiscuous mode
[  394.459672][ T5921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  394.473330][ T5921] batman_adv: batadv0: Removing interface: batadv_slave_0
[  394.538845][ T5921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  394.553752][ T5921] batman_adv: batadv0: Removing interface: batadv_slave_1
[  394.603268][ T5921] device bridge_slave_1 left promiscuous mode
[  394.615587][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.737167][ T5921] device bridge_slave_0 left promiscuous mode
[  394.746919][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.860223][ T7750] loop5: detected capacity change from 0 to 512
[  394.924832][ T7750] EXT4-fs (loop5): Test dummy encryption mode enabled
[  394.932955][ T7750] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  394.953543][ T7750] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  394.973528][ T7750] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.713: bad orphan inode 11
[  394.990262][ T7750] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  395.001316][ T5921] device veth1_macvtap left promiscuous mode
[  395.015850][ T5921] device veth0_macvtap left promiscuous mode
[  395.030378][ T5921] device veth1_vlan left promiscuous mode
[  395.044369][ T5921] device veth0_vlan left promiscuous mode
[  395.143696][ T4258] Bluetooth: hci0: command 0x040f tx timeout
[  395.182565][ T7750] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  395.206310][ T7750] EXT4-fs error (device loop5): __ext4_new_inode:1075: comm syz.5.713: reserved inode found cleared - inode=18
[  395.315173][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  395.499649][ T7764] loop5: detected capacity change from 0 to 2048
[  395.706873][ T7764] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  396.863188][ T7774] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.717: bg 0: block 234: padding at end of block bitmap is not set
[  396.880853][ T7774] EXT4-fs (loop5): Remounting filesystem read-only
[  397.222255][ T4258] Bluetooth: hci0: command 0x0419 tx timeout
[  397.399114][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  397.435881][ T5921] team0 (unregistering): Port device team_slave_1 removed
[  397.520058][ T5921] team0 (unregistering): Port device team_slave_0 removed
[  397.601528][ T5921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  397.625195][ T4258] Bluetooth: hci5: unexpected event for opcode 0x1003
[  397.662519][ T5921] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  398.626197][ T7791] loop5: detected capacity change from 0 to 1024
[  398.790947][ T7791] hfsplus: xattr searching failed
[  398.810317][   T27] kauditd_printk_skb: 39 callbacks suppressed
[  398.810333][   T27] audit: type=1800 audit(1740572272.763:57): pid=7791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.726" name="memory.events" dev="loop5" ino=2 res=0 errno=0
[  398.830543][ T7796] hfsplus: xattr searching failed
[  398.914977][   T75] hfsplus: bad catalog file entry
[  398.927890][   T75] hfsplus: b-tree write err: -5, ino 3
[  399.055478][ T5921] bond0 (unregistering): Released all slaves
[  399.081110][ T7798] loop5: detected capacity change from 0 to 2048
[  399.164536][ T7798] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  399.409169][ T7629] team0: Port device team_slave_0 added
[  399.428778][ T7748] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  399.548973][ T7804] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.729: bg 0: block 234: padding at end of block bitmap is not set
[  399.567032][ T7804] EXT4-fs (loop5): Remounting filesystem read-only
[  399.758803][ T7629] team0: Port device team_slave_1 added
[  400.122793][ T7629] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.182994][ T7629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.218981][ T7629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.232434][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  400.245594][ T7629] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.252574][ T7629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.290241][ T7629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.493384][ T7629] device hsr_slave_0 entered promiscuous mode
[  400.530207][ T7629] device hsr_slave_1 entered promiscuous mode
[  400.537397][ T7629] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  400.558572][ T7629] Cannot create hsr debugfs directory
[  401.704275][ T4258] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  401.717808][ T4258] Bluetooth: hci5: Injecting HCI hardware error event
[  401.873035][ T4266] Bluetooth: hci5: hardware error 0x00
[  402.569870][ T7857] loop5: detected capacity change from 0 to 256
[  402.605620][ T7629] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  402.629740][ T7856] loop1: detected capacity change from 0 to 2048
[  402.640052][ T7629] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  402.674018][ T7629] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  402.713690][ T7629] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  402.801032][ T7856] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  402.860459][   T27] audit: type=1804 audit(1740572276.813:58): pid=7857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.744" name="/newroot/105/file1/file0" dev="loop5" ino=1048606 res=1 errno=0
[  403.071802][   T27] audit: type=1800 audit(1740572276.813:59): pid=7857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.744" name="file0" dev="loop5" ino=1048606 res=0 errno=0
[  403.404767][ T7629] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.420532][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  403.434622][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  403.446486][ T7629] 8021q: adding VLAN 0 to HW filter on device team0
[  403.468432][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  403.482383][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  403.521274][ T4336] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.528455][ T4336] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.671432][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  403.721458][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  403.774895][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  403.797594][ T4336] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.804796][ T4336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.822964][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  403.853043][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  403.867059][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  403.889947][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  403.929343][ T7629] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  404.007034][ T7629] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  404.030743][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  404.296983][ T4266] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  404.317636][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  404.425998][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  404.727844][ T7877] loop5: detected capacity change from 0 to 1024
[  404.736917][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  404.767747][ T7877] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  404.808613][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  404.818169][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  404.827199][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  404.836016][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  405.491435][ T7904] netlink: 4 bytes leftover after parsing attributes in process `syz.5.758'.
[  405.550012][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.5.758'.
[  405.577960][ T7901] kvm: emulating exchange as write
[  405.637693][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  405.649987][ T5921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  405.699544][ T7629] 8021q: adding VLAN 0 to HW filter on device batadv0
[  405.804560][ T7910] af_packet: tpacket_rcv: packet too big, clamped from 3698 to 2928. macoff=96
[  406.637087][ T7934] loop5: detected capacity change from 0 to 256
[  406.651935][ T7934] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  406.933991][ T7934] FAT-fs (loop5): Directory bread(block 64) failed
[  406.940737][ T7934] FAT-fs (loop5): Directory bread(block 65) failed
[  406.947895][ T7934] FAT-fs (loop5): Directory bread(block 66) failed
[  406.954692][ T7934] FAT-fs (loop5): Directory bread(block 67) failed
[  406.961718][ T7934] FAT-fs (loop5): Directory bread(block 68) failed
[  406.968616][ T7934] FAT-fs (loop5): Directory bread(block 69) failed
[  406.976464][ T7934] FAT-fs (loop5): Directory bread(block 70) failed
[  406.983118][ T7934] FAT-fs (loop5): Directory bread(block 71) failed
[  406.990206][ T7934] FAT-fs (loop5): Directory bread(block 72) failed
[  406.996893][ T7934] FAT-fs (loop5): Directory bread(block 73) failed
[  407.857758][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  407.905940][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  407.963202][ T7941] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.765' sets config #0
[  408.031468][ T7629] device veth0_vlan entered promiscuous mode
[  408.081069][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  408.120137][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  408.167823][ T7629] device veth1_vlan entered promiscuous mode
[  408.228114][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  408.256952][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  408.339223][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  408.453270][ T7947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.767'.
[  408.473572][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  408.514449][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  408.532533][ T7947] netlink: 16 bytes leftover after parsing attributes in process `syz.0.767'.
[  408.575368][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  408.625953][ T7629] device veth0_macvtap entered promiscuous mode
[  408.674042][ T7629] device veth1_macvtap entered promiscuous mode
[  408.717049][ T7629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.727589][ T7629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.786472][ T7629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  408.858953][ T7629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.873083][ T7629] batman_adv: batadv0: Interface activated: batadv_slave_0
[  408.884948][ T7629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.895878][ T7629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.905823][ T7629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.944827][ T7629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.970508][ T7629] batman_adv: batadv0: Interface activated: batadv_slave_1
[  409.016686][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  409.026572][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  409.044916][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  409.070642][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  409.094828][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  409.121197][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  409.136219][ T7957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'.
[  409.196433][ T7629] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  409.207616][ T7629] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  409.234672][ T7629] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  409.262909][ T7629] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  409.295142][ T7961] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'.
[  409.688016][ T5954] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  409.720758][ T5954] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  409.791727][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  409.815869][ T5940] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  409.848126][ T5940] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.003243][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  410.528756][ T7992] loop5: detected capacity change from 0 to 164
[  411.103656][ T6015] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  411.323265][ T6015] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  411.531612][ T6015] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  411.626281][ T6015] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  411.687882][ T6015] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.719519][ T6015] usb 8-1: Product: syz
[  411.731116][ T6015] usb 8-1: Manufacturer: syz
[  411.748858][ T6015] usb 8-1: SerialNumber: syz
[  411.764703][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.787'.
[  411.798150][ T8015] netlink: 12 bytes leftover after parsing attributes in process `syz.0.787'.
[  411.988744][ T6015] usb 8-1: 0:2 : does not exist
[  412.038909][ T6015] usb 8-1: 5:0: cannot get min/max values for control 2 (id 5)
[  412.071757][ T6015] usb 8-1: 5:0: cannot get min/max values for control 3 (id 5)
[  412.097241][ T6015] usb 8-1: 5:0: cannot get min/max values for control 5 (id 5)
[  412.121410][ T6015] usb 8-1: 5:0: failed to get current value for ch 1 (-22)
[  412.150394][ T6015] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  412.207891][ T6015] usb 8-1: 5:0: cannot get min/max values for control 3 (id 5)
[  412.231752][ T6015] usb 8-1: 5:0: cannot get min/max values for control 5 (id 5)
[  412.256394][ T6015] usb 8-1: 5:0: cannot get min/max values for control 2 (id 5)
[  412.284991][ T6015] usb 8-1: USB disconnect, device number 2
[  412.566383][ T4636] udevd[4636]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  413.668473][ T8073] loop5: detected capacity change from 0 to 256
[  413.669403][ T8073] exfat: Deprecated parameter 'namecase'
[  413.869972][ T8073] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  414.088849][ T8085] netlink: 4 bytes leftover after parsing attributes in process `syz.7.801'.
[  414.154558][ T8085] netlink: 12 bytes leftover after parsing attributes in process `syz.7.801'.
[  414.773656][   T14] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  414.966587][   T14] usb 8-1: unable to get BOS descriptor or descriptor too short
[  414.995045][   T14] usb 8-1: config 12 has an invalid interface number: 183 but max is 0
[  415.024121][   T14] usb 8-1: config 12 has no interface number 0
[  415.038935][   T14] usb 8-1: config 12 interface 183 altsetting 10 endpoint 0xB has invalid maxpacket 26009, setting to 64
[  415.070852][   T14] usb 8-1: config 12 interface 183 altsetting 10 has an invalid endpoint with address 0x0, skipping
[  415.091567][   T14] usb 8-1: config 12 interface 183 has no altsetting 0
[  415.102128][   T14] usb 8-1: New USB device found, idVendor=7392, idProduct=7822, bcdDevice=fe.66
[  415.135965][   T14] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.145498][ T8125] overlayfs: failed to clone upperpath
[  415.162153][   T14] usb 8-1: Product: syz
[  415.170443][   T14] usb 8-1: Manufacturer: syz
[  415.180596][   T14] usb 8-1: SerialNumber: syz
[  415.409663][   T14] usb 8-1: USB disconnect, device number 3
[  415.527313][ T8138] loop1: detected capacity change from 0 to 256
[  415.863055][ T8153] loop5: detected capacity change from 0 to 128
[  416.067210][ T8153] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  416.103733][ T8153] System zones: 1-3, 19-19, 35-36
[  416.123284][ T8153] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  416.355790][ T8153] ext4 filesystem being mounted at /118/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  417.006415][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  417.920112][ T8184] loop7: detected capacity change from 0 to 128
[  418.185670][ T4264] Bluetooth: hci3: unexpected event for opcode 0x200b
[  418.685570][ T8184] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  418.715598][ T8184] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  419.157699][ T7629] EXT4-fs (loop7): unmounting filesystem.
[  419.496413][ T8208] loop1: detected capacity change from 0 to 2048
[  419.576382][ T8208] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  420.159047][ T8222] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.836: bg 0: block 234: padding at end of block bitmap is not set
[  420.216926][ T8222] EXT4-fs (loop1): Remounting filesystem read-only
[  420.684832][ T4252] EXT4-fs (loop1): unmounting filesystem.
[  421.166015][ T8253] loop1: detected capacity change from 0 to 128
[  421.317175][ T8261] syz.1.847: attempt to access beyond end of device
[  421.317175][ T8261] loop1: rw=2049, sector=217, nr_sectors = 1 limit=128
[  424.864703][ T8298] loop1: detected capacity change from 0 to 256
[  424.943846][ T8298] loop1: detected capacity change from 256 to 0
[  425.135520][ T6015] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  425.269134][    C0] I/O error, dev loop1, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  425.278676][ T4252] FAT-fs (loop1): Directory bread(block 3) failed
[  425.325299][ T6015] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  425.353765][ T6015] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.441637][ T6015] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  425.473550][ T6015] usb 8-1: New USB device found, idVendor=056a, idProduct=0303, bcdDevice= 0.00
[  425.484790][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  425.489291][ T6015] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.502468][ T4252] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[  425.541714][ T6015] usb 8-1: config 0 descriptor??
[  425.739322][ T8318] fuse: Bad value for 'fd'
[  425.980580][ T6015] wacom 0003:056A:0303.0003: collection stack underflow
[  425.983257][ T4336] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.001082][ T6015] wacom 0003:056A:0303.0003: item 0 1 0 12 parsing failed
[  426.022589][ T6015] wacom 0003:056A:0303.0003: parse failed
[  426.046611][ T6015] wacom: probe of 0003:056A:0303.0003 failed with error -22
[  426.177223][ T4297] usb 8-1: USB disconnect, device number 4
[  426.180407][ T4336] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.392350][ T4336] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.516206][ T4336] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.569353][ T8331] input: syz1 as /devices/virtual/input/input9
[  427.911153][ T8348] netlink: 104 bytes leftover after parsing attributes in process `syz.7.877'.
[  428.044190][ T4266] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  428.073663][ T4258] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  428.084009][ T4258] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  428.094843][ T4258] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  428.113867][ T4258] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  428.121167][ T4258] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  428.348146][ T8350] bond0 speed is unknown, defaulting to 1000
[  429.180213][ T8384] loop5: detected capacity change from 0 to 1024
[  429.279954][ T8384] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  429.306842][ T8391] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  430.083322][ T8409] loop5: detected capacity change from 0 to 2048
[  430.173708][ T4264] Bluetooth: hci1: command 0x0409 tx timeout
[  430.282136][ T8350] chnl_net:caif_netlink_parms(): no params data found
[  430.304460][ T8409] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  430.374394][ T4336] device hsr_slave_0 left promiscuous mode
[  430.425300][ T4336] device hsr_slave_1 left promiscuous mode
[  430.498836][ T4336] device bridge_slave_1 left promiscuous mode
[  430.678970][ T4336] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.721702][ T4336] device bridge_slave_0 left promiscuous mode
[  430.729302][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  430.743548][ T4336] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.911278][ T4336] device veth0_macvtap left promiscuous mode
[  430.948603][ T4336] device veth1_vlan left promiscuous mode
[  430.957282][ T8431] loop5: detected capacity change from 0 to 512
[  430.967472][ T4336] device veth0_vlan left promiscuous mode
[  430.978302][ T8431] ext2: Unknown parameter 'smackfsfloor'
[  431.300369][ T8435] netlink: 12 bytes leftover after parsing attributes in process `syz.5.897'.
[  431.309783][ T8435] netlink: 8 bytes leftover after parsing attributes in process `syz.5.897'.
[  431.318679][ T8435] netlink: 8 bytes leftover after parsing attributes in process `syz.5.897'.
[  432.196786][ T8445] loop7: detected capacity change from 0 to 16
[  432.247927][ T8445] erofs: (device loop7): mounted with root inode @ nid 36.
[  432.258304][ T4264] Bluetooth: hci1: command 0x041b tx timeout
[  432.374497][   T14] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  432.404236][   T14] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  433.392453][ T8461] loop5: detected capacity change from 0 to 2048
[  433.483379][ T8461] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  433.630661][ T8467] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  433.706725][ T8467] EXT4-fs (loop5): Remounting filesystem read-only
[  434.333711][ T4258] Bluetooth: hci1: command 0x040f tx timeout
[  434.466471][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  434.574958][ T8477] fuse: Bad value for 'fd'
[  436.660905][ T4258] Bluetooth: hci1: command 0x0419 tx timeout
[  437.602208][ T8501] loop5: detected capacity change from 0 to 2048
[  437.673687][ T8501] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  437.931669][ T4336] team0 (unregistering): Port device team_slave_1 removed
[  438.038471][ T8514] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.918: bg 0: block 234: padding at end of block bitmap is not set
[  438.079060][ T8514] EXT4-fs (loop5): Remounting filesystem read-only
[  438.473631][ T4336] team0 (unregistering): Port device team_slave_0 removed
[  438.670201][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  438.740808][ T4336] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.848729][ T4336] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.072744][ T8524] netlink: 64 bytes leftover after parsing attributes in process `syz.7.923'.
[  439.507517][ T8528] fuse: Bad value for 'fd'
[  439.648295][ T4336] bond0 (unregistering): Released all slaves
[  439.749257][ T8518] device sit1 entered promiscuous mode
[  439.866970][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.926'.
[  439.946398][ T8539] loop7: detected capacity change from 0 to 512
[  440.047399][ T8539] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  440.089737][ T8350] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.097463][ T8350] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.109530][ T8550] overlayfs: failed to resolve './file1': -2
[  440.123110][ T8350] device bridge_slave_0 entered promiscuous mode
[  440.135622][ T8539] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  440.146192][ T8350] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.159479][ T8350] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.172294][ T8350] device bridge_slave_1 entered promiscuous mode
[  440.269976][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  440.334449][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  440.514970][ T8552] loop5: detected capacity change from 0 to 2048
[  440.743184][ T8548] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.744545][ T8552] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  440.750391][ T8548] bridge0: port 1(bridge_slave_0) entered forwarding state
[  440.826047][ T8350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  440.846322][ T8350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  441.013302][ T7629] EXT4-fs (loop7): unmounting filesystem.
[  441.047400][ T8350] team0: Port device team_slave_0 added
[  441.098145][ T8563] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.930: bg 0: block 234: padding at end of block bitmap is not set
[  441.361149][ T8350] team0: Port device team_slave_1 added
[  441.547523][ T8350] batman_adv: batadv0: Adding interface: batadv_slave_0
[  441.567378][ T8563] EXT4-fs (loop5): Remounting filesystem read-only
[  441.599791][ T8350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.704874][ T8350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  441.719276][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  441.730569][ T8350] batman_adv: batadv0: Adding interface: batadv_slave_1
[  441.737667][ T8350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.764731][ T8350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.932681][ T8350] device hsr_slave_0 entered promiscuous mode
[  442.003991][ T8350] device hsr_slave_1 entered promiscuous mode
[  442.012457][ T8350] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  442.043484][ T8350] Cannot create hsr debugfs directory
[  442.685942][ T8598] netlink: 4 bytes leftover after parsing attributes in process `syz.5.938'.
[  442.732052][ T8350] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  442.812190][ T8350] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  442.826833][ T8350] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  442.837194][ T8350] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  443.112718][ T8350] 8021q: adding VLAN 0 to HW filter on device bond0
[  443.149325][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  443.518457][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  443.560182][ T8607] loop5: detected capacity change from 0 to 2048
[  443.712681][ T8607] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  443.732337][ T8350] 8021q: adding VLAN 0 to HW filter on device team0
[  443.799714][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  443.831794][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  443.901359][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.908661][ T5952] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.003946][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  444.039362][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  444.055398][ T8617] loop7: detected capacity change from 0 to 256
[  444.062501][ T8617] exfat: Unknown parameter 'e� ����ϒ�.ދ�:rrors'
[  444.069139][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  444.104556][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.111734][ T5952] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.158319][ T8618] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.941: bg 0: block 234: padding at end of block bitmap is not set
[  444.177588][ T8618] EXT4-fs (loop5): Remounting filesystem read-only
[  444.596846][ T5323] EXT4-fs (loop5): unmounting filesystem.
[  444.625455][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  444.692345][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  444.764735][ T8620] overlayfs: failed to resolve './file1': -2
[  444.826154][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  445.635997][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  445.682111][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  445.722261][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  445.755586][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  445.784948][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  445.845517][ T8350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  445.879971][ T8350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  445.928841][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  445.941244][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  445.950741][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  448.039452][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  448.123045][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  448.161128][ T8350] 8021q: adding VLAN 0 to HW filter on device batadv0
[  448.272116][ T8660] loop7: detected capacity change from 0 to 2048
[  448.464218][ T8660] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  448.655237][ T8674] overlayfs: failed to resolve './file1': -2
[  448.975409][ T8686] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.953: bg 0: block 234: padding at end of block bitmap is not set
[  449.362024][ T8685] tty tty34: ldisc open failed (-12), clearing slot 33
[  449.383498][ T8686] EXT4-fs (loop7): Remounting filesystem read-only
[  449.514007][ T7629] EXT4-fs (loop7): unmounting filesystem.
[  449.764941][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  449.794545][ T5952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  449.996168][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  450.055784][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  450.134097][ T8350] device veth0_vlan entered promiscuous mode
[  450.258016][ T8705] loop5: detected capacity change from 0 to 256
[  450.269695][ T8705] exfat: Deprecated parameter 'namecase'
[  450.452237][ T8705] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  450.819686][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  450.854315][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  450.941528][ T8350] device veth1_vlan entered promiscuous mode
[  451.242268][ T8713] 
@�: renamed from bond_slave_0
[  451.263109][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  451.281819][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  451.306154][ T8712] loop7: detected capacity change from 0 to 2048
[  451.315224][ T8350] device veth0_macvtap entered promiscuous mode
[  451.338356][ T8350] device veth1_macvtap entered promiscuous mode
[  451.375926][ T8712] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[  451.411824][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  451.449046][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.479373][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  451.523553][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.563522][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  451.586631][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.608942][ T8350] batman_adv: batadv0: Interface activated: batadv_slave_0
[  451.760366][ T8729] overlayfs: failed to clone upperpath
[  451.779693][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  451.796621][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.835723][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  451.871579][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.901117][ T8350] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  451.975190][ T8350] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  452.224605][ T8350] batman_adv: batadv0: Interface activated: batadv_slave_1
[  452.237833][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  452.246823][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  452.256241][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  452.265932][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  452.278448][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  452.299367][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  452.339334][ T8350] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.379403][ T8350] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.398743][ T8350] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.413263][ T8350] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.798503][ T5940] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.829193][ T5940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.866934][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  452.939273][ T5940] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.035386][ T5940] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.265610][ T8761] loop7: detected capacity change from 0 to 256
[  453.276109][ T8761] exfat: Deprecated parameter 'namecase'
[  453.387714][ T8761] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  453.609614][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  454.094018][ T8766] loop5: detected capacity change from 0 to 128
[  454.494580][ T4258] Bluetooth: hci1: command 0x0411 tx timeout
[  454.955526][ T8775] loop7: detected capacity change from 0 to 512
[  455.084333][ T8775] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  455.498982][ T8775] EXT4-fs warning (device loop7): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  455.613286][ T8775] EXT4-fs (loop7): 1 truncate cleaned up
[  455.678433][ T8775] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  455.721197][ T8783] device syzkaller0 entered promiscuous mode
[  456.326941][ T8775] ==================================================================
[  456.335061][ T8775] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x909/0x1fa0
[  456.342802][ T8775] Read of size 18446744073709551572 at addr ffff88807f7c5850 by task syz.7.978/8775
[  456.352171][ T8775] 
[  456.354507][ T8775] CPU: 0 PID: 8775 Comm: syz.7.978 Not tainted 6.1.129-syzkaller #0
[  456.362487][ T8775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  456.372542][ T8775] Call Trace:
[  456.375825][ T8775]  <TASK>
[  456.378753][ T8775]  dump_stack_lvl+0x1e3/0x2cb
[  456.383454][ T8775]  ? nf_tcp_handle_invalid+0x647/0x647
[  456.388941][ T8775]  ? panic+0x764/0x764
[  456.393017][ T8775]  ? _printk+0xd1/0x111
[  456.397185][ T8775]  ? __virt_addr_valid+0x17f/0x530
[  456.402309][ T8775]  ? __virt_addr_valid+0x17f/0x530
[  456.407431][ T8775]  print_report+0x15f/0x4f0
[  456.411941][ T8775]  ? __virt_addr_valid+0x17f/0x530
[  456.417059][ T8775]  ? __virt_addr_valid+0x17f/0x530
[  456.422182][ T8775]  ? __virt_addr_valid+0x45b/0x530
[  456.427297][ T8775]  ? __phys_addr+0xb6/0x170
[  456.431814][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  456.437316][ T8775]  kasan_report+0x136/0x160
[  456.441855][ T8775]  ? __x64_sys_unlink+0x45/0x50
[  456.446718][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  456.452182][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  456.457640][ T8775]  kasan_check_range+0x27f/0x290
[  456.462580][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  456.468046][ T8775]  memmove+0x25/0x60
[  456.471947][ T8775]  ext4_xattr_set_entry+0x909/0x1fa0
[  456.477241][ T8775]  ? ext4_xattr_inode_lookup_create+0x1ff0/0x1ff0
[  456.483659][ T8775]  ? ext4_xattr_block_set+0x7f4/0x3820
[  456.489121][ T8775]  ? kmemdup+0x41/0x60
[  456.493197][ T8775]  ? memcpy+0x3c/0x60
[  456.497189][ T8775]  ext4_xattr_block_set+0x97e/0x3820
[  456.502523][ T8775]  ? ext4_get_inode_loc+0x190/0x190
[  456.507755][ T8775]  ? ext4_xattr_block_find+0x2b0/0x2b0
[  456.513244][ T8775]  ? xattr_find_entry+0x24b/0x310
[  456.518304][ T8775]  ? ext4_xattr_block_find+0x23d/0x2b0
[  456.523774][ T8775]  ext4_expand_extra_isize_ea+0x10eb/0x1c40
[  456.529692][ T8775]  ? ext4_xattr_set+0x3d0/0x3d0
[  456.534547][ T8775]  ? rwsem_write_trylock+0x166/0x210
[  456.539843][ T8775]  ? clear_nonspinnable+0x60/0x60
[  456.544879][ T8775]  ? ext4_reserve_inode_write+0x2b3/0x360
[  456.550615][ T8775]  ? dquot_initialize_needed+0x128/0x320
[  456.556257][ T8775]  __ext4_expand_extra_isize+0x302/0x400
[  456.561909][ T8775]  __ext4_mark_inode_dirty+0x54f/0x920
[  456.567397][ T8775]  ? ext4_blocks_for_truncate+0x270/0x270
[  456.573132][ T8775]  ? current_time+0x1ba/0x300
[  456.577810][ T8775]  ? atime_needs_update+0x7b0/0x7b0
[  456.583035][ T8775]  __ext4_unlink+0x6ed/0xba0
[  456.587646][ T8775]  ? __ext4_read_dirblock+0x890/0x890
[  456.593028][ T8775]  ? rwsem_write_trylock+0x166/0x210
[  456.598328][ T8775]  ? inode_permission+0xf7/0x450
[  456.603273][ T8775]  ? clear_nonspinnable+0x60/0x60
[  456.608309][ T8775]  ext4_unlink+0x1d5/0x670
[  456.612736][ T8775]  vfs_unlink+0x359/0x5f0
[  456.617080][ T8775]  do_unlinkat+0x4a5/0x820
[  456.621516][ T8775]  ? fsnotify_link_count+0xf0/0xf0
[  456.626649][ T8775]  __x64_sys_unlink+0x45/0x50
[  456.631350][ T8775]  do_syscall_64+0x3b/0xb0
[  456.635777][ T8775]  ? clear_bhb_loop+0x45/0xa0
[  456.640459][ T8775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  456.646358][ T8775] RIP: 0033:0x7f0f2578d169
[  456.650791][ T8775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.670425][ T8775] RSP: 002b:00007f0f2668a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  456.678845][ T8775] RAX: ffffffffffffffda RBX: 00007f0f259a5fa0 RCX: 00007f0f2578d169
[  456.686823][ T8775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000180
[  456.694795][ T8775] RBP: 00007f0f2580e2a0 R08: 0000000000000000 R09: 0000000000000000
[  456.702765][ T8775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  456.710735][ T8775] R13: 0000000000000000 R14: 00007f0f259a5fa0 R15: 00007ffee6ec1dc8
[  456.718764][ T8775]  </TASK>
[  456.721789][ T8775] 
[  456.724116][ T8775] Allocated by task 8775:
[  456.728447][ T8775]  kasan_set_track+0x4b/0x70
[  456.733048][ T8775]  __kasan_kmalloc+0x97/0xb0
[  456.737654][ T8775]  __kmalloc_node_track_caller+0xb1/0x220
[  456.743391][ T8775]  kmemdup+0x26/0x60
[  456.747309][ T8775]  ext4_xattr_block_set+0x7f4/0x3820
[  456.752605][ T8775]  ext4_expand_extra_isize_ea+0x10eb/0x1c40
[  456.758511][ T8775]  __ext4_expand_extra_isize+0x302/0x400
[  456.764161][ T8775]  __ext4_mark_inode_dirty+0x54f/0x920
[  456.769637][ T8775]  __ext4_unlink+0x6ed/0xba0
[  456.774321][ T8775]  ext4_unlink+0x1d5/0x670
[  456.778740][ T8775]  vfs_unlink+0x359/0x5f0
[  456.783075][ T8775]  do_unlinkat+0x4a5/0x820
[  456.787513][ T8775]  __x64_sys_unlink+0x45/0x50
[  456.792207][ T8775]  do_syscall_64+0x3b/0xb0
[  456.796639][ T8775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  456.802557][ T8775] 
[  456.804901][ T8775] The buggy address belongs to the object at ffff88807f7c5800
[  456.804901][ T8775]  which belongs to the cache kmalloc-1k of size 1024
[  456.818960][ T8775] The buggy address is located 80 bytes inside of
[  456.818960][ T8775]  1024-byte region [ffff88807f7c5800, ffff88807f7c5c00)
[  456.832237][ T8775] 
[  456.834561][ T8775] The buggy address belongs to the physical page:
[  456.840985][ T8775] page:ffffea0001fdf000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f7c0
[  456.851152][ T8775] head:ffffea0001fdf000 order:3 compound_mapcount:0 compound_pincount:0
[  456.859474][ T8775] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  456.867469][ T8775] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017c41dc0
[  456.876051][ T8775] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  456.884630][ T8775] page dumped because: kasan: bad access detected
[  456.891043][ T8775] page_owner tracks the page as allocated
[  456.896751][ T8775] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 22, tgid 22 (kworker/1:0), ts 81311072469, free_ts 81199143230
[  456.915608][ T8775]  post_alloc_hook+0x18d/0x1b0
[  456.920383][ T8775]  get_page_from_freelist+0x3731/0x38d0
[  456.925958][ T8775]  __alloc_pages+0x28d/0x770
[  456.930553][ T8775]  alloc_slab_page+0x6a/0x150
[  456.935244][ T8775]  new_slab+0x84/0x2d0
[  456.939325][ T8775]  ___slab_alloc+0xc20/0x1270
[  456.944018][ T8775]  __kmem_cache_alloc_node+0x19f/0x260
[  456.949481][ T8775]  __kmalloc+0xa1/0x230
[  456.953655][ T8775]  ___neigh_create+0x6b7/0x24b0
[  456.958539][ T8775]  ip6_finish_output2+0x16ba/0x1700
[  456.963739][ T8775]  ip6_finish_output+0x6a0/0xa80
[  456.968675][ T8775]  ndisc_send_skb+0xbf6/0x15f0
[  456.973632][ T8775]  ndisc_send_ns+0xc8/0x150
[  456.978228][ T8775]  addrconf_dad_work+0xb41/0x16e0
[  456.983256][ T8775]  process_one_work+0x917/0x1260
[  456.988206][ T8775]  worker_thread+0xa47/0x1200
[  456.992894][ T8775] page last free stack trace:
[  456.997560][ T8775]  free_unref_page_prepare+0x12a6/0x15b0
[  457.003194][ T8775]  free_unref_page+0x33/0x3e0
[  457.007876][ T8775]  __unfreeze_partials+0x1b7/0x210
[  457.012996][ T8775]  put_cpu_partial+0x17b/0x250
[  457.017767][ T8775]  qlist_free_all+0x76/0xe0
[  457.022274][ T8775]  kasan_quarantine_reduce+0x156/0x170
[  457.027738][ T8775]  __kasan_slab_alloc+0x1f/0x70
[  457.032585][ T8775]  slab_post_alloc_hook+0x52/0x3a0
[  457.037702][ T8775]  __kmem_cache_alloc_node+0x137/0x260
[  457.043168][ T8775]  kmalloc_trace+0x26/0xe0
[  457.047589][ T8775]  nsim_fib_event_work+0xe59/0x41f0
[  457.052790][ T8775]  process_one_work+0x917/0x1260
[  457.057761][ T8775]  worker_thread+0xd04/0x1200
[  457.062439][ T8775]  kthread+0x28d/0x320
[  457.066503][ T8775]  ret_from_fork+0x1f/0x30
[  457.070921][ T8775] 
[  457.073241][ T8775] Memory state around the buggy address:
[  457.078866][ T8775]  ffff88807f7c5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  457.086921][ T8775]  ffff88807f7c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  457.094974][ T8775] >ffff88807f7c5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  457.103113][ T8775]                                                  ^
[  457.109778][ T8775]  ffff88807f7c5880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  457.117918][ T8775]  ffff88807f7c5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  457.125970][ T8775] ==================================================================
[  457.345012][ T8775] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  457.352255][ T8775] CPU: 0 PID: 8775 Comm: syz.7.978 Not tainted 6.1.129-syzkaller #0
[  457.360262][ T8775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  457.370337][ T8775] Call Trace:
[  457.373637][ T8775]  <TASK>
[  457.376584][ T8775]  dump_stack_lvl+0x1e3/0x2cb
[  457.381298][ T8775]  ? nf_tcp_handle_invalid+0x647/0x647
[  457.386795][ T8775]  ? panic+0x764/0x764
[  457.390892][ T8775]  ? preempt_schedule_common+0xa6/0xd0
[  457.396376][ T8775]  ? vscnprintf+0x59/0x80
[  457.400727][ T8775]  panic+0x318/0x764
[  457.404648][ T8775]  ? check_panic_on_warn+0x1d/0xa0
[  457.409774][ T8775]  ? memcpy_page_flushcache+0xfc/0xfc
[  457.415169][ T8775]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  457.421157][ T8775]  ? _raw_spin_unlock+0x40/0x40
[  457.426009][ T8775]  check_panic_on_warn+0x7e/0xa0
[  457.430953][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  457.436417][ T8775]  end_report+0x66/0x110
[  457.440670][ T8775]  kasan_report+0x143/0x160
[  457.445172][ T8775]  ? __x64_sys_unlink+0x45/0x50
[  457.450041][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  457.455519][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  457.460998][ T8775]  kasan_check_range+0x27f/0x290
[  457.465948][ T8775]  ? ext4_xattr_set_entry+0x909/0x1fa0
[  457.471434][ T8775]  memmove+0x25/0x60
[  457.475344][ T8775]  ext4_xattr_set_entry+0x909/0x1fa0
[  457.480644][ T8775]  ? ext4_xattr_inode_lookup_create+0x1ff0/0x1ff0
[  457.487103][ T8775]  ? ext4_xattr_block_set+0x7f4/0x3820
[  457.492569][ T8775]  ? kmemdup+0x41/0x60
[  457.496642][ T8775]  ? memcpy+0x3c/0x60
[  457.500644][ T8775]  ext4_xattr_block_set+0x97e/0x3820
[  457.505941][ T8775]  ? ext4_get_inode_loc+0x190/0x190
[  457.511149][ T8775]  ? ext4_xattr_block_find+0x2b0/0x2b0
[  457.516609][ T8775]  ? xattr_find_entry+0x24b/0x310
[  457.521638][ T8775]  ? ext4_xattr_block_find+0x23d/0x2b0
[  457.527102][ T8775]  ext4_expand_extra_isize_ea+0x10eb/0x1c40
[  457.533009][ T8775]  ? ext4_xattr_set+0x3d0/0x3d0
[  457.537863][ T8775]  ? rwsem_write_trylock+0x166/0x210
[  457.543157][ T8775]  ? clear_nonspinnable+0x60/0x60
[  457.548190][ T8775]  ? ext4_reserve_inode_write+0x2b3/0x360
[  457.553931][ T8775]  ? dquot_initialize_needed+0x128/0x320
[  457.559571][ T8775]  __ext4_expand_extra_isize+0x302/0x400
[  457.565216][ T8775]  __ext4_mark_inode_dirty+0x54f/0x920
[  457.570696][ T8775]  ? ext4_blocks_for_truncate+0x270/0x270
[  457.576421][ T8775]  ? current_time+0x1ba/0x300
[  457.581098][ T8775]  ? atime_needs_update+0x7b0/0x7b0
[  457.586296][ T8775]  __ext4_unlink+0x6ed/0xba0
[  457.590894][ T8775]  ? __ext4_read_dirblock+0x890/0x890
[  457.596272][ T8775]  ? rwsem_write_trylock+0x166/0x210
[  457.601559][ T8775]  ? inode_permission+0xf7/0x450
[  457.606499][ T8775]  ? clear_nonspinnable+0x60/0x60
[  457.611527][ T8775]  ext4_unlink+0x1d5/0x670
[  457.615947][ T8775]  vfs_unlink+0x359/0x5f0
[  457.620288][ T8775]  do_unlinkat+0x4a5/0x820
[  457.624718][ T8775]  ? fsnotify_link_count+0xf0/0xf0
[  457.629841][ T8775]  __x64_sys_unlink+0x45/0x50
[  457.634523][ T8775]  do_syscall_64+0x3b/0xb0
[  457.638945][ T8775]  ? clear_bhb_loop+0x45/0xa0
[  457.643624][ T8775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  457.649517][ T8775] RIP: 0033:0x7f0f2578d169
[  457.653929][ T8775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.673535][ T8775] RSP: 002b:00007f0f2668a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  457.681951][ T8775] RAX: ffffffffffffffda RBX: 00007f0f259a5fa0 RCX: 00007f0f2578d169
[  457.689920][ T8775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000180
[  457.697887][ T8775] RBP: 00007f0f2580e2a0 R08: 0000000000000000 R09: 0000000000000000
[  457.705855][ T8775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.713839][ T8775] R13: 0000000000000000 R14: 00007f0f259a5fa0 R15: 00007ffee6ec1dc8
[  457.721839][ T8775]  </TASK>
[  457.725216][ T8775] Kernel Offset: disabled
[  457.729543][ T8775] Rebooting in 86400 seconds..