last executing test programs:

7m53.823981618s ago: executing program 2 (id=413):
epoll_create1(0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000340), 0x0, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x3829410, 0x0)
r0 = open(&(0x7f0000000240)='./bus\x00', 0x187102, 0x1)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@noload}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)

7m53.004222178s ago: executing program 2 (id=416):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000580)={0x3c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x8, 0x1000}}]}, 0x3c}}, 0x0)

7m51.928994992s ago: executing program 2 (id=424):
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000080)=ANY=[@ANYBLOB="8819000404e1afea406561da8dc073867ab18e7d0d6ca4d3cc86beaaa367f78aeb2bd1d8274a184c2ad3fcddb959a6852b82befe0ef158f0f32dd4a798f18a734a1b2ce9c6ffdf2b33f7e5b3974da6125e2e677d16bf492ea8674400f22b02ea2d25ab220be7ca8fea1065"], 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x29, 0x0, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x6, 0x0)
syz_open_procfs(0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f00000000c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x13, &(0x7f0000000300)=ANY=[@ANYBLOB="78ca3defcc8fb8dbfb273d5bfbe0217be9d27bdd3fd8a950fd7d9e790a5d5b1964a5caec8f9ea5533590393af90f30ff62ae26"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x53, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f00000002c0)={0x7, 0x801})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001800dd8d000000000000000002000000000000060000000008001e0002"], 0x30}}, 0x4090)

7m50.009955077s ago: executing program 2 (id=429):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000340), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x4014, 0x0, 0x0)
shutdown(r2, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80, {0x1000, 0x80a0000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c0f000000c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576648eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af095a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0714b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb6ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b40867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d0400000000000000a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f710100ab8d0b545c334014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b57fe072d3218983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000001600)={{0x0, 0x0, 0x80}})

7m49.321755716s ago: executing program 2 (id=443):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x4400, &(0x7f0000000640), 0x1, 0x75e, &(0x7f0000001100)="$eJzs3M9rHGUfAPDvTLNNf+R9Ny+8h/f1IEILLZROkubSnowX8VIoFLzWJZmEsJNsyW5qEwttPQu1uSgIonePXoVS/wBvUlDwLojWeBAvkdls0jbNxm2bZGv8fGCyz/PMPPt9vjuTJzOQZwP4x3qt/JFEDEXEpYiodtrTiDjcLh2JuLV+3OrDG5PllsTa2uWfk7JbrK5VN98r6bwej3aX+F9E3K9EnHn/6bjNpeV6rSjyhU59pDV3daS5tHx2dq42k8/k82PjF0bPj4+fHx3ftVxPvn3h6N1v3lxZ+fbL1p1XB84mMdHOOzq57Vqgx6x/JpWY2NI+vxfB+ijp4ZiBfRgHAAA7K+/zD3XuzSpRjUPu0gAAAODAWRtcAwAAAA68JPo9AgAAAGBvbfwfwMba3r1aB9vNT29ExPB28Qfaa4gjjkQlIo6tJk+sTEjWu8ELuXU7Iu5NbHP9JZ3r7/mNbqn3skaa/XWvnH8mtpt/0s35J7aZfwY2vjvhBXWf/x7FP9Rl/rvUY4yvPv1/pWv82xGvDGwXP9mMn3SJ/06P8e+sfHC32761zyNObfv3J3ki1g7fDzEyPVvs+Kt1/4/TD3bK/9hT8ZOkHTXZOf+rPeb/3uqv9W5zSRn/9Imdz/96/MEn+pXXxIedcaQRcbfzWtZXtsQ4Mffd109HTm5txJ/q8vlvf/7f2sz/sx7z/+GLwes9HgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtaUQMRZJmm+U0zbKI4xHx3ziWFo1m68x0Y3F+qtwXMRyVdHq2yEcjorpeT8r6WLv8qH5uS308Iv7z/dH1oLNFnk02iql+Jw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCm4xExFEmaRUQaEb9V0zTL+j0qAAAAYNcN93sAAAAAwJ7z/A8AAAAH3/M+/ye7PA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgQLt08WK5ra0+vDFZ1qeuLS3WG9fOTuXNeja3OJlNNhauZjONxkyRZ5ONub96vzQixi7E4vWRVt5sjTSXlq/MNRbnW1dm52oz+ZW8si9ZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8KyG2luSZhGRtstpmmUR/4qI4agk07NFPhoR/46IB9XKYFkf6/egAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2HXNpeV6rSjyBYW/YyGSiJdgGAr1WsSz9LoZL/uJ6/fMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAPzSXluu1osgXmv0eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP2V/phERLmdqp4c2rr3cPJ7tf0aEe9+cvmj67VWa2GsbP9ls731caf93GMdb+5nDgAAAHDgvf4sB288p288xwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPSqubRcrxVFvrCHhbjd7ywBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDn8WcAAAD//+Yew1w=")
setxattr$system_posix_acl(&(0x7f00000000c0)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x24, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x401c2103, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_tables_targets\x00')
r3 = socket$unix(0x1, 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000000000)=0x11, 0x7)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000040)=0xe9aa, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000080)={[{@nodioread_nolock}]}, 0x5, 0x461, &(0x7f0000000d00)="$eJzs289vFFUcAPDvTH+A8qMV8QeIWiXGxh8tLagcvGg08YDRRA94rO1CGhZqaE2EECnG4MXEkOjZeDTxL/DmxagnE696NyREuYCeamZ2pmyX3ZaW7S6yn08y7Xs7b/retzNv5817uwH0rJHsRxKxPSJ+j4ihWnZlgZHar+tXz03/c/XcdBJLS+/8leTlrl09N10WLY/bVmRG04j006SoZKX5M2dPTFWrldNFfnzh5Afj82fOPj97cup45Xjl1OThw4cOTrz04uQLbYkzi+va3o/n9u15471Lb04fvfT+z99l7d1e7K+Po11GssD/Xso17nuq3ZV12Y66dNLfxYawLn0RkZ2ugbz/D0Vf3Dh5Q/H6J11tHLCpsnvTlta7F5eAu1gS3W4B0B3ljT57/i23Dg097ghXXqk9AGVxXy+22p7+SIsyAw3Pt+00EhFHF//9Ottik+YhAADqfT791ZF4rtn4L40H68rtLNZQhiPivojYFRH3R8TuiHggIi/7UEQ8vM76G5eGbh7/pJc3FNgtysZ/LxdrWyvHf+XoL4b7ityOPP6B5NhstXKg+J+MxsCWLD+xSh0/vPbbF6321Y//si2rvxwLFu243N8wQTcztTCVD0rb4MqFiL39zeJPllcCkojYExF71/end5aJ2We+3dewb3mJce34V9GGdaalbyKerp3/xWiIv76xq6xPjm+NauXAeHlV3OyXXy++3ar+24q/Da5Uar/rzn9jkeGtRSJfr51ffx0X//is5TPNRq//weTd/LwMFq99NLWwcHoiYjA5kudXvD5549gyX5bPrv/R/c37/67imKyeRyIiu4gfjYjHIuLxou1PRMSTEbF/lfh/erX1vjL+SLt0/i9EzDR9/1u+/oeT+vX6DST6Tvz4fav6b+38H8pTo8Ur+fvfGm61gbfzvwMAAID/izT/DHySji2n03RsrPYZ/t1xb1qdm1949tjch6dmap+VH46BtJzpGirmQ6uz1cpEslj8xdr86GQxV1zOlx4s5o2/7Lsnz49Nz1Vnuhw79LptLfp/5s++brcO2HTN1tEmB7vQEKDjGvt/ujJ7/q1ONgboKN/Xht61Rv9PO9UOoPPc/6F3Nev/5xvy1gLg7uT+D71L/4fepf9D79L/oSfdzvf6JXowEVEm0g0cnsSdEYXEmoluvzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0x38BAAD//+MT6l8=")
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20)
ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x5, &(0x7f0000000000)="18dd023dac", 0xfffffd09, 0x0, &(0x7f00000002c0)="6d3c56fced16be7f9c69e310d9e81088d613c8caee4e54223291f784a570cd3789409cd7853fe57c130c7a715f4dec0000bb953752698c6c10879386fd7e00d02f825579299d30b7c40ae73e2f957463c4f4e2995891344bff2f0500f415b045ab31101cb92505e3850c2eb3cfbea0f962d696ad4cad3724dcf57d724a4217ed66707168e2e3e740401b5e4416335191c7a6dd74e94d9419ce53c3072a76f14e5679e13ff872acba9e64a983da9b14ea5bb88b8ac2829e331e39fc8cf3ebdc92d461f0c05fcc53bf1f23264c99941a4556b784cb8e8b66af18da4214a6827d"})

7m47.46568812s ago: executing program 2 (id=451):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)

7m47.063948775s ago: executing program 32 (id=451):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)

7m39.958328767s ago: executing program 3 (id=471):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x3, 0xff)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)

7m38.906493441s ago: executing program 3 (id=473):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x8, 0x0, 0x0}}, 0x10)
r3 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x103, 0x0, 0x1}, &(0x7f0000ffe000), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x2, &(0x7f0000000180), 0xfe)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

7m37.072249235s ago: executing program 3 (id=474):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
socket$inet(0x2, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
write(r0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000440)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x6, 0x1e}, @fda={0x66646185, 0x5, 0x0, 0x37}, @fda={0x66646185, 0x5, 0x1, 0x18}}, &(0x7f00000001c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x40000}, 0x19)

7m35.610456063s ago: executing program 3 (id=479):
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000002180)=ANY=[], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
mount$nfs(&(0x7f0000000100)='.5.', 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x72, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = memfd_create(&(0x7f0000000540)='\xdd#\x00\xe6Z\x00\xafq%\xa5\x83\xa6#\r\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\xf9\xff\xff\xff\x00\x17?$^\xe1Ob\xe1Y\x03\x00\x00\x00\x00\x00\x00\x00\xce\xe5\x19THP\xf4O\xe2\x9f\xd9\xae\xcf>/\xdc\xaa<\x96\xedE>{\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0\xb04\xb7T5\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\x03\x8a\xc40\xbe\xe3\x93A\x15\xec\xdb\xaa\xdc\n\xcbC\x15\xfcp\x11\xdai\f{\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\x82t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9\x87\xb6^r\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9w\xd2\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T[\xb7\xa4\xb0\bk&\xede\x8b\xc2\xb2\xcd\xef\xcf\x0fE\xc5\x86]\xc0]}\xdd^\xf6&\x16>c\x9d\x9c\xc9\x01\x04\x00\x00\xe9h\xbd\x10p\x8f\x14\x1f2\"\x1b;\xfda\x19\x8bo^\x96\x9a~Q\xce\x95\x02\xb8e\xbbG\xb0V[\xfe\x80\x94$y\x8a\\@\xa9^\x95!IJ\xcf\xf7\xafoX/qG\x97ITp\x01\xae\f\"n;%\xecT\xf6\xb6\xbf;\xde\xec\xb4z\xaa\xd9%\xa5;wy~\xcb\x9a\xd7\r\xe2\xcd\xf0C\x16\xbf0\x89\xb4\xf5\x86\xf3\x99\x9bq\xd3\x15\xe1:\x86\xe4\x14\x805K\xcf\xf6\xda\xd1A>\xf4r>\xfdyAH\x0f\x00'/426, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000180), 0x0, 0x0, 0x0)
fgetxattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.origin\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0640, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000240)="77753b6dc009871a71897a6f7a8cd5165b839aeac4cd104bdd80532400a342e80bc775400fc5c2489b68f829313f07c960624c7432d8f96052a0d0339eaecc0b4e8b6936c5aa9c6a", 0x0, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x189)

7m31.198614361s ago: executing program 3 (id=492):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x2, @win={{0x7, 0x9, 0x5, 0x800}, 0x5, 0x81, 0x0, 0x80, 0x0, 0x7}})

7m30.870311085s ago: executing program 3 (id=493):
r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f00000000c0)={0x1})
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$CEC_ADAP_G_CONNECTOR_INFO(0xffffffffffffffff, 0x8044610a, &(0x7f0000000340))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x0, 0x62800)
unshare(0x42000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

7m15.227777488s ago: executing program 33 (id=493):
r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f00000000c0)={0x1})
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$CEC_ADAP_G_CONNECTOR_INFO(0xffffffffffffffff, 0x8044610a, &(0x7f0000000340))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x0, 0x62800)
unshare(0x42000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

5m17.966554575s ago: executing program 6 (id=822):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0xc0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r3, 0x5608, 0x1)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000400)={0x8, {"940de312c9be105c33394390ce360adcb8443d1ca2464ad29fe46c8717a823e29b12011e867516a9c1b63394e6b4922549ac2f98b0bafc013757371b5762e5b03b4c8cfcc5d34368b21917740955f80e80fa98a68cb052b102c03e72a4c6702778dfcc5bb74ce23d914f8b143bd94d7382a385be93f61eef509d6cbffa81afee0e3524b8b768a0ef0ae00ad2a23728722436d1c150b512b6c642cb2eeaecb085719014332015474a4ddf7098bb5ac398c0ce256e4dcfd4613dbe9a34b96439546a28db9ce97b344b6c97289b3854e127b4f533f56439a74fcffc41dfeffc5d7a99c01a0fedfd937af595c05a942216581f8efd1ffa1c23c6f08d6987be16bb52420c80bda5da46987fbf7209487defe0374226a526d3588660192d921bfe407f1d1833f390dd8b41b30c53b4deba5a086c516d9bc8ca572d8f0f875303c85bd16570e89f74d7c4ef547a07dd62f334fee76e2e0ca31cca1ad0528d7448ceecd4c9785c302a40bc114335dea8775958a3beff8eeb31afcb9a2c7561980f8554220769e5e90fdfb2f5a905518ef1667a91e2dd474383e4312ea219fe65d421006734fe04661f75e69ae825120b33fb74293e3b83e7f7f563b475cd6e08fd6878ee424fa141d3aee86d952c212c2e7730796510a463a8da486852b23a1d62b714a11301499029d9efb715a11b64f24cd2660c9a47573ce4dd042e333e433ee28b2bce545cf067040193057de290965c1d547fed137e5eb22f5c0a06ad4de6b78204bf053f37c5d96b8053ea445b640360da8fce3391514dc3d1f4e4b35047138cd8c2717bcba278a4f8c27bac01b469ee3fd04004f58287a18307b0ad4120f2c26b08c3267249bfbe1064a3f171e0cfe595f7ab146f3148c73228edf694dc0c400c36e3493b1aca5f85972dadb8d02bddb607b7a431750ca4863812b8020000000000000042db2971e280541cbfa446c6c6d85b77e3327a2d327c25b7619647374e76b1be266cb68959d2651d0c7438cb1b53982191858c66500d8536013701194a9f02dd77216f932e07a4c4b4558b2a38d7e5c39a453c8fb5fae0d00550a2d143f721cd676d842f2ae39ecbf99e027b4cf9f3c2a9bf3b663e51a0b29cf4cfb0877d5b89fdfa93fd9bf33392e6a2c8df36f9f2faa3716d293b7d94c93458c17df99aaadd218fe4c7b967b43f48725e6bac67bf9176e8c63f94862b036b1870bc314b51fea9d0c92020427abaf5be10d3faad2f684d46a2461f2a92350d6f204f03ad2a9fa54cbd8a7a3e7ba2d54f3615ac5ea47f120572f8ef941e81b0812bfc4227ef5719093afbf90040ef1a5eda64563eb7fd015ea54342340ec8648d911a8f3f358ca124ef8c70685bce2fbaeeebf54d059cefd53751b5cf33fe2d92c9df6a63821b6db5188210565e132768b192fb27e745605c529e3648060a98d656f35e36dc4be3102bd678db0ceb0301c5cb0f7f7a08c55cd038a5f751a7c96116f0bd9c9a349558a7a8fc6a73cce1132549169822bf32d742fc4f4e2e50f59eb669f2384282247c60253edc98f9bc802a288a94e1011a066ce9f6eca5f87d2afd893900c3aff87be959451269bc9ac735c43c1e5ecf5d5bff262a27f0c8a1ad401492ffec662e27b12399096fee9910d0fadfd1e1bcf1f20f8f7e5ff1cce9e8db0fd71dda6f228aa96bba6b4120361a6f6acc832be5daa1aabd03a9ae810f0d21466c1a652a47c11db6a8e52580a8347326113b54a4beeaeb21b45e5ef0aa3cfbfb22d99640b7b935bce8e37cebce586f7fe72208b491795a9fbb220ec9b98dd7811ced86292189ce351e8a64c6afde9c1dccbaaebf7e5e3d5e529e926e814b381342c13ea0757ce52a0b0a155d1c85c4108deffa719a22bef7b681a17504e22d6fe9197699e0a16a7104f412e3a681c8ee41d8fbddc8610c161f1fad9e4a5e526e20ac61496e9f3596cc94b79e9680a64a832dc26d6e33e127abe5c405b16978bc4297a85ccaf1599b195db9d66b698c770d84fa90d89b51eca02ed3a3465b8eca9589af034bd6b9c8f6329e393e4753887696ae5158e8ca3ef2e66fac38a6d6a1b61e81d5b6a3c1cb007d64a33f1fe01cf39b82b270e9083ce13b1a32f0c98376d43cdbf9f17b74655f3000343fe051a75ac658a84629b1245107652d6dfa54b1a7d77922becb74539ffb11292794f12ebfd3ea8888c7cd10692d52c85340f92c5d01464fe36deaaec6ad6cc22870372d61485e2d76accd9bf93e0842efe5652e73100a6627b3a4ce4d1594c8ddb5742897d05fd6f6333fa1b90afeaab9fc7426251d24deeef43784f12c0bb09f102962ee9ab427a53fd8da8e1e3c8000ac7164e61d6258c515dcdd911fb1a519d7b38e556457da330ceda8e948aeaf7421d37faf50071f0d38c08fc938278f247084195e778ac90ab7bfafb59c2a1c643cd18d883a46a6cc41410f505ba209746d6b12c015eddf31b6c9ebf2f04605518033721cdf02b1da210ca1465129b443c0c46247b5f8cceb000af2c551fcea1c1bef29c5859e95bcf0956b9092279b47dc652134d2bc54c3688978fd4d7c203749da5e4824fe314aa57e76f58fadfafcc7660b68b1a6043acf8f9f0c259d16fe236b5906f88816e7ab69b67f762ad79a5f654c507cc49be181525ff05cde4d56b53790151efa8060c4685e2b1dd0ad89551a41e0d3dda33c2b528922849a8dfcd7246c242c3b2aa38a69e3e5a37c5806c4bcff53e08ffc7a830d925e3394b688ffffffffcbfe387c9e7df19cfb2b54303c101557aa2ed080194fe0af76d672ed77dfa4c5c0c0f9693f4e8c446d3bc19c0a8654bb4ba8b4daae69edf414615473ec2aadaa6871b7d08a51e349acc7b16fddf741f71670da4c2b0eadcf19f46f0fd18b59ecf7b943a2a5c90125638a3b3270a366c074868e62fe2e8751ff3e60411d7e1b3fb6a873f7843489f661f1bc401765cdfacbd76e1b52e15fb10fc19dc4803d3a4743ab977fae35eed00d59ddf64fcbc61f5fa0cf4098d0babde4a397d2ef100c23ca9f836656d5f25b018606e148e3f66400a682472ed5d28b7de624ed838277432623c11027da18378e46c3fd340585b4835ab1d771266322eee56c3e6bf3300f5d48b6b01f515ba7f3fb726cfc6fdf6c07a2f46bbc3f36fc9ba6e551a46335337c881cc4a73e79e76638411adcaa81ee3b6d0e6e6c721da36dcab68bfb0ca6ba7b2c267b80120143a5c4be333b2cf85b3bd2425ca691ff367d130dbbd8e5f6a833e093eae9d176c1c3fb61557f9e5080ee7703fe2ca1061b52d0a40d7ee2f408b3ceac303e302d96d929c17026793c66423d748a81adfd7cb29027f327b0dac4055e88e385f0400f97988aa1fa40cdf776f9f07991fb55d9d4bf62ebefced240d821bd4fbba62c1b62320228c6a4ca613878e3eb538eea28e92b5d909fc7e63ed5a544e7698d0b7d3d99415d4028a5da4cc67fcba3b744acd4f92938027f42b785405228a38d85fd678703b9d41a6a54cd48303a6be64408101fc5471641c1c5a747244da684fef97aa48bf1a225007f26d9f4002a0dc14d01191ef1d749ea2ea05c42c173c3244c1039c04341b0cf37574d8b78e357b451bfcfb79762ed6a4fbc689690bf37afaa92702a0349ed9aecd9111df9fd57b97749bbf5003991029344497c9ff85adaa7a2e566647ba5bad341eed62034b581981dd7c9de9fd4c241a54ad4d6e9e1cf7ca984b13c628cc65eca0829e69d4d390581e43cd2ed5c56608b45c109f35350fb875316e71f79c433319462d4b589a1f7f2d14d43092655da23d63c63298ed62dd481ab0bc58e97f397b39c94b32fad6a1e0cd9da2dfbe6897ee4986fdbafdb0e4b575f800df5da43cf318ea7a5e83a0136b3bde3296b2bd230ed212f79500c6a4458522c3881532b7bfd170647ee65931760f35a1c1f95b8c93e4233f0de2a13c83f31522f2bee05a57c8378ac6bdd3c9e30dc188b30dadb936f35a3fa247732ebae6a8d762992f8a96c1d26981bda157f2b676ac9d61bb786ac8c349da94dbf75a21b786cdceb47a92597b6d2b22f7dc1187cdb4681ce9bebd69977bab9eabf2a68c1d3b3463d6c7f1392e12a17deb97f2ce5c9ef4021d3b4e0df6b3f4b693e136e3931837e91617cd85846f3019a74d2d65f36369e73a461753631d72f9e2834c446ae7e173d6b1935adc0ce65eb0eac830d442a0344f2cbaedf8d48cb0a6959d07f208fbb2dae434f4fdf35b265fbdbde4138b455b7941096d55808de601ddd8a41a70b12968862d0b4086d4ff55152aee65eaa761a9588bb25bce193b4e55ebb183807f118bff0ccbd85ea761e7c3b6cccb64f97b3f1bf7a96eecc7ab40e770a1620209b50ba23aab0f769a16c9b8092326987f0cd1de94b911ea6bef5cf15a93829b7cbf03aa85ef577633e058f81e9653fc47d15ab8bead567ed2affbbf5a470302c065086324dc304c777228050ea9f717e45b6676fc9002ccd0428fcb27d839e4139fb17d4ee72e2fe8394e5de0cc814d92663f8c5f87e131a34ef7094078be0cf54763c82004af9727c7972ff1ea6162b279beea87bc2741e996d14f549d0474aabe780c5b80a35eed311cb734c23d01c160e439662c813126747c7d09068e32fa72605d71abc2a332cb59d81071818d5e0944194285f4cfc050392e505dd93c8c882f46fb6b70b4660784d543a6bf34653487840fdc298c8280241174805bf3cf38083224d213cd6076beac135ed3f010000800000000047750cb0f4d2be6beada1c481a0152d80c0b520d2f090455494c83ba78eb91e6558d52ceceb23c956bb382bb280e6382d2cb679eecd2bcfb6107e2e4f568f1be293eaa0d2ebb77169b103d5fe74d745cf082c36022108b4c430a87fa8535f1c56d0c1d5dae50c549b1b08911e2d2619eef61131c7804b35c3ca4dac1f2595c68941b013b5ded8bfd52ed41da13c0886b7f9c61a5244a815711253aad7ea74eae788b1beea9bc15addb199d2fc79e81a34b887a0e4b935ad154e961c8b6972f124cae7742e82db1e714af15f34908960dbb4ea24e44ffd750c9d11dd45bfaae73028bc88fddf74b2d24de205980ba14f4889119f8a6291b3724497503ddf95222d5d050414e487a3dc65e5eda3169e10570a50440be346cc1f1b0c848410b46610c738636707c5d740a8e3a9b688c2c1ea54135bffd2ffd87d9dfa902f3dd97b2a6078fa65f5a5f95da2b9f6124fe07682e27ab65ab96573e762f5060439e18649798e0b9d7864f91dbc4f4ed3a4ab30671f8f7f3c49c7ac504a755f9420fd9b22421afd7203f7cd6dd8c8e7a33709e12d004e402672af2b3f9046bc57854f98482538ad48723cd153cf03103c157cdb1a63e839a02c3f0041d7020280f96f3f7e0ce89c408be10d344540808dee1bfcb01f5293ab606c71ffc09f9e63b93b37e8d8007ad8432d2e81c3d1d40a57711bdb798ee91a3f05f93f4f46f883db0613bf95fabd523d955d0d4a5518e1bb3dae7646af8af8d4a4d7dcfac633c6efa3164f9e05bbb4b05947ac0e6c4edd99a768eda4c7149cf38a460b522d6405aa47fada1c78f56fbd33669719b1496427f290532334b69d0a7cf6c46cefe5ecd0fd923b14929fd3db8a1a94ba63954b58ceb9b1e0f8471a02c13a160aa763083a5fd36c199075a769768e164f17911f5a416bb96198aa0954a7d27e30c480691ce80dc71a49100", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17fe, @void, @value}, 0x94)
syz_emit_vhci(0x0, 0x9)
socket$can_bcm(0x1d, 0x2, 0x2)

5m16.84662001s ago: executing program 6 (id=825):
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$video4linux(&(0x7f0000000040), 0x2cf1389d, 0x0)
r3 = socket(0x2b, 0x1, 0x1)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000004340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0, 0x1f000000}, 0x600)
ioprio_get$pid(0x1, 0x0)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmstat\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x20000023896)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')

5m15.437209398s ago: executing program 6 (id=826):
syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f0000000f80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10080, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6c733d6575632d6a702c6e6f626172726965722c63726561746f723dfe6e58202c756d61736b3d30303030303030303030303030303030303137373737372c666f7263652c6e6f626172726965722c006b8a4453359c477405efd7a26260a704d78051e24898f76dee155657470eb0856fa8e929fd479a5b769402d6ba570694b8a4968aded485016d3261b0c77f91df0b22b30ea50e635e0b2e580fc0d0c84204d3b02679cc6b46dcdad70003e2d16d9fc5b49e327287c6f5d835dd3c85146b6c13abdd600cb7cd41bb938a535497aa92fd61d4452e3af07e70cfc953f4a8bc1df5d85f9f48ca6429f09e943bf67c7c78e8538b7aac8cfa676ceebfbc3b5eb6a73fbeaefcb4028aaa13383ee212c620c1cc18dd2ea6793dc7a5b2b19af78c88e0cffa"], 0x6, 0x6ac, &(0x7f0000001980)="$eJzs3U+InGcdB/DvO9nMZiKm2zZNowhdGijaYLKboSaC0CgiOQQJerDXJdk0SyZp2WwlLWImahU8eZIePFQkHnoSEaGexHoWBC+ecg9485CDuvK+887s7Mxks5t/s20/H3j3fZ553ud5fu9v3z/zZ5cJ8Kl15rXs7abImaNnr5f127fandu32lf65SSzSRrJTG+VopUUHyWn01vyufLBerjiXvO8cufDYua9D9q92ky9VNs3tuo3ZuKW3WTfoLInyXyv+J9tDzs2XrVU45zfGO8BFYO4y4Qd6ScOpm19THejsXHf7ts/b4Fd60bvvjlmLtmf3t21fB6Q+upw/yvD9G15beo+uTgAAADgcZn4Wn7YU3dzN9dz4MmEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8MRe87A4t6afTL8yn63//fHPpO/eaUw31I716sVt95atqBAAAAAAAAAMBDeeFu7uZ6DvTr60X1mf+LVeVg9fMzeSvXspzVHMv1LGUta1nNYpK5oYGa15fW1lYXx3v+MmXP9fX1G3XPExN7ntgcV3c00El/aTC2EQAAAAAAAAB8av0oZzY+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN2gSPb0VtVysF+eS2Mmyb4kzWJ+sHlzqsE+An+edgAAAADwGBSbq616faD4X6+wXlSv+Q9Vm+7LW7mataxkLZ0s50LdvXzV3/h7t925fat9pVzG5/n6v3YUVjVieu89TJ55odriuUGPM/lWvpujmc+5rGYl389S1rKc+XyzKi2lyFy9w3O3b7XSj3U83tObaudGY3thqFzGd7iKpJWLWaliO5bzzX7ojXq7w0Oz/bGZjMx4s8xO8Wptmzm6UK/LPfrF+K9yiuaqPd87yMhCnfsyG08P53089zs8TkZnWkxj8B7UwY1ZyuroTA+U8/31usz1Tx9vznf4VtrmTHR/Xtb6R9+hrXOefOkffzl3qXH18qWL147unsPoAY0eE+2hTDy/rUx0ykx0HyIT+x4m/kenWWejdxXd2dXyxarvgazk23kjF7Kck1nIYk5lIV/NibRzYiivz22d1+pca+zsXDvyxbpQ3pN+NnRvemJm79VQ5vXpobwOX+nmqrbhRzay9Mw2slQ0MzlL/5wYyszn60I5x4+H7jjTN5qJxaFMPLt1Jn793/Uk1zpXL69eWnpzm/O9VK/L0/bdzdfm3zySHdq5enfL4+WZ8peV3m1j+Ogo257tt43kq1l/4jJTD7aprZnqfO613e9MLUc6dHPSSL225yfO0q7aDg+1bXqWkzfSGTwLAWAX2//y/mbrTutvrfdbP2ldap3d943ZU7NfaGbvX2f+tOd3jd82vla8nPfzwxyYdqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBJcO3tdy4vdTrLq7uwkMYjHvDmxKZ+KnqPNHfHvn9cC7NbHVG/T7JF9+Y0Ym4l2RWpy8wTmGs2E5rODh5pJY1BPEku75IvuAMeh+NrV948fu3td768cmXp9eXXl6+eOHXy1ZPtryzeOH5xpbO80Ps57SiBx2HjacC0IwEAAAAAAAAAAAC2a1v/PPC9PNT/HozO+dmk6E5ndwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPoTOvZW83RRYXji2U9du32p1y6Zc3tpxJ0khS/CApPkpOp7dkbmi44l7zvHLnw1+99N4H7Y2xZvrbN0b6/eHf6+s73ItuvWQ+yZ56fX+z2xrv/NB43R0G1lMM9rBM2JF+4mDa/h8AAP//I7UHQA==")
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r8 = socket$unix(0x1, 0x1, 0x0)
sendmmsg$unix(r8, 0x0, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

5m9.289615398s ago: executing program 6 (id=851):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
syz_io_uring_setup(0x5c2, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000280)=0x3)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

5m6.734665521s ago: executing program 6 (id=858):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
close(0xffffffffffffffff)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x0, 0x0, 0x2000, {0x0, 0x0, 0x0, 0x0, {0xd}, {0x9, 0xd}, {0x3}}}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000740)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000d80)=ANY=[], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

5m4.46329604s ago: executing program 6 (id=861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x129080, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(r3, 0xc0045401, &(0x7f0000000080)=0xf5)

5m4.112222715s ago: executing program 34 (id=861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x129080, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(r3, 0xc0045401, &(0x7f0000000080)=0xf5)

5.925458935s ago: executing program 5 (id=2020):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a010100441405", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\\'], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e1a68", 0xf, 0xfffffffffffffffe)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0xc014)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffffffff280012800b00010065727370616e00001800028004001200050016"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.411905517s ago: executing program 7 (id=2032):
r0 = io_uring_setup(0x7d96, &(0x7f00000003c0)={0x0, 0xfdcf, 0x800, 0x0, 0x24})
r1 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x3, 0x800)
syz_usb_disconnect(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

3.366643098s ago: executing program 5 (id=2033):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

3.2065572s ago: executing program 5 (id=2038):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.116224041s ago: executing program 5 (id=2040):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4040004)

2.603175707s ago: executing program 7 (id=2044):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x2942, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x20)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)})

2.39433676s ago: executing program 7 (id=2047):
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @rand_addr, 0x2}, 0x1c)
listen(r0, 0x3)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000772000)={0x2, 0x4e23, @empty}, 0x10)
dup2(r0, r0)
r2 = syz_io_uring_setup(0x40f2, 0x0, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0xc0686611, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x4, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x71, 0xffffffffffffffff, 0x46e4c000)
connect$inet(r1, &(0x7f00000003c0)={0x2, 0x4e22, @multicast1}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r6=>0x0})
r7 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$inet6_udp_int(r7, 0x11, 0xa, 0x0, 0x0)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e1d, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0xfffffffffffffd97)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=r6], 0x28}, 0x1, 0x0, 0x0, 0x81}, 0x8050)

755.787021ms ago: executing program 5 (id=2049):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000003c0)={0x1, 0xffff, 0x0, 'queue0\x00', 0x1})

755.698611ms ago: executing program 7 (id=2050):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

641.016862ms ago: executing program 7 (id=2053):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x291, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x370}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x40}}}}}]}}]}}, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x8842)

594.331103ms ago: executing program 5 (id=2055):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x57, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x8}}}}}]}}]}}, 0x0)
syz_usb_disconnect(r1)

430.341245ms ago: executing program 4 (id=2064):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x74bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x94, 0xb, 0x5b8, 0x9, 0x7, 0x2}}}}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x54}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xf, 0xfff3}, {0xffa6, 0xfff1}, {0xffe0, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x200020d4}, 0x4041080)

430.213305ms ago: executing program 0 (id=2065):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r1, {0x5, 0x2}, {}, {0x5, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

352.331686ms ago: executing program 0 (id=2068):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe0}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000900)="47436b4c816815fc81d0010000004a1915dc9fc0fe06f8eb6d722e85f699369715ed9263c36e63cd683296a55146b9b4f5c821c452ab0e1d9ef9197456480ea6be72acae424a39866ba6ae3667ac959a832a3106307b57cf0717456a968c2eaa0d344507f625020072605cd39bed7da5889d535729fd366d1a2a27ca6831f8b372cd204a8cc46b762e86d86f596a180e2ef8bb6264caa84b707d1727aff09fec5944658b6c1f885fa97d7d0484b491b73049b2ff8413f60ed40efc8b858e7d99f77943cbd9988266cd87e82b35f16cf28bacdadecc214d3c7ecf27dc4e67cc55df2b46933fe4bbdb6f12eda062c4c9383219a1debf78014e502536f974216050cf218cf8bd50", 0x106}, {&(0x7f0000000440)="7e6b37ea4b479588e00b40a612b1949176de42e518bee23a0349893fa005e05906ba9a605f484c46bed328d7d113e6cda116ccc574da811c66ac7e2b89429ceeae9b1a4847ca7656c3c8288bb67bdf7ebc05ce86bca9607026129fc765870f72a96834bdf9425d49f0530c40b76c2b27c118327372cbfd363a3c2781a48bd21055e21bd0521b4e97c0a4ad7b75d59c6d99be3106a60b9a8ad5058430f61b74c29dfa25b8a59db98040", 0xa9}, {&(0x7f0000001340)="6dcb05f2e48e61674ebd89769f9b927046079a4c6ab892d9f86b4055e41f9354be76dac275a1f97b8ae4a5a32ef98168f544f231803f620017a7a9faa294c78047e4ca39d474942f867f63510b836739483f0abaca269f0e173855387e16996e23c2482f194dd78e17f67aeeda5d35a842c298f9972314014c439d57cd74cb190e527db50d4760e4a54c12735b8e98871b0c7bd10748e969ef864f65381d4db90528adcbdf460d31074d34b27770933de479090331e728e8434347c93c52f985105a3d57f766486ea16428a7e8054cff9dbec74e9c77fe4c483e306e1042874ae8e51db8", 0xe4}, {&(0x7f0000000640)="0590ab7c5379d4fc3e9f9cd7dbeebfa58219a6820d9af837dbcbb2e713865c85f980a1ef4eecbf07c2a0f45d118c3f334e39e74064f379244309ac82016ccc31d15441ba1fc6e673239bfbf58a8ff42206e1", 0x52}, {&(0x7f0000000000)="195954405d070d1fff60070f", 0xc}, {0x0}], 0x6}}], 0x1, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

287.442457ms ago: executing program 1 (id=2069):
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r0, &(0x7f0000000280)="02042c08ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)

287.158926ms ago: executing program 4 (id=2070):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1048c, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000180)='./file0\x00', 0x6a8000, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./bus\x00', 0x400)
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x114)

262.735387ms ago: executing program 4 (id=2071):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a010100441405", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\\'], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e1a68", 0xf, 0xfffffffffffffffe)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0xc014)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffffffff280012800b00010065727370616e00001800028004001200050016"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

261.836567ms ago: executing program 0 (id=2081):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x0, 0x0, '\x00', 0x49}, {0x1, 0x21, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x80}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x80, 0xff, 0x3, '\x00', 0x7}]}})

261.451037ms ago: executing program 1 (id=2072):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x10000})
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)

224.110347ms ago: executing program 1 (id=2073):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1fe)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup2(r1, r1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0xa, 0x1, {0xffff0000, 0xffffffffffffffff, {0x2, 0x0, @remote}, 0x0, 0x0, 0x2}}, 0x26)
r3 = syz_clone(0xa0122580, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000040)='cgroup\x00')

181.018538ms ago: executing program 4 (id=2074):
execve(0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

126.542539ms ago: executing program 0 (id=2075):
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000140)={0x3, 0x3d, &(0x7f0000000080)="ee1db0744c11994417208cfa24957952e4a131ce5a45c104d41b71a29f462a3c0b9c61959dcc2dca24665fc3af0363ed7431823066b8a2c8f530817b69"})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01002bbd700008"], 0x1c}, 0x1, 0x0, 0x0, 0x20008854}, 0x20000004)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010003b150300"/20, @ANYRES32=0x0, @ANYBLOB="84200009000000002400128009000100626f6e640000000014000280080005000400000008000300"], 0x44}}, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x4000004)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

126.315628ms ago: executing program 1 (id=2076):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90e46}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}, @IFLA_GROUP={0x8, 0x1b, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x600}, 0x4000090)

100.845349ms ago: executing program 1 (id=2077):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x58, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "e3de3d7b4cd07ec3ee7774fc7987cca41989000055e2"}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

85.866469ms ago: executing program 4 (id=2078):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r1, {0x5, 0x2}, {}, {0x5, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

30.67868ms ago: executing program 0 (id=2079):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010102, @local}, {0x0, 0x4e32, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "feffffffffffffff00", '\x00', '\x00', {'\x00', "000000000000000000009b7e00"}}}}}}}, 0x0)

30.52844ms ago: executing program 7 (id=2080):
socket$key(0xf, 0x3, 0x2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="200029bd7000fddbdf25260000001e18"], 0x4c}}, 0x80)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

30.38921ms ago: executing program 1 (id=2082):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000440)={0x0, 0x9}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000)=ANY=[], 0x8)

1.13118ms ago: executing program 0 (id=2083):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

0s ago: executing program 4 (id=2084):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x800)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
shutdown(r0, 0x1)

kernel console output (not intermixed with test programs):

ring it up to get a fully working HSR network
[  156.025849][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  156.039671][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  156.049565][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  156.059928][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  156.069610][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  156.079660][ T5643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.483'.
[  156.095752][ T5643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.483'.
[  156.115359][ T5645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.483'.
[  156.130661][ T5645] device bridge_slave_1 left promiscuous mode
[  156.139861][ T5645] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.159131][ T5645] device bridge_slave_0 left promiscuous mode
[  156.166674][ T5645] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.356598][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  156.725214][    T7] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  157.115591][    T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.201621][    T7] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  157.452560][    T7] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  157.505329][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.559148][    T7] usb 2-1: config 0 descriptor??
[  157.573167][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  157.606360][    T7] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  157.616730][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  157.652676][ T5494] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.025486][    T7] usb 2-1: USB disconnect, device number 6
[  158.060433][ T4340] device hsr_slave_0 left promiscuous mode
[  158.126193][ T4340] device hsr_slave_1 left promiscuous mode
[  158.148738][ T4340] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.228479][ T4340] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.250376][ T4340] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.285221][ T4340] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.332258][ T4340] device bridge_slave_1 left promiscuous mode
[  158.351667][ T4340] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.405546][ T4340] device bridge_slave_0 left promiscuous mode
[  158.412852][ T4340] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.583610][ T4340] device veth1_macvtap left promiscuous mode
[  158.618051][ T4340] device veth0_macvtap left promiscuous mode
[  158.634585][ T4340] device veth1_vlan left promiscuous mode
[  158.665066][ T4340] device veth0_vlan left promiscuous mode
[  158.964686][ T5697] overlayfs: failed to clone upperpath
[  162.569760][ T5712] loop4: detected capacity change from 0 to 2048
[  162.764289][ T5712] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[  163.564825][ T4340] team0 (unregistering): Port device team_slave_1 removed
[  163.604589][ T4340] team0 (unregistering): Port device team_slave_0 removed
[  163.638559][ T4340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  163.723582][ T4340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.043465][ T4340] bond0 (unregistering): Released all slaves
[  164.636268][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  164.656660][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  166.724734][ T5494] device veth0_vlan entered promiscuous mode
[  166.835197][   T26] audit: type=1326 audit(1745537546.568:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.1.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  166.861342][ T5494] device veth1_vlan entered promiscuous mode
[  166.969027][   T26] audit: type=1326 audit(1745537546.608:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.1.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  167.038104][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  167.038785][   T26] audit: type=1326 audit(1745537546.608:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.1.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  167.075841][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  167.102280][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  167.326282][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  167.342395][   T26] audit: type=1326 audit(1745537546.608:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.1.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  167.378452][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  167.410881][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  169.753087][ T5760] loop4: detected capacity change from 0 to 32768
[  171.498194][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  171.617013][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  171.756727][ T5494] device veth0_macvtap entered promiscuous mode
[  171.778851][ T5726] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (5726)
[  171.822446][ T5494] device veth1_macvtap entered promiscuous mode
[  171.882675][ T5808] device macsec0 entered promiscuous mode
[  172.026322][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.078029][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.105955][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.125130][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.185927][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.230824][ T5818] netlink: 16 bytes leftover after parsing attributes in process `syz.1.516'.
[  172.250463][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.302997][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.365314][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.706112][ T5494] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.744276][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  172.796018][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  172.869407][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  173.021220][ T5825] loop1: detected capacity change from 0 to 64
[  173.030007][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.069942][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.121985][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.161592][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.200947][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.240903][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.260981][ T5494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.301124][ T5494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.341309][ T5494] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.372580][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  173.416069][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  173.748389][ T5841] autofs4:pid:5841:autofs_fill_super: called with bogus options
[  173.913918][ T5841] loop4: detected capacity change from 0 to 1024
[  175.394140][ T4250] hfsplus: b-tree write err: -5, ino 4
[  175.410533][ T5494] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.423874][ T5494] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.437239][ T5494] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.709349][ T5494] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.116302][ T5853] loop4: detected capacity change from 0 to 2048
[  176.229711][ T4281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.298990][ T5853] EXT4-fs (loop4): Ignoring removed bh option
[  176.455331][ T5853] EXT4-fs (loop4): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  176.464104][ T5853] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  176.470646][ T4281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.473058][ T5853] EXT4-fs (loop4): Ignoring removed orlov option
[  176.603381][ T5853] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  177.294389][ T4215] Bluetooth: hci5: command 0x0409 tx timeout
[  177.368661][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  177.449961][ T5853] EXT4-fs (loop4): can't mount with both data=journal and dax
[  177.475943][ T4229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.484351][ T4229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.691924][ T5853] loop4: detected capacity change from 0 to 256
[  177.702859][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  177.751538][ T5844] chnl_net:caif_netlink_parms(): no params data found
[  177.806286][ T5853] exfat: Deprecated parameter 'namecase'
[  177.917594][ T5853] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[  178.422399][ T5878] overlayfs: missing 'lowerdir'
[  179.533530][ T4217] Bluetooth: hci5: command 0x041b tx timeout
[  179.708745][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.744375][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.762643][ T5891] loop4: detected capacity change from 0 to 256
[  179.790391][ T5844] device bridge_slave_0 entered promiscuous mode
[  179.870943][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.898694][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.934496][ T5844] device bridge_slave_1 entered promiscuous mode
[  180.129829][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.206627][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.384109][ T5844] team0: Port device team_slave_0 added
[  180.435968][ T5844] team0: Port device team_slave_1 added
[  180.572601][ T5891] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  180.638792][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.839595][ T5891] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  180.841259][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.875842][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.364778][ T5891] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  181.533912][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  181.611365][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[  181.615417][ T4217] Bluetooth: hci5: command 0x040f tx timeout
[  181.653098][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.745134][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.923071][ T5844] device hsr_slave_0 entered promiscuous mode
[  181.987746][ T5844] device hsr_slave_1 entered promiscuous mode
[  182.068297][ T5926] loop4: detected capacity change from 0 to 2048
[  182.170876][ T5926] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue. Quota mode: none.
[  182.213450][ T5933] loop1: detected capacity change from 0 to 2048
[  182.340061][ T5929] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm vhost-5926: bg 0: block 234: padding at end of block bitmap is not set
[  182.439853][ T5933] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[  182.493797][ T5844] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  182.683855][ T5844] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  182.752423][ T5844] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  182.816027][ T5844] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  183.082446][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.105959][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  183.114113][ T5951] loop4: detected capacity change from 0 to 256
[  183.125841][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  183.136999][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[  183.166216][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  183.181849][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  183.219314][ T5951] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  183.285559][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.292940][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.407355][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  183.542824][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  183.563554][   T26] audit: type=1326 audit(1745537563.298:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  183.772290][ T4217] Bluetooth: hci5: command 0x0419 tx timeout
[  184.394658][ T5965] loop1: detected capacity change from 0 to 1024
[  184.422450][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  184.456991][ T5957] ip6t_REJECT: ECHOREPLY is not supported
[  184.475454][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.482673][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.708444][   T26] audit: type=1326 audit(1745537564.198:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  184.798442][   T26] audit: type=1326 audit(1745537564.198:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  184.835154][   T26] audit: type=1326 audit(1745537564.198:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  185.701586][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  185.711959][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  185.722014][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  186.713554][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  186.878973][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  186.894902][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  186.905782][   T26] audit: type=1326 audit(1745537564.198:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  186.937855][   T26] audit: type=1326 audit(1745537564.198:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  187.000060][ T5844] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  187.054865][ T5844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  187.197303][   T26] audit: type=1326 audit(1745537564.198:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  187.334089][ T5980] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  187.418917][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.481975][ T4254] Bluetooth: hci4: Frame reassembly failed (-84)
[  187.539538][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.566234][ T4254] Bluetooth: hci4: Frame reassembly failed (-84)
[  187.733516][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.815365][   T26] audit: type=1326 audit(1745537564.198:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  187.850592][ T5982] loop1: detected capacity change from 0 to 256
[  187.850777][   T26] audit: type=1326 audit(1745537564.198:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  187.858677][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.919237][   T26] audit: type=1326 audit(1745537564.198:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.5.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  188.006644][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.065916][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  188.222401][ T5988] loop4: detected capacity change from 0 to 512
[  189.375259][ T4216] Bluetooth: hci4: command 0x1003 tx timeout
[  189.385312][ T4173] Bluetooth: hci4: sending frame failed (-49)
[  190.919624][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  190.937196][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  190.962535][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.455255][   T23] Bluetooth: hci4: command 0x1001 tx timeout
[  191.477065][ T4179] Bluetooth: hci4: sending frame failed (-49)
[  191.514527][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  191.546230][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.775296][ T1108] Bluetooth: hci1: command 0x0406 tx timeout
[  192.220226][ T5844] device veth0_vlan entered promiscuous mode
[  193.574321][ T6042] overlayfs: failed to clone upperpath
[  193.670972][ T5844] device veth1_vlan entered promiscuous mode
[  193.707696][   T23] Bluetooth: hci4: command 0x1009 tx timeout
[  193.771620][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  193.992973][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  194.070583][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  194.112796][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  194.138132][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  194.223259][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  194.247131][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  194.289619][ T5844] device veth0_macvtap entered promiscuous mode
[  194.328813][ T5844] device veth1_macvtap entered promiscuous mode
[  194.630400][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.666264][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  194.673207][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  194.801203][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.099932][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.225966][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.275177][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.312140][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.332382][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.353728][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.396247][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.417818][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.430214][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.441899][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.453955][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.474869][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.500448][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.539675][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.558698][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.601046][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.640006][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.653769][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.665114][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.677096][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.844229][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  195.871630][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  195.881263][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  195.890242][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  195.900384][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  195.916784][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  196.011041][ T6076] netlink: 288 bytes leftover after parsing attributes in process `syz.0.567'.
[  197.017437][ T5844] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.085266][ T5844] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.094161][ T5844] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.250791][ T5844] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.400086][ T4254] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.443870][ T4254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.575922][ T6094] loop5: detected capacity change from 0 to 128
[  198.641709][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  198.671292][ T4229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.734731][ T4229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.755380][ T6094] EXT4-fs (loop5): Test dummy encryption mode enabled
[  198.791066][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  198.856136][ T6094] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  198.875316][ T6094] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  199.972728][ T6115] loop1: detected capacity change from 0 to 512
[  200.101523][ T6115] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  200.133874][ T6115] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  200.151901][ T6115] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.577: corrupted in-inode xattr
[  200.173072][ T6115] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.577: couldn't read orphan inode 15 (err -117)
[  200.206377][ T6115] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  200.703603][ T6130] loop5: detected capacity change from 0 to 512
[  201.162502][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  201.162521][   T26] audit: type=1800 audit(1745537580.898:56): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.577" name="file1" dev="loop1" ino=20 res=0 errno=0
[  201.801525][ T6130] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,. Quota mode: writeback.
[  201.847764][ T6130] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.054646][   T26] audit: type=1800 audit(1745537581.788:57): pid=6158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.579" name="file1" dev="loop5" ino=15 res=0 errno=0
[  202.211511][ T6164] loop6: detected capacity change from 0 to 256
[  204.419255][ T6177] loop4: detected capacity change from 0 to 8
[  205.910320][ T6188] loop1: detected capacity change from 0 to 512
[  206.191661][ T6198] loop5: detected capacity change from 0 to 256
[  207.372454][ T6199] loop6: detected capacity change from 0 to 32768
[  207.777062][ T6198] exfat: Deprecated parameter 'utf8'
[  207.782606][ T6198] exfat: Unknown parameter 'keep_last_dots'
[  208.773170][ T6188] fscrypt: Error allocating hmac(sha512): -4
[  208.785176][ T6188] EXT4-fs (loop1): Error processing option "test_dummy_encryption" [-4]
[  209.657927][ T6234] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  210.560633][ T6239] rdma_op ffff8880746341f0 conn xmit_rdma 0000000000000000
[  210.578579][ T6238] loop5: detected capacity change from 0 to 8
[  211.890344][ T6257] netlink: 8 bytes leftover after parsing attributes in process `syz.5.605'.
[  211.910681][ T6258] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  211.945664][ T6257] netlink: 4 bytes leftover after parsing attributes in process `syz.5.605'.
[  212.213193][ T6269] loop5: detected capacity change from 0 to 1024
[  212.555009][ T6273] loop1: detected capacity change from 0 to 128
[  213.141419][ T6277] loop4: detected capacity change from 0 to 64
[  213.166276][ T6269] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  213.407685][ T6269] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3876: comm syz.5.609: Allocating blocks 497-513 which overlap fs metadata
[  214.201333][ T6268] EXT4-fs (loop5): pa ffff88801decc8c0: logic 16, phys. 145, len 23
[  214.210311][ T6268] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  214.517233][ T6297] syz.6.614 sent an empty control message without MSG_MORE.
[  215.424064][ T6306] loop6: detected capacity change from 0 to 164
[  215.501747][ T6306] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  215.540028][ T6306] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  215.929435][ T6317] loop5: detected capacity change from 0 to 128
[  216.347583][ T6317] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  216.745369][ T6317] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.905438][ T4247] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  217.077930][ T6334] loop4: detected capacity change from 0 to 256
[  217.408618][ T6334] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  217.779653][ T6347] loop5: detected capacity change from 0 to 512
[  217.905502][ T4247] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.925330][ T6347] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  217.974921][ T4247] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  218.080093][ T6347] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  218.105427][ T4247] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  218.114520][ T4247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  218.185502][ T4247] usb 2-1: SerialNumber: syz
[  218.303720][ T6347] EXT4-fs (loop5): shut down requested (1)
[  218.865468][ T4247] usb 2-1: can't set config #1, error -71
[  218.914871][ T4247] usb 2-1: USB disconnect, device number 7
[  219.142201][ T6327] loop6: detected capacity change from 0 to 32768
[  219.152163][ T6369] xt_recent: Unsupported userspace flags (00000042)
[  219.217409][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.631'.
[  219.247291][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.631'.
[  219.265190][ T6369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'.
[  220.413519][ T6390] Unsupported ieee802154 address type: 0
[  220.552924][ T6394] loop5: detected capacity change from 0 to 16
[  220.674788][ T6394] erofs: (device loop5): mounted with root inode @ nid 36.
[  222.079173][ T6423] netlink: 108 bytes leftover after parsing attributes in process `syz.5.645'.
[  222.088852][ T6423] netlink: 20 bytes leftover after parsing attributes in process `syz.5.645'.
[  222.989184][ T6428] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.022858][ T6402] loop4: detected capacity change from 0 to 32768
[  223.202593][ T6437] loop6: detected capacity change from 0 to 64
[  223.212272][ T6402] (syz.4.640,6402,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  223.526170][ T6402] (syz.4.640,6402,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  223.790163][ T6402] (syz.4.640,6402,0):ocfs2_initialize_super:2310 ERROR: status = -12
[  223.825150][ T6402] (syz.4.640,6402,0):ocfs2_fill_super:1177 ERROR: status = -12
[  223.872131][ T6428] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.060489][ T6428] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.633294][ T6449] loop4: detected capacity change from 0 to 16
[  224.681331][ T6428] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.767129][ T6449] erofs: (device loop4): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  225.408573][ T6459] loop4: detected capacity change from 0 to 128
[  225.792386][ T6456] loop6: detected capacity change from 0 to 4096
[  225.957997][ T6428] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.039656][ T6428] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.058558][   T26] audit: type=1326 audit(1745537605.798:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.0.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54090fc969 code=0x7ffc0000
[  226.086067][ T6464] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  226.213522][ T6428] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.231905][   T26] audit: type=1326 audit(1745537605.798:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.0.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f54090fc969 code=0x7ffc0000
[  226.327869][   T26] audit: type=1326 audit(1745537605.798:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.0.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54090fc969 code=0x7ffc0000
[  226.356069][ T6428] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.373574][   T26] audit: type=1326 audit(1745537605.798:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.0.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54090fc969 code=0x7ffc0000
[  226.966453][ T6476] netlink: 20 bytes leftover after parsing attributes in process `syz.5.658'.
[  227.195705][   T26] audit: type=1326 audit(1745537606.928:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6470 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54090fc969 code=0x7fc00000
[  227.245490][   T26] audit: type=1326 audit(1745537606.928:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6470 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f54090fc969 code=0x7fc00000
[  227.296276][ T6482] netlink: 8 bytes leftover after parsing attributes in process `syz.6.660'.
[  233.322769][ T6535] virtio-fs: tag <(null)> not found
[  238.722538][ T6556] loop1: detected capacity change from 0 to 1024
[  238.941080][ T6556] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  238.965992][ T6556] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.978140][ T6574] EXT4-fs (loop1): shut down requested (2)
[  241.055457][ T6582] loop5: detected capacity change from 0 to 64
[  241.338744][ T6584] loop6: detected capacity change from 0 to 512
[  241.394764][ T6587] loop4: detected capacity change from 0 to 512
[  241.438082][ T6584] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  241.458708][ T6584] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  241.968095][ T6594] raw_sendmsg: syz.4.689 forgot to set AF_INET. Fix it!
[  242.942489][ T6584] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.698: corrupted in-inode xattr
[  242.975823][ T6584] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.698: couldn't read orphan inode 15 (err -117)
[  243.025688][ T6584] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  244.698980][   T26] audit: type=1800 audit(1745537623.708:64): pid=6603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.698" name="file1" dev="loop6" ino=20 res=0 errno=0
[  245.631875][ T6608] loop5: detected capacity change from 0 to 512
[  246.191686][ T6608] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  246.200847][ T6608] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  246.380246][ T6613] loop6: detected capacity change from 0 to 512
[  246.777704][ T6613] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,i_version,,errors=continue. Quota mode: writeback.
[  246.959427][ T6613] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.699482][ T6612] netlink: 80 bytes leftover after parsing attributes in process `syz.6.694'.
[  250.998549][ T6643] overlayfs: failed to clone upperpath
[  251.026380][ T6642] loop5: detected capacity change from 0 to 1024
[  251.269896][ T6642] EXT4-fs (loop5): Ignoring removed oldalloc option
[  251.338724][ T6642] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal
[  252.210361][ T6661] loop1: detected capacity change from 0 to 2048
[  252.420429][ T6661] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  252.443650][ T6661] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  253.003532][   T26] audit: type=1326 audit(1745538145.741:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  253.324431][ T6674] netlink: 96 bytes leftover after parsing attributes in process `syz.5.711'.
[  253.555126][   T26] audit: type=1326 audit(1745538146.261:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  253.680046][   T26] audit: type=1326 audit(1745538146.261:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  253.702682][   T26] audit: type=1326 audit(1745538146.261:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  253.804340][ T6682] overlayfs: failed to clone upperpath
[  254.347996][ T6687] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  254.658108][   T26] audit: type=1326 audit(1745538146.261:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  255.735561][ T4218] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  256.018529][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  256.026194][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  256.115207][ T4218] usb 5-1: Using ep0 maxpacket: 32
[  257.052259][   T26] audit: type=1326 audit(1745538146.261:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  258.163582][ T6702] loop5: detected capacity change from 0 to 256
[  258.639396][   T26] audit: type=1326 audit(1745538146.261:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  260.677432][ T4218] usb 5-1: unable to read config index 0 descriptor/start: -71
[  260.685332][ T4218] usb 5-1: can't read configurations, error -71
[  261.351056][ T6710] loop6: detected capacity change from 0 to 2048
[  261.404226][   T26] audit: type=1326 audit(1745538146.261:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  261.460138][ T6718] loop1: detected capacity change from 0 to 1024
[  261.485206][ T6710] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  261.529239][   T26] audit: type=1326 audit(1745538146.261:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  261.551917][   T26] audit: type=1326 audit(1745538146.261:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.4.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  261.639208][ T6710] attempt to access beyond end of device
[  261.639208][ T6710] loop6: rw=524288, want=33554432, limit=2048
[  261.678480][ T6724] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  261.709462][ T6718] EXT4-fs error (device loop1): ext4_map_blocks:628: inode #3: block 2: comm syz.1.726: lblock 2 mapped to illegal pblock 2 (length 1)
[  261.751563][ T6730] loop5: detected capacity change from 0 to 1024
[  261.815172][ T6718] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  261.823341][ T6718] EXT4-fs error (device loop1): ext4_map_blocks:628: inode #3: block 48: comm syz.1.726: lblock 0 mapped to illegal pblock 48 (length 1)
[  261.915303][ T6730] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  261.922659][ T6730] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  261.982297][ T6718] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  262.013950][ T6718] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.726: Failed to acquire dquot type 0
[  262.057075][ T6730] EXT4-fs (loop5): mounted filesystem without journal. Opts: abort,barrier,sysvgroups,discard,dioread_nolock,stripe=0x0000000000000004,dioread_nolock,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  262.203792][ T6718] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  262.245217][ T6718] EXT4-fs error (device loop1): ext4_evict_inode:282: inode #11: comm syz.1.726: mark_inode_dirty error
[  262.335539][ T6718] EXT4-fs warning (device loop1): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  262.362088][ T6718] EXT4-fs (loop1): 1 orphan inode deleted
[  262.368924][ T6718] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000001,noblock_validity,user_xattr,max_batch_time=0x00000000000008cc,sysvgroups,noblock_validity,,errors=continue. Quota mode: none.
[  262.414640][  T154] EXT4-fs error (device loop1): ext4_map_blocks:628: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  262.475840][  T154] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  262.504866][  T154] EXT4-fs error (device loop1): ext4_release_dquot:6227: comm kworker/u4:2: Failed to release dquot type 0
[  262.539256][ T6718] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz.1.726: Invalid inode table block 1 in block_group 0
[  262.736389][ T6746] xt_CT: You must specify a L4 protocol and not use inversions on it
[  263.496511][ T6718] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  263.557371][ T4229] EXT4-fs error (device loop1): ext4_map_blocks:628: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  263.606150][ T4229] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  263.658288][ T4229] EXT4-fs error (device loop1): ext4_release_dquot:6227: comm kworker/u4:5: Failed to release dquot type 0
[  263.671744][ T4166] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz-executor: Invalid inode table block 1 in block_group 0
[  264.950222][ T4166] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  265.145165][ T4166] EXT4-fs error (device loop1): ext4_quota_off:6493: inode #3: comm syz-executor: mark_inode_dirty error
[  265.264105][ T6757] loop4: detected capacity change from 0 to 1024
[  265.597347][ T4229] hfsplus: b-tree write err: -5, ino 4
[  265.666610][ T6770] loop5: detected capacity change from 0 to 256
[  266.121153][ T6767] loop1: detected capacity change from 0 to 8192
[  267.695694][ T1111] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  268.419181][ T1108] Bluetooth: hci2: command 0x0406 tx timeout
[  268.525318][ T1111] usb 6-1: Using ep0 maxpacket: 32
[  268.646631][ T1111] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  268.771744][ T6782] loop6: detected capacity change from 0 to 32768
[  268.835929][ T1111] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  268.856110][ T1111] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  268.875169][ T1111] usb 6-1: Product: syz
[  268.885435][ T1111] usb 6-1: Manufacturer: syz
[  268.895412][ T1111] usb 6-1: SerialNumber: syz
[  268.930106][ T1111] usb 6-1: config 0 descriptor??
[  268.941020][ T6782] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  268.976739][ T6793] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  268.996825][ T1111] hub 6-1:0.0: bad descriptor, ignoring hub
[  269.012378][ T6782] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  269.015358][ T1111] hub: probe of 6-1:0.0 failed with error -5
[  269.255336][ T6782] OCFS2: ERROR (device loop6): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bad parent pointer (0, expected 71)
[  270.595804][ T6782] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  270.616456][ T6782] OCFS2: File system is now read-only.
[  270.635375][ T6782] (syz.6.746,6782,0):ocfs2_group_extend:318 ERROR: status = -30
[  270.830187][ T5844] ocfs2: Unmounting device (7,6) on (node local)
[  271.885259][ T6824] sctp: [Deprecated]: syz.1.758 (pid 6824) Use of int in max_burst socket option.
[  271.885259][ T6824] Use struct sctp_assoc_value instead
[  272.601907][ T6830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.759'.
[  272.657253][ T6834] loop4: detected capacity change from 0 to 1024
[  272.788873][ T1111] usb 6-1: USB disconnect, device number 2
[  272.862612][ T6834] EXT4-fs (loop4): INFO: recovery required on readonly filesystem
[  274.673049][ T6834] EXT4-fs (loop4): write access will be enabled during recovery
[  274.683455][ T6834] EXT4-fs (loop4): barriers disabled
[  274.694409][ T6834] JBD2: no valid journal superblock found
[  274.712666][ T6839] loop6: detected capacity change from 0 to 512
[  274.745248][ T6834] EXT4-fs (loop4): error loading journal
[  274.815854][ T6839] EXT4-fs (loop6): orphan cleanup on readonly fs
[  274.894201][ T6839] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.757: bg 0: block 248: padding at end of block bitmap is not set
[  274.973698][ T6834] input: syz1 as /devices/virtual/input/input10
[  275.030505][ T6839] Quota error (device loop6): write_blk: dquota write failed
[  275.062725][ T6839] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  275.084144][ T6839] EXT4-fs error (device loop6): ext4_acquire_dquot:6204: comm syz.6.757: Failed to acquire dquot type 1
[  275.131495][ T6839] EXT4-fs (loop6): 1 truncate cleaned up
[  275.147671][ T6839] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.564482][ T6839] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  275.714916][ T6839] Quota error (device loop6): write_blk: dquota write failed
[  275.753969][ T6839] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  275.875831][ T6839] EXT4-fs error (device loop6): ext4_acquire_dquot:6204: comm syz.6.757: Failed to acquire dquot type 1
[  275.992244][ T6839] EXT4-fs warning (device loop6): ext4_enable_quotas:6439: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  280.804203][ T6916] loop6: detected capacity change from 0 to 512
[  282.405814][ T6916] EXT4-fs (loop6): Ignoring removed oldalloc option
[  282.598384][ T6916] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  282.947407][ T6916] EXT4-fs: failed to create workqueue
[  282.977245][ T6916] EXT4-fs (loop6): mount failed
[  283.133602][ T6938] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.141360][ T6938] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.326791][ T6942] loop4: detected capacity change from 0 to 1024
[  283.650309][ T6942] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  284.379981][ T6959] netlink: 52 bytes leftover after parsing attributes in process `syz.5.798'.
[  285.695287][ T6976] tmpfs: Unknown parameter 'usrquota'
[  286.058718][ T6981] netlink: 'syz.4.805': attribute type 10 has an invalid length.
[  286.083207][ T6981] device syz_tun entered promiscuous mode
[  286.133091][ T6981] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  286.713990][ T6994] loop4: detected capacity change from 0 to 512
[  288.135160][ T6994] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,. Quota mode: writeback.
[  288.203256][ T6994] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  291.016713][ T7017] loop4: detected capacity change from 0 to 256
[  291.164869][ T7017] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  291.185134][ T7017] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  291.233170][ T7017] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  294.434456][ T7059] loop6: detected capacity change from 0 to 1024
[  295.482501][ T7046] loop4: detected capacity change from 0 to 32768
[  295.659434][ T7046] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  295.700871][ T7046] BTRFS info (device loop4): setting nodatacow, compression disabled
[  295.741199][ T7046] BTRFS info (device loop4): enabling auto defrag
[  295.771673][ T7046] BTRFS info (device loop4): max_inline at 0
[  295.805144][ T7046] BTRFS info (device loop4): using free space tree
[  295.832144][ T7046] BTRFS info (device loop4): has skinny extents
[  296.390501][   T26] audit: type=1800 audit(1745538189.131:75): pid=7090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.826" name="file1" dev="loop6" ino=20 res=0 errno=0
[  296.745715][ T7046] BTRFS error (device loop4): open_ctree failed: -12
[  296.800832][ T7127] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  296.810752][ T7127] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  300.468857][ T4340] hfsplus: b-tree write err: -5, ino 4
[  303.369222][ T7204] xt_SECMARK: invalid mode: 2
[  305.330185][ T4250] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.567243][ T4250] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.682309][ T4250] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.257523][ T4250] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.159875][ T7238] ODEBUG: Out of memory. ODEBUG disabled
[  308.372540][ T7256] netlink: 4 bytes leftover after parsing attributes in process `syz.5.876'.
[  308.520988][ T7262] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  308.560346][ T7233] chnl_net:caif_netlink_parms(): no params data found
[  308.895196][ T4177] Bluetooth: hci4: command 0x0409 tx timeout
[  309.172021][ T7272] netlink: 36 bytes leftover after parsing attributes in process `syz.5.880'.
[  309.430306][ T7286] device hsr0 entered promiscuous mode
[  309.821864][ T7269] loop4: detected capacity change from 0 to 32768
[  310.323146][ T7233] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.340600][ T7233] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.383824][ T7233] device bridge_slave_0 entered promiscuous mode
[  310.394075][ T7269] ialloc: diAlloc returned -17!
[  310.404666][ T7233] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.422074][ T7233] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.515617][ T7233] device bridge_slave_1 entered promiscuous mode
[  310.652217][ T7233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.864580][ T7314] netlink: 288 bytes leftover after parsing attributes in process `syz.0.890'.
[  310.975393][ T1108] Bluetooth: hci4: command 0x041b tx timeout
[  311.440067][ T7233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.544938][ T7233] team0: Port device team_slave_0 added
[  311.616650][ T7233] team0: Port device team_slave_1 added
[  311.801292][ T7324] loop4: detected capacity change from 0 to 1024
[  312.624563][ T7233] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.632837][ T7233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.805525][ T7233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.851707][ T7233] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.867919][ T7233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.022884][ T7233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  313.055434][ T4395] Bluetooth: hci4: command 0x040f tx timeout
[  313.497913][ T7340] netlink: 14 bytes leftover after parsing attributes in process `syz.1.904'.
[  314.993153][ T7340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.027277][ T7340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.067303][ T7340] bond0 (unregistering): Released all slaves
[  315.135187][ T4395] Bluetooth: hci4: command 0x0419 tx timeout
[  315.195777][ T7366] netlink: 'syz.0.910': attribute type 1 has an invalid length.
[  315.254198][ T7366] 8021q: adding VLAN 0 to HW filter on device bond1
[  315.305741][ T7370] bond1: (slave veth3): Enslaving as an active interface with a down link
[  315.330957][ T7373] bond1: (slave veth0_to_bond): making interface the new active one
[  315.359222][ T7373] device veth0_to_bond entered promiscuous mode
[  315.366468][ T7373] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  315.403172][ T4250] device hsr_slave_0 left promiscuous mode
[  315.429400][ T4250] device hsr_slave_1 left promiscuous mode
[  315.470309][ T4250] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  315.485154][ T4250] batman_adv: batadv0: Removing interface: batadv_slave_0
[  315.496268][ T4250] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  315.519863][ T4250] batman_adv: batadv0: Removing interface: batadv_slave_1
[  315.530151][ T4250] device bridge_slave_1 left promiscuous mode
[  315.537012][ T4250] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.546494][ T4250] device bridge_slave_0 left promiscuous mode
[  315.552832][ T4250] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.583022][ T4250] device veth1_macvtap left promiscuous mode
[  315.590615][ T4250] device veth0_macvtap left promiscuous mode
[  315.599670][ T4250] device veth1_vlan left promiscuous mode
[  315.612546][ T4250] device veth0_vlan left promiscuous mode
[  315.898700][ T7392] overlayfs: failed to clone upperpath
[  316.682924][ T4250] team0 (unregistering): Port device team_slave_1 removed
[  316.714529][ T4250] team0 (unregistering): Port device team_slave_0 removed
[  316.769108][ T4250] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.803919][ T4250] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.524470][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  317.546297][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  319.056322][ T4250] bond0 (unregistering): Released all slaves
[  319.199460][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  319.226354][ T7233] device hsr_slave_0 entered promiscuous mode
[  319.263769][ T7233] device hsr_slave_1 entered promiscuous mode
[  319.320753][ T7383] netlink: 'syz.1.914': attribute type 1 has an invalid length.
[  319.332615][ T7385] netlink: 4 bytes leftover after parsing attributes in process `syz.4.913'.
[  322.356687][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.5.934'.
[  322.520763][ T7233] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  323.711064][ T7462] loop4: detected capacity change from 0 to 256
[  323.712640][ T7233] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  323.856014][ T7233] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  323.886360][ T7462] FAT-fs (loop4): "posix" option is obsolete, not supported now
[  323.916963][ T7233] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  323.929016][ T7467] netlink: 40 bytes leftover after parsing attributes in process `syz.1.938'.
[  323.955391][ T7467] netlink: 40 bytes leftover after parsing attributes in process `syz.1.938'.
[  323.985236][ T7467] netlink: 40 bytes leftover after parsing attributes in process `syz.1.938'.
[  325.852888][ T7233] 8021q: adding VLAN 0 to HW filter on device bond0
[  325.921488][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  325.958803][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  325.989390][ T7233] 8021q: adding VLAN 0 to HW filter on device team0
[  326.060906][ T7500] loop5: detected capacity change from 0 to 128
[  326.110532][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  326.151189][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  326.197134][ T7500] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  326.217264][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.224431][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.253984][ T7500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.296312][ T7506] netlink: 16 bytes leftover after parsing attributes in process `syz.4.952'.
[  326.320258][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  326.334012][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  326.375602][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  326.422831][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.430065][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.467909][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  326.488178][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  326.612393][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  326.692552][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  326.713871][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  326.755990][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  326.777764][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  327.594691][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.1.945'.
[  327.621168][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  327.668785][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  327.711949][ T7233] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  327.949381][ T7233] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  327.987635][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  327.999865][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  329.374781][ T7563] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  330.016329][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  330.026344][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  330.036933][ T7233] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.291871][   T26] audit: type=1326 audit(1745538223.031:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7571 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  330.364289][ T7574] loop4: detected capacity change from 0 to 1024
[  330.392364][   T26] audit: type=1326 audit(1745538223.061:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7571 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  330.477454][   T26] audit: type=1326 audit(1745538223.061:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7571 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x7ffc0000
[  330.560482][ T7574] EXT4-fs (loop4): Ignoring removed nobh option
[  330.615870][ T7574] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #11: comm syz.4.967: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  330.739890][ T7574] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.967: couldn't read orphan inode 11 (err -117)
[  330.814621][ T7574] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[  330.850400][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  330.876167][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  330.942483][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  331.007731][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  331.041384][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  331.088035][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  331.159510][ T7233] device veth0_vlan entered promiscuous mode
[  331.175204][  T144] device veth0_to_bond left promiscuous mode
[  331.218195][ T7602] smc: net device bond0 applied user defined pnetid SYZ0
[  331.238369][ T7233] device veth1_vlan entered promiscuous mode
[  331.354578][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  331.383936][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  331.420497][ T7233] device veth0_macvtap entered promiscuous mode
[  331.479902][ T7233] device veth1_macvtap entered promiscuous mode
[  331.500236][ T7606] loop4: detected capacity change from 0 to 1024
[  331.589111][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.655084][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.702034][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.770828][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.802735][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.834105][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.865079][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.903197][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.932245][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.948185][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.983846][ T7233] batman_adv: batadv0: Interface activated: batadv_slave_0
[  332.038873][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.064727][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.075941][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.086652][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.096982][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.107564][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.190294][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.277876][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.337809][ T7233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.400631][ T7233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.663959][ T7233] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.595248][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  333.626163][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  333.645584][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  333.677304][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  333.727822][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  333.750202][ T7638] loop4: detected capacity change from 0 to 1024
[  333.905765][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  333.934623][ T7638] EXT4-fs (loop4): Ignoring removed oldalloc option
[  333.958813][ T7638] EXT4-fs (loop4): Ignoring removed orlov option
[  333.991811][ T7233] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.177836][ T7638] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000080,grpjquota=,oldalloc,errors=remount-ro,orlov,usrquota,stripe=0x0000000000000622,. Quota mode: writeback.
[  334.199122][ T7233] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.255092][ T7233] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.325195][ T7233] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.554700][ T7653] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 18: block 161:freeing already freed block (bit 10); block bitmap corrupt.
[  334.614779][ T7653] EXT4-fs (loop4): Remounting filesystem read-only
[  334.865994][ T4340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.874356][ T4340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  335.173919][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  335.244278][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  335.295750][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  335.405435][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  338.718027][ T7704] loop5: detected capacity change from 0 to 32768
[  339.496047][ T7711] loop7: detected capacity change from 0 to 2048
[  339.677293][ T7709] loop4: detected capacity change from 0 to 40427
[  339.888959][ T7709] F2FS-fs (loop4): Found nat_bits in checkpoint
[  339.967097][ T7709] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  339.967881][ T7711] EXT4-fs (loop7): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,grpjquota=,usrjquota=,. Quota mode: none.
[  340.009508][ T7725] loop5: detected capacity change from 0 to 256
[  340.399631][ T7725] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  340.410458][ T7725] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  340.426024][ T7725] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  340.531776][ T7711] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.995: bg 0: block 234: padding at end of block bitmap is not set
[  340.562453][ T7735] attempt to access beyond end of device
[  340.562453][ T7735] loop4: rw=2049, want=45104, limit=40427
[  340.641922][ T7711] EXT4-fs (loop7): Remounting filesystem read-only
[  341.437925][ T7725] exFAT-fs (loop5): hint_cluster is invalid (17)
[  341.474690][ T7725] exFAT-fs (loop5): error, invalid access to FAT (entry 0xffffffff)
[  341.484804][ T7725] exFAT-fs (loop5): Filesystem has been set read-only
[  341.553946][ T4171] attempt to access beyond end of device
[  341.553946][ T4171] loop4: rw=2049, want=45112, limit=40427
[  341.926510][ T4181] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  341.936448][ T4181] CPU: 1 PID: 4181 Comm: kworker/u5:6 Not tainted 5.15.180-syzkaller #0
[  341.945078][ T4181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  341.955393][ T4181] Workqueue: hci1 hci_rx_work
[  341.960231][ T4181] Call Trace:
[  341.963531][ T4181]  <TASK>
[  341.966488][ T4181]  dump_stack_lvl+0x1e3/0x2d0
[  341.971802][ T4181]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  341.977634][ T4181]  ? panic+0x860/0x860
[  341.981742][ T4181]  ? sysfs_create_dir_ns+0x282/0x390
[  341.987275][ T4181]  sysfs_create_dir_ns+0x2c6/0x390
[  341.992585][ T4181]  ? sysfs_warn_dup+0xa0/0xa0
[  341.997304][ T4181]  ? do_raw_spin_unlock+0x137/0x8b0
[  342.002553][ T4181]  kobject_add_internal+0x6e0/0xe00
[  342.007981][ T4181]  kobject_add+0x14e/0x210
[  342.012473][ T4181]  ? device_add+0x3c2/0xfd0
[  342.017010][ T4181]  ? kobject_init+0x1d0/0x1d0
[  342.021733][ T4181]  ? __raw_spin_lock_init+0x41/0x100
[  342.027484][ T4181]  ? get_device_parent+0x128/0x400
[  342.033175][ T4181]  device_add+0x476/0xfd0
[  342.037565][ T4181]  hci_conn_add_sysfs+0xe4/0x1f0
[  342.042536][ T4181]  le_conn_complete_evt+0xc15/0x1500
[  342.048292][ T4181]  ? cs_le_create_conn+0x5f0/0x5f0
[  342.053451][ T4181]  hci_le_meta_evt+0x28c/0x3f50
[  342.058410][ T4181]  ? __lock_acquire+0x1ff0/0x1ff0
[  342.063986][ T4181]  ? __mutex_lock_common+0x444/0x25a0
[  342.069645][ T4181]  ? hci_remote_host_features_evt+0x280/0x280
[  342.075726][ T4181]  ? __mutex_unlock_slowpath+0x218/0x750
[  342.081376][ T4181]  ? hci_event_packet+0x3b4/0x1550
[  342.086519][ T4181]  ? mutex_unlock+0x10/0x10
[  342.091172][ T4181]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  342.098447][ T4181]  ? print_irqtrace_events+0x210/0x210
[  342.104178][ T4181]  hci_event_packet+0xc41/0x1550
[  342.109300][ T4181]  ? rcu_lock_release+0x20/0x20
[  342.114188][ T4181]  ? hci_send_to_monitor+0x99/0x4d0
[  342.119409][ T4181]  hci_rx_work+0x237/0xa10
[  342.124603][ T4181]  process_one_work+0x8a1/0x10c0
[  342.129594][ T4181]  ? worker_detach_from_pool+0x260/0x260
[  342.135454][ T4181]  ? _raw_spin_lock_irqsave+0x120/0x120
[  342.141375][ T4181]  ? kthread_data+0x4e/0xc0
[  342.145925][ T4181]  ? wq_worker_running+0x97/0x170
[  342.151074][ T4181]  worker_thread+0xaca/0x1280
[  342.155949][ T4181]  kthread+0x3f6/0x4f0
[  342.160074][ T4181]  ? rcu_lock_release+0x20/0x20
[  342.164950][ T4181]  ? kthread_blkcg+0xd0/0xd0
[  342.169580][ T4181]  ret_from_fork+0x1f/0x30
[  342.174035][ T4181]  </TASK>
[  342.196120][ T4181] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  342.211455][ T4181] Bluetooth: hci1: failed to register connection device
[  342.652733][ T7766] loop4: detected capacity change from 0 to 256
[  342.712413][ T7766] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  342.723780][ T7766] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  342.749709][ T7766] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  342.823963][ T7766] exFAT-fs (loop4): hint_cluster is invalid (17)
[  342.843459][ T7766] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  342.852122][ T7766] exFAT-fs (loop4): Filesystem has been set read-only
[  342.934605][ T7771] netlink: 'syz.0.1007': attribute type 1 has an invalid length.
[  344.245659][ T7790] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1011'.
[  344.596629][ T7794] loop5: detected capacity change from 0 to 256
[  346.371882][ T7831] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1025'.
[  346.433077][ T4395] libceph: connect (1)[c::]:6789 error -101
[  346.445299][ T4395] libceph: mon0 (1)[c::]:6789 connect error
[  346.481475][ T7821] ceph: No mds server is up or the cluster is laggy
[  350.548085][ T7875] loop7: detected capacity change from 0 to 2048
[  350.724395][ T7875] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  350.759179][ T7875] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  351.871172][ T7884] loop5: detected capacity change from 0 to 256
[  352.458189][ T7884] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  352.469143][ T7884] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  352.488453][ T7884] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  352.561195][ T7890] loop4: detected capacity change from 0 to 1024
[  352.604239][ T7884] exFAT-fs (loop5): hint_cluster is invalid (17)
[  352.615431][ T7884] exFAT-fs (loop5): error, invalid access to FAT (entry 0xffffffff)
[  352.623480][ T7884] exFAT-fs (loop5): Filesystem has been set read-only
[  352.700309][ T7892] loop7: detected capacity change from 0 to 1024
[  353.414716][ T7892] EXT4-fs (loop7): INFO: recovery required on readonly filesystem
[  353.435463][ T7892] EXT4-fs (loop7): write access will be enabled during recovery
[  353.436217][ T7890] EXT4-fs (loop4): INFO: recovery required on readonly filesystem
[  353.471926][ T7892] EXT4-fs (loop7): barriers disabled
[  353.489314][ T7892] JBD2: no valid journal superblock found
[  353.554218][ T7890] EXT4-fs (loop4): write access will be enabled during recovery
[  353.867373][ T7892] EXT4-fs (loop7): error loading journal
[  354.028582][ T7890] EXT4-fs (loop4): barriers disabled
[  354.131114][ T7890] JBD2: no valid journal superblock found
[  354.163842][ T7890] EXT4-fs (loop4): error loading journal
[  354.393553][ T7911] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1038'.
[  355.920491][ T7929] loop7: detected capacity change from 0 to 256
[  356.052889][ T7929] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  356.064263][ T7929] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  356.133545][ T7929] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  356.189996][ T7929] exFAT-fs (loop7): hint_cluster is invalid (17)
[  356.200648][ T7929] exFAT-fs (loop7): error, invalid access to FAT (entry 0xffffffff)
[  356.208958][ T7929] exFAT-fs (loop7): Filesystem has been set read-only
[  357.244958][ T7946] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1054'.
[  358.039127][ T7960] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1056'.
[  358.679645][ T7976] loop5: detected capacity change from 0 to 256
[  360.335200][ T7976] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  360.346170][ T7976] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  360.362048][ T7976] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  360.418829][ T7976] exFAT-fs (loop5): hint_cluster is invalid (17)
[  360.428836][ T7976] exFAT-fs (loop5): error, invalid access to FAT (entry 0xffffffff)
[  360.437319][ T7976] exFAT-fs (loop5): Filesystem has been set read-only
[  363.146014][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1066'.
[  364.378391][ T8013] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.607116][ T8013] device bridge_slave_1 left promiscuous mode
[  364.613703][ T8013] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.599304][ T8024] netlink: 830 bytes leftover after parsing attributes in process `syz.5.1069'.
[  369.575403][ T8064] 9pnet: Insufficient options for proto=fd
[  373.892279][ T8085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1085'.
[  378.942023][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  378.953788][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  380.214176][ T8085] device bridge_slave_1 left promiscuous mode
[  380.251359][ T8085] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.776392][ T8141] device syzkaller0 entered promiscuous mode
[  382.739889][ T7122] Bluetooth: hci5: command 0x1003 tx timeout
[  382.747979][ T4179] Bluetooth: hci5: sending frame failed (-49)
[  383.608374][ T8158] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  384.825988][ T7122] Bluetooth: hci5: command 0x1001 tx timeout
[  384.832202][ T4179] Bluetooth: hci5: sending frame failed (-49)
[  386.225106][ T4177] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  386.495195][ T4177] usb 6-1: Using ep0 maxpacket: 16
[  386.635247][ T4177] usb 6-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  386.657192][ T4177] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  386.865209][ T4177] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  386.882317][ T4177] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.895396][ T7123] Bluetooth: hci5: command 0x1009 tx timeout
[  386.908405][ T4177] usb 6-1: Product: syz
[  386.923042][ T4177] usb 6-1: Manufacturer: syz
[  386.938293][ T4177] usb 6-1: SerialNumber: syz
[  387.032085][   T26] audit: type=1326 audit(1745538279.771:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.149925][   T26] audit: type=1326 audit(1745538279.771:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.223550][   T26] audit: type=1326 audit(1745538279.771:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.304659][   T26] audit: type=1326 audit(1745538279.771:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.345347][ T4177] usb 6-1: 0:2 : does not exist
[  387.452917][   T26] audit: type=1326 audit(1745538279.771:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.522889][   T26] audit: type=1326 audit(1745538279.771:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  387.579393][ T4177] usb 6-1: USB disconnect, device number 3
[  387.596782][   T26] audit: type=1326 audit(1745538279.771:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  388.390319][   T26] audit: type=1326 audit(1745538279.771:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  388.446896][ T8218] udevd[8218]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  388.476133][ T8233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1107'.
[  388.506593][   T26] audit: type=1326 audit(1745538279.771:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  388.588839][   T26] audit: type=1326 audit(1745538279.771:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8189 comm="syz.7.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7fc00000
[  389.101647][ T8252] device syzkaller0 entered promiscuous mode
[  393.311511][ T4177] kernel write not supported for file /521/attr/exec (pid: 4177 comm: kworker/1:4)
[  393.456578][ T8282] loop4: detected capacity change from 0 to 512
[  393.511726][ T8282] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  393.521602][ T8282] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  393.532707][ T8282] EXT4-fs (loop4): 1 truncate cleaned up
[  393.539122][ T8282] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,usrjquota="data=ordered,noload,grpid,grpjquota="init_itable,jqfmt=vfsold,noblock_validity,,errors=continue. Quota mode: writeback.
[  393.604282][ T8282] EXT4-fs (loop4): Ignoring removed orlov option
[  393.611637][ T8282] EXT4-fs (loop4): changing journal_checksum during remount not supported; ignoring
[  393.622200][ T8282] EXT4-fs (loop4): can't enable nombcache during remount
[  394.478489][   T26] kauditd_printk_skb: 57 callbacks suppressed
[  394.478529][   T26] audit: type=1326 audit(1745538287.221:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  395.130658][ T7122] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  395.166430][   T26] audit: type=1326 audit(1745538287.261:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  395.401720][   T26] audit: type=1326 audit(1745538287.271:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  395.786201][ T4213] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  395.964920][   T26] audit: type=1326 audit(1745538287.271:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.051803][   T26] audit: type=1326 audit(1745538287.291:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.065250][ T7122] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.165154][   T26] audit: type=1326 audit(1745538287.301:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.192364][ T7122] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.205197][ T4213] usb 8-1: Using ep0 maxpacket: 8
[  396.707039][ T4213] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  396.722967][   T26] audit: type=1326 audit(1745538287.321:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.745823][ T7122] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  396.765063][ T4213] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.788129][ T7122] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  396.803681][ T4213] usb 8-1: config 0 descriptor??
[  396.817694][   T26] audit: type=1326 audit(1745538287.351:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.845062][ T7122] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.884267][ T7122] usb 6-1: config 0 descriptor??
[  396.910034][   T26] audit: type=1326 audit(1745538287.371:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  396.959239][   T26] audit: type=1326 audit(1745538287.411:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.7.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d792969 code=0x7ffc0000
[  397.105396][ T4213] asix 8-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  397.194349][ T8328] loop4: detected capacity change from 0 to 1024
[  397.245375][ T7122] usbhid 6-1:0.0: can't add hid device: -71
[  397.294317][ T8328] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  398.235268][ T7122] usbhid: probe of 6-1:0.0 failed with error -71
[  398.259268][ T7122] usb 6-1: USB disconnect, device number 4
[  399.125265][ T4213] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  399.139801][ T4213] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9
[  399.151419][ T4213] asix: probe of 8-1:0.0 failed with error -71
[  399.161249][ T4213] usb 8-1: USB disconnect, device number 2
[  399.812883][ T8350] loop5: detected capacity change from 0 to 1024
[  399.965053][ T8358] syz.0.1148 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  399.990351][ T8350] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  400.726370][ T4213] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  400.982050][ T4213] usb 8-1: Using ep0 maxpacket: 16
[  401.885177][ T4213] usb 8-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  401.895588][ T4213] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  402.055283][ T4213] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  402.064456][ T4213] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.072630][ T4213] usb 8-1: Product: syz
[  402.076916][ T4213] usb 8-1: Manufacturer: syz
[  402.081535][ T4213] usb 8-1: SerialNumber: syz
[  402.415395][ T4213] usb 8-1: 0:2 : does not exist
[  402.461773][ T4213] usb 8-1: USB disconnect, device number 3
[  402.676259][ T8331] udevd[8331]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  404.139374][ T4177] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  405.186307][ T4177] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  405.318170][ T4177] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  405.327065][ T4177] usb 6-1: Product: syz
[  405.332397][ T4177] usb 6-1: Manufacturer: syz
[  405.338867][ T4177] usb 6-1: SerialNumber: syz
[  405.360518][ T4177] usb 6-1: config 0 descriptor??
[  405.798856][ T4177] hso 6-1:0.0: Failed to find BULK IN ep
[  405.824041][ T4177] usb-storage 6-1:0.0: USB Mass Storage device detected
[  406.930867][ T4177] usb 6-1: USB disconnect, device number 5
[  407.092461][ T7125] Bluetooth: hci4: command 0x0405 tx timeout
[  413.285073][ T7125] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  414.035079][ T7125] usb 6-1: Using ep0 maxpacket: 8
[  415.526413][ T7125] usb 6-1: device descriptor read/all, error -71
[  416.006961][ T8477] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1187'.
[  418.409627][ T8485] netlink: 'syz.5.1189': attribute type 21 has an invalid length.
[  418.434340][ T8485] netlink: 'syz.5.1189': attribute type 20 has an invalid length.
[  418.443087][ T8485] IPv6: NLM_F_CREATE should be specified when creating new route
[  420.161332][ T8521] netlink: 'syz.1.1203': attribute type 21 has an invalid length.
[  420.190452][ T8521] netlink: 'syz.1.1203': attribute type 20 has an invalid length.
[  420.195080][ T8388] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  420.214291][ T8521] IPv6: NLM_F_CREATE should be specified when creating new route
[  420.487407][ T8388] usb 5-1: Using ep0 maxpacket: 8
[  421.454785][ T8388] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  421.464710][ T8388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.374672][ T8388] usb 5-1: config 0 descriptor??
[  422.725741][ T8388] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  423.393967][ T8544] netlink: 'syz.0.1218': attribute type 21 has an invalid length.
[  424.866443][ T8544] netlink: 'syz.0.1218': attribute type 20 has an invalid length.
[  425.355186][ T8388] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  425.673969][ T8544] IPv6: NLM_F_CREATE should be specified when creating new route
[  425.733800][ T8388] asix: probe of 5-1:0.0 failed with error -71
[  425.831132][ T8388] usb 5-1: USB disconnect, device number 6
[  427.015274][ T8568] loop5: detected capacity change from 0 to 64
[  427.118414][ T8570] netlink: 'syz.0.1227': attribute type 21 has an invalid length.
[  427.126973][ T8570] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1227'.
[  429.965842][ T8584] overlayfs: failed to clone upperpath
[  430.795837][   T21] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  432.245335][   T21] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  432.395726][   T21] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  432.438201][   T21] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  434.467143][   T21] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  435.845593][   T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.852743][ T8631] loop4: detected capacity change from 0 to 64
[  435.886151][   T21] usb 5-1: can't set config #1, error -71
[  435.893158][   T21] usb 5-1: USB disconnect, device number 7
[  437.187505][ T8664] netlink: 'syz.4.1242': attribute type 21 has an invalid length.
[  437.195787][ T8664] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1242'.
[  438.490281][ T8676] Invalid ELF header magic: != ELF
[  438.511997][ T8680] loop7: detected capacity change from 0 to 64
[  438.765214][   T21] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  439.165261][   T21] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  439.175642][   T21] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  439.185463][   T21] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.196820][   T21] usb 6-1: config 0 descriptor??
[  439.236830][   T21] pwc: Askey VC010 type 2 USB webcam detected.
[  439.675191][   T21] pwc: recv_control_msg error -32 req 02 val 2b00
[  439.715330][   T21] pwc: recv_control_msg error -32 req 02 val 2700
[  439.755208][   T21] pwc: recv_control_msg error -32 req 02 val 2c00
[  439.795143][   T21] pwc: recv_control_msg error -32 req 04 val 1000
[  439.835208][   T21] pwc: recv_control_msg error -32 req 04 val 1300
[  439.875163][   T21] pwc: recv_control_msg error -32 req 04 val 1400
[  439.919563][   T21] pwc: recv_control_msg error -32 req 02 val 2000
[  439.965188][   T21] pwc: recv_control_msg error -32 req 02 val 2100
[  440.005201][   T21] pwc: recv_control_msg error -32 req 04 val 1500
[  440.045219][   T21] pwc: recv_control_msg error -32 req 02 val 2500
[  440.085195][   T21] pwc: recv_control_msg error -32 req 02 val 2400
[  440.125198][   T21] pwc: recv_control_msg error -32 req 02 val 2600
[  440.349295][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  440.355721][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  440.375218][   T21] pwc: recv_control_msg error -71 req 02 val 2800
[  440.395278][   T21] pwc: recv_control_msg error -71 req 04 val 1100
[  440.425216][   T21] pwc: recv_control_msg error -71 req 04 val 1200
[  440.433661][   T21] pwc: Registered as video103.
[  440.440647][   T21] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input11
[  440.457504][   T21] usb 6-1: USB disconnect, device number 8
[  440.975991][ T8690] Invalid ELF header magic: != ELF
[  442.385150][ T8711] netlink: 'syz.1.1261': attribute type 21 has an invalid length.
[  442.393080][ T8711] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1261'.
[  444.762648][ T8734] netlink: 'syz.0.1268': attribute type 4 has an invalid length.
[  444.986659][    T7] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  447.905558][    T7] usb 8-1: device descriptor read/all, error -71
[  449.676769][ T4181] Bluetooth: hci2: unknown advertising packet type: 0x75
[  449.898127][   T26] kauditd_printk_skb: 12 callbacks suppressed
[  449.898143][   T26] audit: type=1326 audit(1745538342.641:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.013705][   T26] audit: type=1326 audit(1745538342.681:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.155880][   T26] audit: type=1326 audit(1745538342.681:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.282069][   T26] audit: type=1326 audit(1745538342.681:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.306765][   T26] audit: type=1326 audit(1745538342.681:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.340448][   T26] audit: type=1326 audit(1745538342.681:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  450.380970][   T26] audit: type=1326 audit(1745538342.681:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8770 comm="syz.4.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  452.654718][ T8798] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1290'.
[  457.022759][ T8834] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1299'.
[  459.042069][ T8834] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1299'.
[  463.324330][ T8887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1315'.
[  463.405400][ T8887] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.413693][ T8887] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.440669][ T8887] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  463.449162][ T8887] batman_adv: batadv0: Removing interface: batadv_slave_1
[  464.253188][ T8893] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  464.256727][ T8890] IPVS: stopping master sync thread 8893 ...
[  465.682444][ T8905] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1321'.
[  465.704795][   T26] audit: type=1326 audit(1745538358.441:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  465.799389][   T26] audit: type=1326 audit(1745538358.441:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  465.838118][ T8905] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1321'.
[  465.874040][ T6927] libceph: connect (1)[c::]:6789 error -101
[  465.890609][ T6927] libceph: mon0 (1)[c::]:6789 connect error
[  465.898695][ T8909] ceph: No mds server is up or the cluster is laggy
[  466.025015][   T26] audit: type=1326 audit(1745538358.451:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=324 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  466.177873][   T26] audit: type=1326 audit(1745538358.451:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  466.440918][ T8929] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1329'.
[  466.525300][ T8929] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  466.535834][ T8929] batman_adv: batadv0: Removing interface: batadv_slave_0
[  466.580770][ T8929] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  466.606381][ T8929] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.329144][ T8943] loop7: detected capacity change from 0 to 1024
[  468.430088][ T8943] EXT4-fs (loop7): Ignoring removed bh option
[  468.558642][ T8943] EXT4-fs (loop7): inline encryption not supported
[  468.756017][ T8948] bridge0: port 4(geneve0) entered blocking state
[  468.763132][ T8948] bridge0: port 4(geneve0) entered disabled state
[  468.784573][ T8948] device geneve0 entered promiscuous mode
[  468.796558][ T8948] bridge0: port 4(geneve0) entered blocking state
[  468.803514][ T8948] bridge0: port 4(geneve0) entered forwarding state
[  469.425670][ T8943] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  469.481606][ T8943] EXT4-fs error (device loop7): ext4_map_blocks:628: inode #3: block 2: comm syz.7.1334: lblock 2 mapped to illegal pblock 2 (length 1)
[  469.500186][ T8943] Quota error (device loop7): qtree_write_dquot: dquota write failed
[  469.508668][ T8943] EXT4-fs error (device loop7): ext4_map_blocks:628: inode #3: block 48: comm syz.7.1334: lblock 0 mapped to illegal pblock 48 (length 1)
[  469.532481][ T8943] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  469.563731][ T8943] EXT4-fs error (device loop7): ext4_acquire_dquot:6204: comm syz.7.1334: Failed to acquire dquot type 0
[  469.581764][ T8943] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  469.593763][ T8943] EXT4-fs error (device loop7): ext4_evict_inode:282: inode #11: comm syz.7.1334: mark_inode_dirty error
[  469.613622][ T8943] EXT4-fs warning (device loop7): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  469.666208][ T8943] EXT4-fs (loop7): 1 orphan inode deleted
[  469.704889][ T8943] EXT4-fs (loop7): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback.
[  469.726004][  T144] EXT4-fs error (device loop7): ext4_map_blocks:628: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  469.759650][  T144] Quota error (device loop7): remove_tree: Can't read quota data block 1
[  469.806762][  T144] EXT4-fs error (device loop7): ext4_release_dquot:6227: comm kworker/u4:1: Failed to release dquot type 0
[  469.859903][ T8943] EXT4-fs (loop7): re-mounted. Opts: (null). Quota mode: writeback.
[  470.163021][ T8959] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1337'.
[  470.166155][ T4252] libceph: connect (1)[c::]:6789 error -101
[  470.259626][ T4252] libceph: mon0 (1)[c::]:6789 connect error
[  470.279859][ T8954] ceph: No mds server is up or the cluster is laggy
[  470.288883][ T8969] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1337'.
[  470.359107][ T6927] libceph: connect (1)[c::]:6789 error -101
[  470.379691][ T6927] libceph: mon0 (1)[c::]:6789 connect error
[  470.487470][ T8963] ceph: No mds server is up or the cluster is laggy
[  470.746739][ T7123] libceph: connect (1)[c::]:6789 error -101
[  470.752914][ T7123] libceph: mon0 (1)[c::]:6789 connect error
[  472.207413][ T8981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1344'.
[  472.269022][ T8981] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.327505][ T8981] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.359402][ T8981] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.382504][ T8981] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.762837][ T8999] smc: net device bond0 erased user defined pnetid SYZ0
[  473.114362][ T9001] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  475.763285][ T4252] libceph: connect (1)[c::]:6789 error -101
[  475.813251][ T4252] libceph: mon0 (1)[c::]:6789 connect error
[  475.849796][ T9018] ceph: No mds server is up or the cluster is laggy
[  475.941431][ T9023] ceph: No mds server is up or the cluster is laggy
[  475.950881][ T9029] loop4: detected capacity change from 0 to 512
[  476.003638][ T7123] libceph: connect (1)[c::]:6789 error -101
[  476.010000][ T9029] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  476.085214][ T7123] libceph: mon0 (1)[c::]:6789 connect error
[  476.148949][ T9029] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,acl,mblk_io_submit,data_err=ignore,. Quota mode: writeback.
[  476.249642][ T9029] ext4 filesystem being mounted at /224/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  476.523693][ T9040] netlink: 96 bytes leftover after parsing attributes in process `syz.7.1359'.
[  476.693460][ T9045] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1361'.
[  476.734201][ T9045] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.762100][ T9045] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.805924][ T9045] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.825180][ T9045] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.321097][ T9057] loop4: detected capacity change from 0 to 512
[  477.339424][ T9058] smc: net device bond0 applied user defined pnetid SYZ0
[  477.378166][ T9058] smc: net device bond0 erased user defined pnetid SYZ0
[  478.154002][ T9057] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  478.169128][ T9057] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  478.225798][ T9057] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  478.241519][ T9057] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  478.256065][ T9069] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  478.268350][ T9057] EXT4-fs (loop4): 1 truncate cleaned up
[  478.274825][ T9057] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,nojournal_checksum,noload,noinit_itable,usrjquota=,grpjquota=.seclabel,,errors=continue. Quota mode: writeback.
[  478.382356][ T7123] libceph: connect (1)[c::]:6789 error -101
[  478.808539][ T7123] libceph: mon0 (1)[c::]:6789 connect error
[  478.815688][ T9070] ceph: No mds server is up or the cluster is laggy
[  479.152822][ T9087] atomic_op ffff8880258ce998 conn xmit_atomic 0000000000000000
[  479.235763][ T7124] libceph: connect (1)[c::]:6789 error -101
[  479.338188][ T7124] libceph: mon0 (1)[c::]:6789 connect error
[  480.915565][ T9107] bridge0: port 2(geneve0) entered blocking state
[  480.922542][ T9107] bridge0: port 2(geneve0) entered disabled state
[  480.947747][ T9107] device geneve0 entered promiscuous mode
[  480.964521][ T9107] bridge0: port 2(geneve0) entered blocking state
[  480.971151][ T9107] bridge0: port 2(geneve0) entered forwarding state
[  482.272506][   T26] audit: type=1326 audit(1745538375.011:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.1391" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f129c0e1969 code=0x0
[  482.736217][ T9129] netlink: 'syz.7.1386': attribute type 1 has an invalid length.
[  482.820110][ T9136] smc: net device bond0 applied user defined pnetid SYZ0
[  482.829093][ T9136] smc: net device bond0 erased user defined pnetid SYZ0
[  482.855549][ T7124] libceph: connect (1)[c::]:6789 error -101
[  482.861844][ T7124] libceph: mon0 (1)[c::]:6789 connect error
[  482.893456][ T9136] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  482.902841][ T9138] ceph: No mds server is up or the cluster is laggy
[  483.065139][    T7] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  483.171005][ T9152] atomic_op ffff88807acf0998 conn xmit_atomic 0000000000000000
[  483.503936][ T9154] bridge0: port 2(geneve0) entered blocking state
[  483.511210][ T9154] bridge0: port 2(geneve0) entered disabled state
[  483.519242][ T9154] device geneve0 entered promiscuous mode
[  483.639369][    T7] usb 6-1: Using ep0 maxpacket: 16
[  485.440294][    T7] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xD7, skipping
[  485.588208][    T7] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  486.098442][    T7] usb 6-1: string descriptor 0 read error: -71
[  486.133036][    T7] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  486.211898][    T7] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.262832][    T7] usb 6-1: config 0 descriptor??
[  486.279905][ T9184] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  486.320119][ T9181] loop5: detected capacity change from 0 to 256
[  486.331960][    T7] usb 6-1: can't set config #0, error -71
[  486.376204][ T9181] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  486.377255][    T7] usb 6-1: USB disconnect, device number 9
[  486.401253][ T9188] atomic_op ffff88807824b998 conn xmit_atomic 0000000000000000
[  486.425356][ T9181] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  486.644291][ T9181] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  488.426016][ T9199] input: syz0 as /devices/virtual/input/input12
[  489.437680][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  489.474105][   T26] audit: type=1326 audit(1745538382.211:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  489.541719][ T9219] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  489.575025][   T26] audit: type=1326 audit(1745538382.231:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  489.617725][ T9219] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  489.636598][ T9219] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  489.664984][   T26] audit: type=1326 audit(1745538382.261:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  489.732327][   T26] audit: type=1326 audit(1745538382.261:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  489.798471][ T9227] atomic_op ffff888020e26998 conn xmit_atomic 0000000000000000
[  490.294557][   T26] audit: type=1326 audit(1745538382.261:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  490.450874][   T26] audit: type=1326 audit(1745538382.261:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  490.499987][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  490.832342][ T8388] kernel read not supported for file /video37 (pid: 8388 comm: kworker/1:3)
[  490.833255][   T26] audit: type=1326 audit(1745538382.261:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  490.871909][ T9243] overlayfs: failed to clone upperpath
[  491.117701][   T26] audit: type=1326 audit(1745538382.261:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  491.243045][   T26] audit: type=1326 audit(1745538382.261:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  491.335536][   T26] audit: type=1326 audit(1745538382.261:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9218 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73957969 code=0x7ffc0000
[  491.384859][ T9224] loop5: detected capacity change from 0 to 40427
[  491.499822][ T9224] F2FS-fs (loop5): Unrecognized mount option "memory=low" or missing value
[  491.524621][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  491.546381][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  491.622983][ T9262] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  491.642101][ T9262] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  491.653715][ T9262] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  493.713528][ T9281] 9pnet: Insufficient options for proto=fd
[  493.805542][ T9293] loop5: detected capacity change from 0 to 512
[  493.852160][ T9296] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  493.894109][ T9293] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  493.962152][ T9300] loop4: detected capacity change from 0 to 128
[  493.995744][ T9293] EXT4-fs (loop5): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,acl,mblk_io_submit,data_err=ignore,. Quota mode: writeback.
[  494.019085][ T9293] ext4 filesystem being mounted at /172/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.297967][ T9316] loop4: detected capacity change from 0 to 1024
[  495.325841][ T9316] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  495.605542][ T9316] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  496.327143][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  496.327161][   T26] audit: type=1326 audit(1745538389.071:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  496.566810][   T26] audit: type=1326 audit(1745538389.271:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  496.569237][ T9332] 9pnet: Insufficient options for proto=fd
[  496.596972][   T26] audit: type=1326 audit(1745538389.271:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  496.695127][   T26] audit: type=1326 audit(1745538389.271:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  496.748180][   T26] audit: type=1326 audit(1745538389.271:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  496.870413][   T26] audit: type=1326 audit(1745538389.271:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  497.116936][   T26] audit: type=1326 audit(1745538389.271:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  497.256835][   T26] audit: type=1326 audit(1745538389.281:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  497.283142][   T26] audit: type=1326 audit(1745538389.281:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  497.322113][   T26] audit: type=1326 audit(1745538389.281:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.5.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c6422969 code=0x7ffc0000
[  497.726155][ T9344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  498.778638][ T9355] overlayfs: overlapping lowerdir path
[  499.244520][ T9362] dccp_close: ABORT with 20 bytes unread
[  500.999495][ T9385] loop5: detected capacity change from 0 to 1024
[  501.098185][ T9385] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  501.334088][ T9385] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  501.437794][ T9394] 9pnet: Insufficient options for proto=fd
[  502.281312][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  502.287683][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  502.979181][ T9416] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  503.830569][ T9423] dccp_close: ABORT with 20 bytes unread
[  503.870215][ T9426] loop5: detected capacity change from 0 to 2048
[  504.195287][ T9426] EXT4-fs (loop5): Ignoring removed bh option
[  506.013666][ T9426] EXT4-fs (loop5): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  506.091710][ T9426] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  506.099207][ T9426] EXT4-fs (loop5): Ignoring removed orlov option
[  506.108366][ T9426] EXT4-fs (loop5): can't mount with both data=journal and dax
[  506.270907][ T9450] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  506.287431][ T9426] loop5: detected capacity change from 0 to 256
[  506.345770][ T9426] exfat: Deprecated parameter 'namecase'
[  506.560519][ T9426] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[  510.633162][ T9495] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  510.649958][ T9495] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  510.659000][ T9495] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  510.669676][ T9495] device bridge_slave_0 left promiscuous mode
[  510.676587][ T9495] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.745852][ T9495] team0: Port device team_slave_0 removed
[  510.771160][ T9495] team0: Port device team_slave_1 removed
[  510.801387][ T9495] device geneve0 left promiscuous mode
[  510.807866][ T9495] bridge0: port 2(geneve0) entered disabled state
[  511.291794][ T9498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  511.328973][ T9510] autofs4:pid:9510:autofs_fill_super: called with bogus options
[  514.325768][ T9533] device macsec0 entered promiscuous mode
[  516.708202][ T9620] autofs4:pid:9620:autofs_fill_super: called with bogus options
[  519.184644][ T9678] autofs4:pid:9678:autofs_fill_super: called with bogus options
[  526.474408][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  526.474426][   T26] audit: type=1326 audit(1745538419.211:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9755 comm="syz.0.1610" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f54090fc969 code=0x0
[  526.801124][ T9775] fuse: Bad value for 'fd'
[  527.614155][ T9792] loop4: detected capacity change from 0 to 32768
[  528.124494][ T9800] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  528.586500][ T9803] loop5: detected capacity change from 0 to 64
[  531.574093][ T9850] loop5: detected capacity change from 0 to 32768
[  534.839078][ T9883] xt_recent: Unsupported userspace flags (00000042)
[  535.020784][ T9883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1654'.
[  535.092161][ T9883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1654'.
[  535.547226][ T9883] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1654'.
[  536.401228][ T9898] loop5: detected capacity change from 0 to 128
[  536.890801][ T9898] EXT4-fs (loop5): Unrecognized mount option "fowner=00000000000000000000" or missing value
[  540.274626][ T9940] xt_recent: Unsupported userspace flags (00000042)
[  540.357141][ T9942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1672'.
[  540.472435][ T9942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1672'.
[  540.592037][ T9942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1672'.
[  541.307585][ T9966] loop4: detected capacity change from 0 to 128
[  541.786229][ T9966] EXT4-fs (loop4): Unrecognized mount option "fowner=00000000000000000000" or missing value
[  543.691757][ T9986] loop4: detected capacity change from 0 to 16
[  544.467903][ T9986] erofs: (device loop4): mounted with root inode @ nid 36.
[  545.441859][T10006] xt_recent: Unsupported userspace flags (00000042)
[  545.685390][T10011] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1690'.
[  545.694362][T10011] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1690'.
[  545.748452][T10011] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1690'.
[  545.981143][T10025] loop5: detected capacity change from 0 to 1024
[  548.105621][T10025] EXT4-fs (loop5): Ignoring removed bh option
[  548.111850][T10025] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  548.396838][T10025] EXT4-fs (loop5): mounted filesystem without journal. Opts: nojournal_checksum,delalloc,errors=remount-ro,norecovery,debug_want_extra_isize=0x0000000000000080,bh,mblk_io_submit,usrquota,noauto_da_alloc,. Quota mode: writeback.
[  552.717352][T10121] loop5: detected capacity change from 0 to 512
[  553.879682][T10121] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  553.969403][T10121] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  554.002646][T10121] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2219: inode #15: comm syz.5.1734: corrupted in-inode xattr
[  554.015816][T10121] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1734: couldn't read orphan inode 15 (err -117)
[  554.071572][T10121] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  554.635672][T10155] IPVS: ip_vs_add_dest(): server weight less than zero
[  554.978026][   T26] audit: type=1800 audit(1745538447.661:241): pid=10164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1734" name="file1" dev="loop5" ino=20 res=0 errno=0
[  556.631519][T10174] xt_CT: You must specify a L4 protocol and not use inversions on it
[  556.996821][T10183] loop4: detected capacity change from 0 to 256
[  558.087578][   T21] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  558.307427][   T21] usb 6-1: device descriptor read/64, error -71
[  558.607470][   T21] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  558.817637][   T21] usb 6-1: device descriptor read/64, error -71
[  558.970118][   T21] usb usb6-port1: attempt power cycle
[  559.012300][T10199] IPVS: ip_vs_add_dest(): server weight less than zero
[  559.371348][T10203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1760'.
[  559.415145][   T21] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  559.547826][   T21] usb 6-1: device descriptor read/8, error -71
[  559.965096][   T21] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  560.727445][   T21] usb 6-1: device descriptor read/8, error -71
[  560.847698][   T21] usb usb6-port1: unable to enumerate USB device
[  561.158563][T10234] IPVS: ip_vs_add_dest(): server weight less than zero
[  561.229734][T10227] loop4: detected capacity change from 0 to 8192
[  562.002148][T10247] overlayfs: failed to clone upperpath
[  563.035171][T10232] xt_CT: You must specify a L4 protocol and not use inversions on it
[  563.225470][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  563.231915][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  564.375753][T10268] IPVS: ip_vs_add_dest(): server weight less than zero
[  566.963379][T10326] xt_CT: You must specify a L4 protocol and not use inversions on it
[  568.034015][T10332] 9pnet_virtio: no channels available for device syz
[  569.619464][T10358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1813'.
[  572.000690][T10356] loop5: detected capacity change from 0 to 8192
[  573.457236][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  576.164373][T10417] overlayfs: failed to clone upperpath
[  577.756970][T10442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1844'.
[  577.835250][T10442] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  577.844694][T10442] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  577.853726][T10442] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  577.862520][T10442] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  577.907430][T10442] device vxlan0 entered promiscuous mode
[  577.913989][T10444] xt_hashlimit: size too large, truncated to 1048576
[  578.595793][    C1] bridge0: received packet on geneve0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  580.044147][T10484] 9pnet_virtio: no channels available for device syz
[  581.820049][T10517] overlayfs: failed to clone upperpath
[  584.967740][T10574] 9pnet_virtio: no channels available for device syz
[  589.303337][T10656] overlayfs: failed to clone upperpath
[  591.190236][T10690] overlayfs: failed to clone lowerpath
[  592.002143][T10702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1950'.
[  593.573013][T10693] loop5: detected capacity change from 0 to 32768
[  593.649406][T10693] ialloc: diAlloc returned -17!
[  595.037531][T10751] loop5: detected capacity change from 0 to 256
[  595.306884][T10751] FAT-fs (loop5): "posix" option is obsolete, not supported now
[  596.408325][T10784] 9pnet_virtio: no channels available for device syz
[  596.421416][T10784] overlayfs: unrecognized mount option "verity=require" or missing value
[  600.858843][T10843] overlayfs: failed to clone upperpath
[  602.177259][T10857] overlayfs: failed to clone lowerpath
[  605.091681][T10890] 9pnet_virtio: no channels available for device syz
[  605.274256][T10894] xt_hashlimit: size too large, truncated to 1048576
[  609.068078][T10954] 9pnet_virtio: no channels available for device syz
[  609.219116][T10968] 9pnet_virtio: no channels available for device syz
[  609.421022][T10991] overlayfs: failed to clone upperpath
[  609.445372][ T8388] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  609.707566][ T8388] usb 6-1: Using ep0 maxpacket: 8
[  609.719323][ T4181] ==================================================================
[  609.728387][ T4181] BUG: KASAN: slab-out-of-bounds in hci_le_meta_evt+0x11f1/0x3f50
[  609.736427][ T4181] Read of size 1 at addr ffff88807deccc02 by task kworker/u5:6/4181
[  609.744443][ T4181] 
[  609.746784][ T4181] CPU: 1 PID: 4181 Comm: kworker/u5:6 Not tainted 5.15.180-syzkaller #0
[  609.755145][ T4181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  609.765237][ T4181] Workqueue: hci4 hci_rx_work
[  609.770054][ T4181] Call Trace:
[  609.773360][ T4181]  <TASK>
[  609.776313][ T4181]  dump_stack_lvl+0x1e3/0x2d0
[  609.781168][ T4181]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  609.786839][ T4181]  ? _printk+0xd1/0x120
[  609.791231][ T4181]  ? __wake_up_klogd+0xcc/0x100
[  609.796123][ T4181]  ? panic+0x860/0x860
[  609.800225][ T4181]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  609.805722][ T4181]  print_address_description+0x63/0x3b0
[  609.811303][ T4181]  ? hci_le_meta_evt+0x11f1/0x3f50
[  609.816440][ T4181]  kasan_report+0x16b/0x1c0
[  609.820967][ T4181]  ? hci_le_meta_evt+0x11f1/0x3f50
[  609.826199][ T4181]  hci_le_meta_evt+0x11f1/0x3f50
[  609.831168][ T4181]  ? __lock_acquire+0x1ff0/0x1ff0
[  609.836246][ T4181]  ? hci_remote_host_features_evt+0x280/0x280
[  609.842378][ T4181]  ? __mutex_unlock_slowpath+0x218/0x750
[  609.848126][ T4181]  ? hci_event_packet+0x3b4/0x1550
[  609.853297][ T4181]  ? mutex_unlock+0x10/0x10
[  609.857843][ T4181]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  609.863970][ T4181]  ? print_irqtrace_events+0x210/0x210
[  609.869484][ T4181]  hci_event_packet+0xc41/0x1550
[  609.874818][ T4181]  ? rcu_lock_release+0x20/0x20
[  609.879722][ T4181]  ? hci_send_to_monitor+0x99/0x4d0
[  609.885241][ T4181]  hci_rx_work+0x237/0xa10
[  609.889801][ T4181]  process_one_work+0x8a1/0x10c0
[  609.894791][ T4181]  ? worker_detach_from_pool+0x260/0x260
[  609.900483][ T4181]  ? _raw_spin_lock_irqsave+0x120/0x120
[  609.906243][ T4181]  ? kthread_data+0x4e/0xc0
[  609.910798][ T4181]  ? wq_worker_running+0x97/0x170
[  609.915857][ T4181]  worker_thread+0xaca/0x1280
[  609.920595][ T4181]  kthread+0x3f6/0x4f0
[  609.924748][ T4181]  ? rcu_lock_release+0x20/0x20
[  609.929629][ T4181]  ? kthread_blkcg+0xd0/0xd0
[  609.934256][ T4181]  ret_from_fork+0x1f/0x30
[  609.938720][ T4181]  </TASK>
[  609.941775][ T4181] 
[  609.944153][ T4181] Allocated by task 11015:
[  609.948583][ T4181]  ____kasan_kmalloc+0xba/0xf0
[  609.953501][ T4181]  __kmalloc_node_track_caller+0x195/0x390
[  609.959332][ T4181]  __alloc_skb+0x12c/0x590
[  609.963786][ T4181]  vhci_write+0xbc/0x430
[  609.968049][ T4181]  vfs_write+0xacd/0xe50
[  609.972371][ T4181]  ksys_write+0x1a2/0x2c0
[  609.976722][ T4181]  do_syscall_64+0x3b/0x80
[  609.981251][ T4181]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  609.987163][ T4181] 
[  609.989504][ T4181] The buggy address belongs to the object at ffff88807decc800
[  609.989504][ T4181]  which belongs to the cache kmalloc-1k of size 1024
[  610.003578][ T4181] The buggy address is located 2 bytes to the right of
[  610.003578][ T4181]  1024-byte region [ffff88807decc800, ffff88807deccc00)
[  610.017315][ T4181] The buggy address belongs to the page:
[  610.023067][ T4181] page:ffffea0001f7b200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807decf000 pfn:0x7dec8
[  610.034765][ T4181] head:ffffea0001f7b200 order:3 compound_mapcount:0 compound_pincount:0
[  610.043145][ T4181] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  610.051579][ T4181] raw: 00fff00000010200 ffffea0001dc4800 0000000300000003 ffff888017441dc0
[  610.060281][ T4181] raw: ffff88807decf000 000000008010000e 00000001ffffffff 0000000000000000
[  610.068968][ T4181] page dumped because: kasan: bad access detected
[  610.075416][ T4181] page_owner tracks the page as allocated
[  610.081154][ T4181] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4168, ts 71584224096, free_ts 71311252875
[  610.100382][ T4181]  get_page_from_freelist+0x3b78/0x3d40
[  610.105965][ T4181]  __alloc_pages+0x272/0x700
[  610.110582][ T4181]  new_slab+0xbb/0x4b0
[  610.114675][ T4181]  ___slab_alloc+0x6f6/0xe10
[  610.119291][ T4181]  __kmalloc_node_track_caller+0x1f6/0x390
[  610.125126][ T4181]  __alloc_skb+0x12c/0x590
[  610.129576][ T4181]  rtmsg_fib+0x140/0x620
[  610.133850][ T4181]  fib_table_insert+0xfc0/0x1f90
[  610.138873][ T4181]  fib_magic+0x3d4/0x610
[  610.143143][ T4181]  fib_add_ifaddr+0x394/0x5e0
[  610.147844][ T4181]  fib_netdev_event+0x346/0x480
[  610.152714][ T4181]  raw_notifier_call_chain+0xd0/0x170
[  610.158118][ T4181]  __dev_notify_flags+0x1fd/0x3f0
[  610.163175][ T4181]  dev_change_flags+0xe7/0x190
[  610.167975][ T4181]  do_setlink+0xc26/0x3d80
[  610.172422][ T4181]  rtnl_newlink+0x17bf/0x2050
[  610.177130][ T4181] page last free stack trace:
[  610.181813][ T4181]  free_unref_page_prepare+0xc34/0xcf0
[  610.187295][ T4181]  free_unref_page+0x95/0x2d0
[  610.192000][ T4181]  __unfreeze_partials+0x1b7/0x210
[  610.197141][ T4181]  put_cpu_partial+0x132/0x1a0
[  610.201965][ T4181]  ___cache_free+0xe3/0x100
[  610.206493][ T4181]  qlist_free_all+0x36/0x90
[  610.211066][ T4181]  kasan_quarantine_reduce+0x162/0x180
[  610.216555][ T4181]  __kasan_slab_alloc+0x2f/0xc0
[  610.221435][ T4181]  slab_post_alloc_hook+0x53/0x380
[  610.226569][ T4181]  kmem_cache_alloc_trace+0xfb/0x290
[  610.231882][ T4181]  devlink_trap_groups_register+0x2e6/0x870
[  610.237810][ T4181]  nsim_dev_traps_init+0x23e/0x500
[  610.242953][ T4181]  nsim_dev_probe+0x61e/0x9f0
[  610.247818][ T4181]  really_probe+0x24e/0xb60
[  610.252352][ T4181]  __driver_probe_device+0x1a2/0x3d0
[  610.257685][ T4181]  driver_probe_device+0x50/0x420
[  610.262717][ T4181] 
[  610.265125][ T4181] Memory state around the buggy address:
[  610.270866][ T4181]  ffff88807deccb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  610.279068][ T4181]  ffff88807deccb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  610.287221][ T4181] >ffff88807deccc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  610.295293][ T4181]                    ^
[  610.299368][ T4181]  ffff88807deccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  610.307519][ T4181]  ffff88807deccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  610.315991][ T4181] ==================================================================
[  610.324061][ T4181] Disabling lock debugging due to kernel taint
[  610.335337][ T4181] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  610.342575][ T4181] CPU: 1 PID: 4181 Comm: kworker/u5:6 Tainted: G    B             5.15.180-syzkaller #0
[  610.352315][ T4181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  610.362415][ T4181] Workqueue: hci4 hci_rx_work
[  610.367146][ T4181] Call Trace:
[  610.370455][ T4181]  <TASK>
[  610.373430][ T4181]  dump_stack_lvl+0x1e3/0x2d0
[  610.378111][ T4181]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  610.383756][ T4181]  ? panic+0x860/0x860
[  610.387860][ T4181]  ? rcu_is_watching+0x11/0xa0
[  610.392637][ T4181]  ? preempt_schedule_common+0xa6/0xd0
[  610.398118][ T4181]  panic+0x318/0x860
[  610.402017][ T4181]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  610.408173][ T4181]  ? check_panic_on_warn+0x1d/0xa0
[  610.413283][ T4181]  ? fb_is_primary_device+0xd0/0xd0
[  610.418484][ T4181]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  610.424467][ T4181]  ? _raw_spin_unlock+0x40/0x40
[  610.429325][ T4181]  check_panic_on_warn+0x7e/0xa0
[  610.434353][ T4181]  ? hci_le_meta_evt+0x11f1/0x3f50
[  610.439468][ T4181]  end_report+0x6d/0xf0
[  610.443637][ T4181]  kasan_report+0x18e/0x1c0
[  610.448416][ T4181]  ? hci_le_meta_evt+0x11f1/0x3f50
[  610.453530][ T4181]  hci_le_meta_evt+0x11f1/0x3f50
[  610.458473][ T4181]  ? __lock_acquire+0x1ff0/0x1ff0
[  610.463650][ T4181]  ? hci_remote_host_features_evt+0x280/0x280
[  610.469903][ T4181]  ? __mutex_unlock_slowpath+0x218/0x750
[  610.475549][ T4181]  ? hci_event_packet+0x3b4/0x1550
[  610.480680][ T4181]  ? mutex_unlock+0x10/0x10
[  610.485189][ T4181]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  610.491198][ T4181]  ? print_irqtrace_events+0x210/0x210
[  610.496860][ T4181]  hci_event_packet+0xc41/0x1550
[  610.501815][ T4181]  ? rcu_lock_release+0x20/0x20
[  610.506678][ T4181]  ? hci_send_to_monitor+0x99/0x4d0
[  610.511886][ T4181]  hci_rx_work+0x237/0xa10
[  610.516314][ T4181]  process_one_work+0x8a1/0x10c0
[  610.521436][ T4181]  ? worker_detach_from_pool+0x260/0x260
[  610.527096][ T4181]  ? _raw_spin_lock_irqsave+0x120/0x120
[  610.532651][ T4181]  ? kthread_data+0x4e/0xc0
[  610.537289][ T4181]  ? wq_worker_running+0x97/0x170
[  610.542323][ T4181]  worker_thread+0xaca/0x1280
[  610.547029][ T4181]  kthread+0x3f6/0x4f0
[  610.551114][ T4181]  ? rcu_lock_release+0x20/0x20
[  610.555970][ T4181]  ? kthread_blkcg+0xd0/0xd0
[  610.560587][ T4181]  ret_from_fork+0x1f/0x30
[  610.565030][ T4181]  </TASK>
[  610.568317][ T4181] Kernel Offset: disabled
[  610.572660][ T4181] Rebooting in 86400 seconds..