last executing test programs:

13m42.159386254s ago: executing program 1 (id=1951):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)

13m40.027880416s ago: executing program 1 (id=1964):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})

13m37.772153347s ago: executing program 1 (id=1958):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
semget(0x3, 0x1, 0x202)
socket$inet6_sctp(0xa, 0x5, 0x84)

13m36.582311342s ago: executing program 1 (id=1960):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})

13m34.337271863s ago: executing program 1 (id=1963):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})

13m31.838925773s ago: executing program 1 (id=1968):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x455}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
iopl(0x3)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0)
syz_clone(0x26020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0xa, 0x4, 0x4, 0x2, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

13m16.00541182s ago: executing program 32 (id=1968):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x455}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
iopl(0x3)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0)
syz_clone(0x26020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0xa, 0x4, 0x4, 0x2, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

11m54.213957954s ago: executing program 2 (id=2150):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x7c45, &(0x7f0000000080)={0x0, 0x20, 0x13100, 0x0, 0xfffffffc}, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = syz_open_pts(r4, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x786d)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x3, 0x0, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})

11m50.250531919s ago: executing program 2 (id=2155):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x5, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x100000000}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@empty, 0x0, 0x0, 0x0, 0x4, 0xfffffffc}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

11m49.884187327s ago: executing program 0 (id=2158):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

11m45.72224015s ago: executing program 2 (id=2164):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

11m45.61103342s ago: executing program 0 (id=2165):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

11m43.639851132s ago: executing program 0 (id=2166):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x7c45, &(0x7f0000000080)={0x0, 0x20, 0x13100, 0x0, 0xfffffffc}, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = syz_open_pts(r4, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x786d)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x3, 0x0, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})

11m41.587534214s ago: executing program 2 (id=2168):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

11m41.153108232s ago: executing program 2 (id=2172):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x6, &(0x7f0000000000))
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

11m39.205902814s ago: executing program 0 (id=2175):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x5, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x100000000}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@empty, 0x0, 0x0, 0x0, 0x4, 0xfffffffc}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

11m38.603502032s ago: executing program 2 (id=2176):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})

11m25.966614002s ago: executing program 0 (id=2191):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x6, &(0x7f0000000000))
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))

11m22.257249877s ago: executing program 33 (id=2176):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000011a, 0x44000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x22100, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000004c0)={0x400, 0x300, 0x300, 0x960, 0xffffffff, 0x0, 0xcb1c552c0402932, 0x2000000, {}, {0x0, 0x0, 0x2}, {0xf7ffffff, 0x4}, {0x0, 0x0, 0x8}, 0x2, 0x100, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, 0x20, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xc})

11m22.249143987s ago: executing program 0 (id=2196):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x5, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x100000000}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@empty, 0x0, 0x0, 0x0, 0x4, 0xfffffffc}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

11m6.677149805s ago: executing program 34 (id=2196):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x5, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x100000000}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@empty, 0x0, 0x0, 0x0, 0x4, 0xfffffffc}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

10m16.605509266s ago: executing program 5 (id=2270):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

10m14.071255756s ago: executing program 5 (id=2274):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x8000000000000001)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x4004, <r5=>r3})
mmap$dsp(&(0x7f0000fff000/0x1000)=nil, 0x1002, 0x0, 0x11, r5, 0x2000)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x180, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x32)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2810880, &(0x7f0000000300)=ANY=[], 0x8b, 0x28e, &(0x7f0000000680)="$eJzs3U1r1EAcx/HfJNt1a2tNbUUQD1IteJK2XsRLQYqvwZOo3RWKSwWtoF4snsUX4N2LL8AX4UkEz3ry5AvoLTKzSXeiedi2dsel3w/sGpN5+E+STeYfKBGAE+v2xvcPN37aj5FixZJuSZHddFktSed1ofN8e2drp9/r1jUUSx25j5FcTfNXmc3tXllVW8/VyCT2fy3N+utwPNI0TX+EDgIhdbJ/47KNkXQq+3XGfuFJtxs6gMDMnvb0QnOh4wAAhGUG9/cou8/PZvP3KJKWs9u+f///diZwvEe1FzqAwLz7v8uyUmOP71m3aZjvuRTObo/yLPGg/djJY1uDM6swwTRNWaWLJZp+tNXvXd980u9GeqP1jFdsUdK6ulnOmmmIdqkkNy1qa/TWasy4MUzZMaxVxL9Q1unhe2xmPpsv5p5J9F7d/flfKzW2exdBsn+k7kwN41+pbtGNMhmUqhjlvOvkYnHH1o4yrspIlO+peRUfECTFONultdr6o9ZgdKvVo3PtLJTWWmuotWhrffRqDc/m6prHzbwzd82SfumTNrz5f2T39rJG+WXaMq5kdmbk4ynNDVuuZOKv2r1U2mZ0uPHgUN7qoW5q7tnLV48f9Pu9pyycoIX8JPhf4vl3C63x9NU+8q7r6ECFpboy+aVzhAbzi3Rjp2EuSxiv4UGvLvN6nAFh3OzFwwzyPy9fWXEpkv1KaubpadO0zWtxtSI3OOe+T3stmez5fHUGNFOdwY2ac125Jl31VjbkXImNc7p2rJPEbOir7vP8HwAAAAAAAAAAAAAAAAAAYNKM428zQo8RAAAAAAAAAAAAAAAAAAAAAIBJV/3+346O8f2/hZfp8P5fIIzfAQAA///stXSM")

10m13.027155281s ago: executing program 5 (id=2275):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x5, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x100000000}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@empty, 0x0, 0x0, 0x0, 0x4, 0xfffffffc}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

10m11.456496245s ago: executing program 5 (id=2279):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x8000000000000001)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x4004, <r5=>r3})
mmap$dsp(&(0x7f0000fff000/0x1000)=nil, 0x1002, 0x0, 0x11, r5, 0x2000)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x180, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x32)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2810880, &(0x7f0000000300)=ANY=[], 0x8b, 0x28e, &(0x7f0000000680)="$eJzs3U1r1EAcx/HfJNt1a2tNbUUQD1IteJK2XsRLQYqvwZOo3RWKSwWtoF4snsUX4N2LL8AX4UkEz3ry5AvoLTKzSXeiedi2dsel3w/sGpN5+E+STeYfKBGAE+v2xvcPN37aj5FixZJuSZHddFktSed1ofN8e2drp9/r1jUUSx25j5FcTfNXmc3tXllVW8/VyCT2fy3N+utwPNI0TX+EDgIhdbJ/47KNkXQq+3XGfuFJtxs6gMDMnvb0QnOh4wAAhGUG9/cou8/PZvP3KJKWs9u+f///diZwvEe1FzqAwLz7v8uyUmOP71m3aZjvuRTObo/yLPGg/djJY1uDM6swwTRNWaWLJZp+tNXvXd980u9GeqP1jFdsUdK6ulnOmmmIdqkkNy1qa/TWasy4MUzZMaxVxL9Q1unhe2xmPpsv5p5J9F7d/flfKzW2exdBsn+k7kwN41+pbtGNMhmUqhjlvOvkYnHH1o4yrspIlO+peRUfECTFONultdr6o9ZgdKvVo3PtLJTWWmuotWhrffRqDc/m6prHzbwzd82SfumTNrz5f2T39rJG+WXaMq5kdmbk4ynNDVuuZOKv2r1U2mZ0uPHgUN7qoW5q7tnLV48f9Pu9pyycoIX8JPhf4vl3C63x9NU+8q7r6ECFpboy+aVzhAbzi3Rjp2EuSxiv4UGvLvN6nAFh3OzFwwzyPy9fWXEpkv1KaubpadO0zWtxtSI3OOe+T3stmez5fHUGNFOdwY2ac125Jl31VjbkXImNc7p2rJPEbOir7vP8HwAAAAAAAAAAAAAAAAAAYNKM428zQo8RAAAAAAAAAAAAAAAAAAAAAIBJV/3+346O8f2/hZfp8P5fIIzfAQAA///stXSM")

10m8.619150494s ago: executing program 5 (id=2283):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

10m5.792981413s ago: executing program 5 (id=2290):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

9m48.978970306s ago: executing program 35 (id=2290):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

8m25.062724492s ago: executing program 7 (id=2496):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

8m20.322325873s ago: executing program 7 (id=2510):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

8m17.737429512s ago: executing program 7 (id=2505):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/stat\x00')
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1}, 0x18)
socket(0x848000000015, 0x805, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0x40505330, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0x40186f40, 0x20000502)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)

8m13.160079224s ago: executing program 7 (id=2515):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

8m9.802646041s ago: executing program 7 (id=2519):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000c00060003000000000000000c0002000000000000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYRES32=r2, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYRES32], 0x90}}, 0x0)

8m3.576396626s ago: executing program 7 (id=2537):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xc, 0x4, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, 0x0, &(0x7f0000000100), 0x6c7, r0}, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
close(0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

7m44.50710355s ago: executing program 36 (id=2537):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xc, 0x4, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, 0x0, &(0x7f0000000100), 0x6c7, r0}, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
close(0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

27.33354626s ago: executing program 9 (id=3412):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth0\x00', &(0x7f00000001c0)=@ethtool_gfeatures})
write$binfmt_script(r0, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000100)={'veth0_vlan\x00', 0x0})

27.212353269s ago: executing program 9 (id=3417):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

27.029650318s ago: executing program 9 (id=3421):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d"], 0xffdd)

23.515350424s ago: executing program 9 (id=3444):
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x8, 0x800)
fanotify_mark(r1, 0x105, 0x4800003a, r0, 0x0)
creat(&(0x7f0000003d80)='./file0\x00', 0xb0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x8100, 0x0)

22.981771092s ago: executing program 9 (id=3449):
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x3, 0x7a6, &(0x7f0000000a80)="$eJzs3U9sHGcVAPA3Jk5SV4qqgkoUpekkKVIiUnd3nbpYPZTteuxMu961dtcoEUJt1DiVFaetWlXQHCi5tIBAiBPH0mvVCzcQEkgcgBMSPXDhgFSpJ1QQCARCSEEzu47/2/ljJ235/azuNzv75pv3zW7n7Wx2ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiKQxWalUk2jmrbmz6eYak532zBaPL/X3y1XNFuuNSIr/Yv/+ONifdfBzyw8/UNwci8P9e4djf9Hsjyv3PnDfE5/dM7S0/BYJ3aqjNxiXRHyrSOrS+cXF+Vd2IZE76Ls/v+lF/n2tuJ3OWnm3nc/Up7M077bTifHxyqNnprrpVN7Muue6vWwmbXSyeq/d2Tt4ZsfSbPRce641PVlvZumJxsm0OjHx+CO1SmU8fXp0Nqt3uu3Wo0+Pdhtn8mYzb02XMbXK16OIebx4IT6T99JeVp9J04sLi/Nj26VaBFVXzdm36oVz+OH7Pnztg78vzBcvyM06SQbp16rVWq06/tjEY49XKntqldrqGZU14npEDEUUEbvyouUTZGd23LADhgb1P5qRRyvm4mykkcZQebv8NxyNmIxOtGOmuP+H4TWPr6v/X3j0L7/bar0r6/9SlT+4/PChKOv/kf69I5vV/3VZ3P7f6QOb9dp6r5/NynmvxutxJS7F+ViMxZiPV3Yhox39G9rZ/qYji1bk0Y125DET9XJOOpiTxkSMx3hU4tk4E1PRjTSmIo9mZNGNc9GNXmTlK6oRnciiHr1oRyfSOBGNOBlpVGMiJmIs0shiNM5FO+aiFdMxGfWyl4uxUG73sTV5PfDN5372wu8/fLuYvh5U3WIgSfFmrgj62xZB68r9TdT/pQj1/9Nm/2CfdaPxO7n7httyraz/e+52GgAAAMAuSspP35OIGI4Hy6mpvJl99W6nBQAAAOyg8nvNh4tmuJh6MJLi+L+yQeT7dzw3AAAAYGck5Tl2SUSMxEP9qaXTpTb6EAAAAAD4BCr//f9I0YxEvFHOcPwPAAAAnzLf3uwa+x/sHVxjtzu7L/nFX6PTGU6uzp59OLlcL+Lqlz/TX27QfOV6j72pQ8mBQSdlM77nyr1JROxpZIeTpatf/ndfv/2ovD20fAHCza71n2yTQGydQHkvvhdH+zFHL/TbC0uP9NcyMpU3s9FGu/lENRl8ONJ77cWFb0Q5/O+0Zg4kcXFhcX70+ZcWL5S5XC16uXp5cHn45CZyuTbYAvHgxiMeLk/EGKx3pL/eysrxD/UXH9p6ncnKdb4Zx/oxx0b67cjq8e8v1lkdfaIa9fqBoV52tvfatRWjH2RRvc2RvxnH+zHHTxzvNxtkUVuVxYvrs6itzGLttvjH0G1l8fbRN87+89ftJBvbLouxrbK4gW0BcLf0r/qzXIXuKavQf671FfV/Td29Z2nJm9nLXVx+l7G0/Ipatyd2prq/GSf6MSf67yf2HNqgrlQ22KO/vPDybwZ79NPv/ujHXzvy25/cenV7N072YwZN3P+rTWpsMebvr6mq7xRLvLPpervNWhLD/d8+KFx5ZOHy+RfmX5h/sVYbG6+crlQeq8Vw+VZh0Kg9AGxg+9/Y2TYiOb3NUfX9179SMBrPx0uxGBfiVHm2QUQ8tHGvIyu+hnBqm6PWkRW/8HJqm2PL5dja2th9x5PYJHZsxRb7/A/L5l+795wAwG47tk0dvpH6f2qb4+7Vtfxk/4dzl46OY/NavpEv7fYGAYD/A1nno2Sk91bS6eSzz1YnJqr13pks7bQbz6SdfHI6S/NWL+s0ztRb01k622n32o2lD44ns27anZudbXd66VS7k862u/nZ8pff08FPv3ezmXqrlze6s82s3s3SRrvVqzd66WTebaSzc0818+6ZrFMu3J3NGvlU3qj38nYr7bbnOo1sNE27WbYiMJ/MWr18Ki8mW+lsJ5+pd65GRHNuJksns26jk8/22v0Ol9aVt6banZmy29H1w//znd7eAPBx8OrrVy6dX1ycf+XWJv54I8F3e4wAwGqqNAAAAAAAAAAAAAAAfPytP12vmHtTJwIOxy2fPvjqvridsw8/NRNLz8aVL743mNiBnm+nn3tWPad7B+nd/Q110xPPPfnkpc1innrj4Jk/ZRHb97Px/ykbner61oGIvT/9QX/Ol+/USN+PGxnFuolryRYxd2NvBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb+18AAAD//zDnU/I=")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x48, 0x0, 0x328)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)

22.709220491s ago: executing program 9 (id=3452):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lstat(&(0x7f0000000100)='./file0\x00', 0x0)
fadvise64(r0, 0xaa1f, 0xff39, 0x3)

7.60685015s ago: executing program 37 (id=3452):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lstat(&(0x7f0000000100)='./file0\x00', 0x0)
fadvise64(r0, 0xaa1f, 0xff39, 0x3)

5.278767411s ago: executing program 3 (id=3600):
syz_emit_ethernet(0x4a, &(0x7f0000000840)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6000000000140600fc020000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRESDEC=0x0, @ANYRESHEX, @ANYRESDEC=0x0], 0x0)
socket(0x10, 0x80002, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x200008d1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
syz_open_procfs(r0, &(0x7f0000000180)='net/sco\x00')
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, &(0x7f0000000300)=""/210, &(0x7f00000000c0)=0xd2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r3 = syz_open_procfs(0x0, 0x0)
r4 = syz_open_procfs$userns(0x0, &(0x7f00000007c0))
mount_setattr(0xffffffffffffffff, 0x0, 0x1900, &(0x7f0000000800)={0x10000a, 0x88, 0x40000, {r4}}, 0x20)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, 0x0, &(0x7f0000000240)="f0ea9994561254d29828f2c27993ca73b0f1e379dbcf292a7ee31ffd62c80002df3c92946c2730fdde0bc838dbd4ed8d", &(0x7f0000000400)="6f1d3e338a52c5b1010cebb6a65fbab06d40613b13dfc3b079fa09e889e10e1a6d6600e78dc393765e0b4aad4b4b7bacd6c4257e5ff267fa700421d02de89b6326044f40bec4ad6ae57e8c95da0f503c7f2a990a22cd129be81e79573f1b159fb52ad8a1c25bf8140b8bb6b978e5e3aeece92e8fb9")
read$msr(r3, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000000080)=0x5, 0x4)
sendmmsg$inet6(r5, &(0x7f0000000c80)=[{{&(0x7f0000000580)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x40000cc, 0xc000)

5.13609262s ago: executing program 8 (id=3603):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000740)={0x44, 0x0, &(0x7f00000005c0)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)

4.436460368s ago: executing program 3 (id=3604):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000080)={0xb, {'syz0\x00', 'syz0\x00', 'syz1\x00', 0x2, 0x9, 0x267f, 0x10, 0xd, 0x5, "8a6e"}}, 0x11a)
write$UHID_INPUT2(r0, &(0x7f0000000280), 0x6)

4.061844146s ago: executing program 4 (id=3606):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000040)=0x6, 0x4)
preadv(0xffffffffffffffff, &(0x7f0000000dc0)=[{&(0x7f0000000000)=""/72, 0x48}], 0x1, 0x2000000, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000740)=[{{&(0x7f0000000100)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x300, 0x0)

3.973426826s ago: executing program 3 (id=3607):
socket$inet6(0xa, 0x2, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000400), &(0x7f0000002380)='./file1\x00', 0x380cc52, &(0x7f0000000480)=ANY=[], 0x3, 0x9bf, &(0x7f0000001640)="$eJzs3c9vHOX9B/D3+EdiDAoB8uWbIiCb0ICB1LGdEhpxaWKvk6X+UdmORFRVhJKkimKVCloJUKWmUtVTUXuoeqA3jj0hcYFLlVv7F/RQqeJfQD1FPXSrmV3HNvZ67dSxTXi9rPXOj888z+fZmZ1HHu/OE77Kms1m9bjL+Yt/3slk2XvOTXz+0ccflI9f3cy+9OaX+TQZSFJL+pIcTvrHJ+Zmp7sUdCO5nORWUiTZn9bzplxO8bs8tDx/K8WfynorF++yYWxKk6+13T7+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyrGJ0ZGRotMNWYuvlbrrBoCvNPKnuXyPqtG/S4+61pvUpSPDAwsDfV9+NDy6sfLX8fyZGvuyWpA8gzk/QcfP/jKY309S9tvkPBW/Kc9GPKWN3znvfdvvLG4ePXtbUrkq+Z8faYxP9uYPnu+XmvMz9bOnD49cvLC5HxtsjFVn780v1Cfro3P1c8uzM7Vhsafr42eOXOqVh++NHtx5vzE8FR9aeHL3xobGTlde3X4+/Wzc/OzMydfHZ4fv9CYmmrMnK9iytVlzMvlgfi9xkJtoX52ula7dn3x6qlVGa1zSJRBo91aUgaNdYnJ2MjY2Ojo2Njo6ZfOvPTyyEjf8oLeVAtGvmTtJncO2vKI3tKLzV72Yc9mI7f3BA7/g552/5+pNDKTi3kttXV/xjORucxmusP6tqX+//jJ+ob1ruz/l3r5w8urn0jV/z/dmnu6U//fIZed+3kn7+X93MgbWcxirubtVWv330WJzebut2rzP+dTz0wamc9sGpnO2WpJrb2kljM5ndMZyeu5kMnMp5bJNDKVeuZzKfNZSL06osYzl3rOZqGv3NG1DGU8z6eW0ZzJmZxKLfUM51JmczEzOZ+JnK1KuZbr1et+aoMc7wSNbiZobIOgDfr/9oIt9P98Td2DszjcnWa7/9/XPXRofCcSAgAAALbdN/6WA4ce/es/k/48VV1jBwAAAO431cf1niyf+supp1JMNqbqI7udFgAAALCNiuo7dkWSwRxpTS19E8pFAAAAALhPVP//f7p8GiynjqTw9z8AAADcb7rfY79rRHEitdwsV9WutCKvtCPa9/kdnGxM1YfHZ6deGc2z1V0Gqm8arCmtNweT6usHL+RoK+roYOt5cHWJA2XU6PAroxnIsXZDhp4pn54ZWidyrIx8Ic+1Ip9bihzImshTZSQA3O+ObdAfb7b/fyEnWhEnnqhu3973xDp98IieFQD2iu5j7HSNKL69NPxPh7//H821I62PFAznzbyVxVzJierbBtUnDtql5laR5VIHV3wM4USXqwGDK0Z4ObF0PeDIQ+teDxhcMdDLiTVXBDrFntqBPQEAO+fYmn54g/6/2WxNrbn+v/Hf/4M+UggAe8qdEezv4cRutxEAWO2ueunee5gQAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Ad24v7/e3LiZpI9kIaJezsxsDNH+A/3JXulyds0sdtnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHZCkfSut7wn2Z/0jSQ5ufNZ3Ts3dzuBXVbczu28mwO7nQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP2mff//nrSeH2wtSl9PcjzJ5SQ/2O0ct9Pt3U5gl624/3+5z9Ms0tfa7Sn6xyfmZqfL3Z/95frPP/r4g/JxN/WUBZQ1rBpcol1D560eqbYanLj6zo2fvfXT2sS5KslzC5NTE9Pn5767HPh48UlSS+uxZCnfXxTto3h1yz8pW7q5eiereifW1vv/6219p97jf/l957YtW07j+uLVsbKmhfprCz//yfV3VwQ9mqPJM0PJ0Oqaflw+OtR0NP0b1Vt8UfymOJA/5nK1/8s0imZR7qKHq/Y/cO364tXhN99avNIhp4M5kuRKMrD5nI6s3RNLqqOup7+sdaQKKn8d6lLehh7sPdBstkocXb8NDzxSHTKDW2pDrXMbKl1e93YbT3V4VR/Ls1ve0892qbHt382W1lzxRfGP4kL+nl+vGP+jp9z/x7OZd2cZU0WuOFI6t/n4csvHVq54/cuRHd+V3AO/zY/ynTv7v2fF+b+9r3bmfLSixnv2vihavVBbNX3oSz1S++zTKct2nodaUR3y/L+8uHa7Lnm+2OWMsk3v/9WKL4oPi6H8KzeN/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOx9RdK73vKe5HiSg0keLudrSXM76usZLLajmE3at2bJzR2sfe/ouTNV3M7tvJsDu5oOAAAAAAAAANvm3MTnH338Qfmo/h/fm28WnyYDrf/09yU5WPyhf3xibna6S0H9yeUkt8rpga3lUG6Xh5bnb5Vzh7feFgBgc/4bAAD//7Y4dyw=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

3.845028125s ago: executing program 8 (id=3609):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x4c, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="fe"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x1c, 0x51, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "436d9bb9c5e13fcd62bca7f88d"}]}]}]}, 0x4c}}, 0x40080)

3.722497805s ago: executing program 4 (id=3610):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x1}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x50}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.526554614s ago: executing program 3 (id=3611):
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000bb, &(0x7f0000000680)=ANY=[@ANYBLOB="1800ed0000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bea100000000000007010000f8ffffffb702000008bb547c9c7ed8476f69ec71c6f7ae6033959e45f2b7b745e516015f845bc1d44f2d0d0375859855bc805f5d8aac1d2245eddf985cac6b71b917e813ec09cbcf76c57149dcb3caf1a818635e66154fa40704eb5fff002b53277a961763763ab1f6fd965b398ef36bb0e9e8923cd24021fd3a2778"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x8, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x106}, 0x0, 0x0, 0x4, 0xf, 0x1})
msgsnd(0x0, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x2, 0x3000)
msgctl$IPC_RMID(0x0, 0x0)

3.440655104s ago: executing program 8 (id=3612):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x300001a, &(0x7f0000000b80)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c5fb5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d42", @ANYRES32=0x0], 0xfc, 0x2b5, &(0x7f00000001c0)="$eJzs3U9rK1UUAPAz+dc8XSSIG0VwQBeuyqtbN43yBLErJYK6MfhakKQUWghYwdpVP4FL8Wu4defabyC4Fdy1i8rIZGaaxCZttP/A/n6b3t57z52TOUOyyskXr+0On+8lcXz6W7TbSdQ2YzPOkuhGLSrfRSMAgP+PsyyLP7OIaBb/JytHNmp3lxUAcJeKz//CQ+cCANyPjz/97MPe1tazj9K0Ha90Tsb9JCJ2T8b9Yr23E1/FKLbjaXTiPCK7UIzf/2DrWTTSXDfe3D0a98dz5/f+iCeT+I3oRHdx/EZaKOP7EfnfZrwQafR2mtVRnXh5cfzbC+Kj34q33pjJfz068euXsRejeB557DT+2400fS/7/vSbz/PL5PFJLfprk31TWf1+KgIAAAAAAAAAAAAAAAAAAAAAwGOwnqZJ0b5n0r8nnyr779TPJ+vraaU735+niL/oF1z0B8qibNFzlMUPVX+dp2maZuXGaXwjXm34YQEAAAAAAAAAAAAAAAAAAADIHXx9OByMRtv7Nx7Uh4NR1Q2g+lr/fz1wc2bm9TgcDurLD1xb/Vqz3QbyXK/cHI1G3MJtuX4QPz/J81my58cy339/8tq0uJ+U4VVhbvVVvPTuRYZpuVTd5OEgue5a7apwP80utWLlNJJkbmZS29H2fjZ5JM6z+Zq2l9zM1i3cjfwZbb24cOmvLMtWO+ed34salTPJpMXGamk0y8HSp6V9uRa/LD9w6VtG/abvOQAAAAAAAAAAAAAAAAAAwGLzX5z+h+MrQ2t3lhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LPp7/9Xg3ZEzM9cGhyVwVftKQet2D944JcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/B3AAAA//+VpEaB")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'lo\x00'})

3.129811313s ago: executing program 8 (id=3615):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000700000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f00000005c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1008, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYRES32, @ANYBLOB="0100"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x74}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
dup3(r3, r4, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)

3.069889702s ago: executing program 3 (id=3616):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000080)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

2.954525622s ago: executing program 3 (id=3617):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x12, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff070067060000b3ffffff070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, 0x0, 0x0)
syz_clone(0x800, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
syz_usb_connect(0x0, 0x46, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ab004e4099040210d7df010203010902340001000000000904d80002ca306f00090500000000000000080ba58b5893bb2a090500000000000000080b"], 0x0)

2.869386972s ago: executing program 4 (id=3619):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0200000004000000080000001f"], 0x50)
unshare(0x2c020400)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2.031042398s ago: executing program 8 (id=3620):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000001800)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f6465636f6d706f73652c756d61736b3d30303030303030303030303030303030303030303030312c626172726965722c666f7263652c756d61736b3d30303030303030303030303030303030303030303030352c63726561746f723da856fcd62c6e6c733d64656661756c742c6e6f626172726965722c6465636f6d706f73652c009d2e2b695cd5a60a033a91b76f1e78fc006feff5cc20588063317faf1013306fff31705680efc8b7ce3229449f666b5d724bda2559041d08fae7558376a8e700cfb1e78a180ce20032bd01a4c454caf611c2ce4e6ac72d2bd3fe868d520c49c3529f466b7ab72bc9cbfde90b34882fd7388727b7f99f8ef5b053879ab788d1bd835d239cd1fb9513b7d5a31b1a06f2b29a8b1746b01feeb2b50e1736c362f90f1e3a649241dd090b546231bbc40ccc6debfb"], 0xfc, 0x6e0, &(0x7f0000000580)="$eJzs3c1vHGcdB/Dv7K7fUtE4bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGiubtLJdcCME4f3aQ/+A9pAbJyTuQeUMFwRHi1MlRC+cfFs0s7Prje111nESx/D5VLPzzDzvv52Z3dnUmgD/txbOpnU/RRbOvrlebm/cm29v3JufqLPbScp0I2l1VyluJ8XHyeV0l3y23FmXL4b188Hyxe/9/T8bn3S3WvVSlW/srPfzTpIvjD6Lu/WS00ma9XqnsW3bE8nkw9u7OrS9fit9u8+/6OeUATvTCxwcts4Od/dTfej5DhwdRb7xmd32TyfH0v2YrD7n6qtD4+mO7vHb11UOAAAADtnCv0/N7af8VL0+vpnNrB/523gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qoqk2V1VS6OXPp2i9/z/8Xpf6vSRdv+wBwAAAAAAAAAAO4w9sDWeZKK3cWn3Gp/fzGbW83xvu1NU/+b/WrVxsnp9Lu9mNUtZybmsZzFrWctKZpNMD3a2vri2tjI7Qs25XWvOPTiu5mgTnhytGAAAAAAAAAD8z/tlFrb+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRdLsrqrlZC89nUYryWSS8bLc3eSvvfQRUey28/7THwcAAAAcyOQj1Dm+mc2s5/nedqeo7vlfqu6XJ/Nubmcty1lLO0u5Vt9Dl3f9jY178+2Ne/O3yuXAQ69aTPe3h917fqUqMZXrWa72nMvVajDX0qhqlv6Z5FZvTDvH9YtPy7Yvdf1kxJFdq9dlZ+/3fkWYOPCEH4PppNXIWD8iM9XYugfBicEo7IzENz8d1ujl7qq1vacM9jSbRv+Xn5PdHsrkQ2N+acSZHavX5Xx+O+yXm8dtcqvTu0ML9SPRSBWJuYGj76W9Y5588Y+/f/9G+/bNG9dXzz6VKT1J24+J+YFIvDxCJH7wzEaitXd2Y/uOmWrnqd7mR88l+X7O5nSuZCXL+XEWs5alFPVMF+vjuXyd3jtSlx/YujJkAH3j9fvSrMv1x5SFfGfXMZ3Ot6vUYl6r6j6f5RR5O9eylDeq/+Yym6/mQi7k4sA7fGrouKu5VWd9Y39n/Zkv1YmpJL+r14ete1Eo43piIK6D19zpKm9rz9hAlF7Y+93deW18+JRbn6sTZR+/2vNoeNq2R2J2IBIv7h2Jjzrl62r79s2VG4vv7PLp2inGqvXfziSdTnff63VeecT95uFff/500Pk9xMB1rDxeXshkfSU5kbHu0Jq9vBf7V5kqXuOD9U728x78xB3PZHk+N7o9dc/U7w49U8fr73A7W5qr8l7eNW++yntlIG/w+1bydtr970MAPMOOffnY+NS/pv4y9eHUr6duTL05+a2Jr028Op6xP499vTXTfL3xavGHfJifbd3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj271vTs3F9vtpZXdE43m0KwhiXTu3FzsPcln1FpZLeon6eyrr8NK9B/584yM54kkih17yhk/ni56Tz7aX62ZnUfU5cMM1D/2WyuTA1NuDi18rE50jnejtK8uprcfmcmQwhPdYDaHnKf1W/QoDxcFjoTza7feOb/63p2vLN9afGvpraXbYxcuXJy5eOGN+fPXl9tLM93Xwx4l8CRsfW8HAAAAAAAAAAAAjooR/67gyg9/VP0fgo/09xKHPUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaFs4m9b9FJmdOTdTbm/cm2+XSy+9VbKVpNFIip8mxcfJ5XSXTA80Vwzr54Pli80kn2y11eqVb+xRrzMx0izu1ktOJ2nW6wN4oL2rB26v6M+wDNiZXuDgsP03AAD//9ev6fg=")
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa4)

2.030459498s ago: executing program 6 (id=3621):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000000)="0000d76093fb63c3bd", 0x9, 0x800, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10)

1.954591148s ago: executing program 4 (id=3622):
syz_mount_image$ext4(&(0x7f0000000880)='ext3\x00', &(0x7f0000000040)='.\x02\x00', 0x21000e, &(0x7f0000000000)={[{@errors_remount}]}, 0x1, 0x538, &(0x7f0000001900)="$eJzs3c1vI2cZAPBnnHhJuilJgUOp1LKiRbsVrL1paBtxaLsCcasAlfsSJd4oihOvYqddW1WVigNHJISgEidOXJD4A5BQ/wRUqRK9I0CgCrZw4AAMmvF4P9xxNtHacZT8ftLY77zz8TyvHdvvfGQmgHPrUkS8FhEzEfF8RCwW9ZViiIP+kM33yZ2317Mhm/LG35NIirqIvHjXxWKxuf5TqXa3t73WbDb2ivF6Z+dWvd3tXd3aWdtsbDZ2V1aWX1p9efXF1WtjaWfWrle+9Zef/fhX337ld1976483/nblnSzpbxbTi3aM3Uf5YzV7Le6ajYi9SQSbgpmiPdVpJwIAwJFkffzPRcSX8/7/YszkvbnccJdu7uSzAwAAAMYhfXUh/pNEpOlg8z4FAAAAzphXI2IhkkqtOBdgISqVWq1/Du8X4rFKs9XufPVma393I5sWsRTVys2tZuNacU7tUlSTbHw5L98bf2FofCUinoiIny7O5+O19VZzY8r7PgAAAOC8uDi0/f+vg/72PwAAAHDGLE07AQAAAGDiRm3/JyecBwAAADA5jv8DAADAmfbd11/PhnRw/+uNN7v72603r2402tu1nf312npr71Zts9XazK/Zt/Ow9TVbrVtfj9392/VOo92pt7u9Gzut/d3OjS33DwQAAIBpeeJL73+URMTBN+bzIXMhe5gZsYBzBeDMqBxn5j9PLg/g5I36mQfOvtlpJwBMz8HxF7k0iTyAqXngUh8lnYL7T955YJ/B7yeXEwAAMF6Xv1h+/D/bBKhOOzlgoo51/B84Uxz/h/PrmMf/P5hUHsDJq+oBwLn3sFt9lF68Y37E8f8LZTOn6aHrAgAAJm4hH5JKrTgWuBCVSq0W8Xj+r/7V5OZWs3EtIj4bEX9YrH4mG1/Ol0zcHhAAAAAAAAAAAAAAAAAAAAAAAAAAjihNk0gBAACAMy2i8tekuP/X5cXnFob3D1xI/r0YxS293vrFGz+/vdbp7C1n9f+4W995r6h/YRp7MAAAAIBhg+30wXY8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIzTJ3feXh8MJxn34+vxnVgqiz8bc/nzXFQj4rF/JjF733JJRMyMIf7BuxHxZFn8JEsrlooshuNXImJ+/PGr96bcjf90mqal8S+OIT6cZ+9fj4jXyj7/lbiUP5d//meL4VF9fD3/kJfGH3z/zYz4/nv8iDGe+vA39ZHx3414arb8+28QPxkR/9myFZa8KD/4fq/3qcr+yiP9ZcTl0t+f5IFY9c7OrXq727u6tbO22dhs7K6sLL+0+vLqi6vX6je3mo3isbSNP3n6t/8bqvpv2pe3Pz4d/0fRf1sObf9zWeG+b+xIh8MUwT68fefz/WJ1aBV5/CvPlr//Tx4SP/ub+ErxO5BNvzwoH/TL93vm1x88U5pYEX9jxOv/sPf/yqiVDnn+ez/80xFnBQBOQLvb215rNht7RyrMH2fmbm87TSMGNe+laXrMxRVOsDDo3U0sxNxpaekpKGR961OQxqjCOPZsAQAAp829Tv+RF3lnogkBAAAAAAAAAAAAAAAAAADAOdTuRuXw64GlacSjXU5sOObBdJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCo/wcAAP//wojTbg==")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x1)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000080)=0xffffffff)

1.805681017s ago: executing program 6 (id=3623):
socket$inet6(0xa, 0x2, 0x0)
prctl$PR_PAC_RESET_KEYS(0x36, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
prlimit64(r0, 0x3, &(0x7f0000000000)={0x8, 0x2}, 0x0)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

1.796279647s ago: executing program 8 (id=3624):
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000824020100000000092402020000000000090585da20"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0xa8380)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000100)={0x2, 0x6, 0x2, 0x8, '\x00', 0x1})

1.628178526s ago: executing program 4 (id=3625):
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x7, 0x0, &(0x7f00000003c0))

1.217684675s ago: executing program 4 (id=3626):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, 0x0, 0x0)
read(r0, &(0x7f0000000100)=""/97, 0x61)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x8001}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r6 = socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x5452, &(0x7f0000000380)={'gre0\x00', 0x0})
recvmsg(r6, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000440)=""/103, 0x67}], 0x1}, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x0, 0x0, "a0aad30a8b1350f2461250f9e5b2fc536fd0861c38349b6f6ad8c6f78a18d8576ba9bcd139acd078c1207e7b717cd1c8e723c17364efbae56931f838ecf65aba7e990fe8a4a01b3302b27fe7c991a9cb"}, 0xd8)
close_range(r0, 0xffffffffffffffff, 0x0)

700.336432ms ago: executing program 6 (id=3627):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000640)={0xa, 0x4e26, 0x7, @dev={0xfe, 0x80, '\x00', 0x24}, 0xb}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@private=0xa010102, @in=@rand_addr=0x64010100, 0x4e25, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x5, 0x0, 0x0, 0x9, 0xbffffffffffffffd, 0x5}, {0x800000fa, 0x1000000000008, 0x800, 0x5}, 0x0, 0x0, 0x1, 0x0, 0x6, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x4cf, 0x2b}, 0xa, @in6=@local, 0x3506, 0x1, 0x0, 0x0, 0xff, 0xfffffffc}}, 0xe8)
write$binfmt_script(r0, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)

450.887431ms ago: executing program 6 (id=3628):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000a80)="0f018bea0058000004010f20e035000200000f22e0ea000000003500c4e17ae67a7466ba610066ed2e26660f3881b12cd877aac4e3dd5edf62b8010000000f01d90f06", 0x43}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

177.68195ms ago: executing program 6 (id=3629):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001f00), 0xc0000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x95)

0s ago: executing program 6 (id=3630):
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
r4 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="2c0000001a0001ff80000000000000050a000000000000000000000006001d000000000008001e80"], 0x2c}}, 0x0)
flock(r5, 0x5)
r7 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r7, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

kernel console output (not intermixed with test programs):

ecomes ready
[ 1522.424170][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1522.445305][T15533] device veth0_macvtap entered promiscuous mode
[ 1522.514957][T15533] device veth1_macvtap entered promiscuous mode
[ 1522.754072][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.785091][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.829794][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.864030][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.911871][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.950245][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.990580][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.010912][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.043628][T15533] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1523.100504][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1523.138385][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1523.161881][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1523.181987][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1523.211921][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.239229][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.249341][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.278165][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.307566][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.337471][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.357438][T15533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.385721][T15533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.398416][T15533] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1523.408718][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1523.419532][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1523.449829][T15533] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.488109][T15533] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.524231][T15533] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.745810][T15533] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1524.236850][ T4407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.259027][ T4407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.294034][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1524.336496][ T4407] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.365902][ T4407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.426946][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1524.934844][T15778] netlink: 'syz.4.2707': attribute type 29 has an invalid length.
[ 1524.950132][T15778] netlink: 'syz.4.2707': attribute type 29 has an invalid length.
[ 1525.114544][T15781] loop9: detected capacity change from 0 to 512
[ 1525.448349][T15781] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.9.2553: corrupted xattr block 95
[ 1525.465276][T15781] EXT4-fs warning (device loop9): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[ 1525.481431][T15781] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.2553: bg 0: block 7: invalid block bitmap
[ 1525.513238][T15781] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1525.530909][T15781] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2925: inode #11: comm syz.9.2553: corrupted xattr block 95
[ 1525.549390][T15781] EXT4-fs warning (device loop9): ext4_evict_inode:299: xattr delete (err -117)
[ 1525.558969][T15781] EXT4-fs (loop9): 1 orphan inode deleted
[ 1525.564868][T15781] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1526.072121][T15784] netlink: 'syz.4.2707': attribute type 29 has an invalid length.
[ 1527.903884][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1528.395889][T15800] loop9: detected capacity change from 0 to 1024
[ 1528.480568][T15800] EXT4-fs: Ignoring removed nobh option
[ 1528.527551][T15800] EXT4-fs: Ignoring removed bh option
[ 1528.549438][T15800] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1528.782608][T15800] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1529.954347][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1531.586641][T15833] loop9: detected capacity change from 0 to 1024
[ 1531.620424][T15833] EXT4-fs: Ignoring removed nobh option
[ 1531.626074][T15833] EXT4-fs: Ignoring removed bh option
[ 1531.677770][T15833] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1531.760163][T15833] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1533.000468][T15833] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2723: Allocating blocks 497-513 which overlap fs metadata
[ 1533.024682][T15833] EXT4-fs (loop9): pa ffff888072446000: logic 256, phys. 385, len 8
[ 1533.033256][T15833] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1533.895938][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1534.939048][T15861] loop9: detected capacity change from 0 to 1024
[ 1534.969102][T15861] EXT4-fs: Ignoring removed nobh option
[ 1534.974745][T15861] EXT4-fs: Ignoring removed bh option
[ 1535.057195][T15861] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1535.193522][T15861] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1535.220709][T15871] netlink: 'syz.3.2733': attribute type 29 has an invalid length.
[ 1535.240854][T15871] netlink: 'syz.3.2733': attribute type 29 has an invalid length.
[ 1535.343038][T15873] netlink: 'syz.3.2733': attribute type 29 has an invalid length.
[ 1536.546883][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1541.566563][T15915] netlink: 'syz.3.2746': attribute type 29 has an invalid length.
[ 1541.575461][T15915] netlink: 'syz.3.2746': attribute type 29 has an invalid length.
[ 1541.585107][T15915] netlink: 'syz.3.2746': attribute type 29 has an invalid length.
[ 1541.662943][T15917] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2745'.
[ 1541.717579][T15917] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2745'.
[ 1541.794453][T15917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2745'.
[ 1541.826235][T15917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2745'.
[ 1545.351677][T15944] loop9: detected capacity change from 0 to 1024
[ 1545.388383][T15944] EXT4-fs: Ignoring removed nobh option
[ 1545.441365][T15944] EXT4-fs: Ignoring removed bh option
[ 1545.478102][T15944] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1545.653223][T15944] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1546.034730][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.041139][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.490961][T15944] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2753: Allocating blocks 497-513 which overlap fs metadata
[ 1547.508605][T15944] EXT4-fs (loop9): pa ffff888055b0ab60: logic 256, phys. 385, len 8
[ 1547.516661][T15944] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1547.701696][ T4266] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1547.711414][ T4266] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1547.720227][ T4266] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1547.728486][ T4266] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1547.738947][ T4266] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1547.746486][ T4266] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1548.216062][ T4531] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1548.278385][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1548.415286][ T4531] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1548.722675][ T4531] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1549.856486][ T4266] Bluetooth: hci2: command 0x0409 tx timeout
[ 1550.023364][ T4531] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1550.051335][T15989] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2766'.
[ 1550.102357][T15989] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2766'.
[ 1550.301178][T15969] chnl_net:caif_netlink_parms(): no params data found
[ 1550.567571][T15997] loop9: detected capacity change from 0 to 1024
[ 1550.618525][T15997] EXT4-fs: Ignoring removed nobh option
[ 1550.646994][T15997] EXT4-fs: Ignoring removed bh option
[ 1550.677323][T15997] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1550.933219][T15997] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1551.626037][T15969] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1551.651389][T15969] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1551.808311][T16010] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2767: Allocating blocks 497-513 which overlap fs metadata
[ 1551.976454][ T4266] Bluetooth: hci2: command 0x041b tx timeout
[ 1551.993236][T16010] EXT4-fs (loop9): pa ffff888075b69460: logic 256, phys. 385, len 8
[ 1552.001499][T16010] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1552.028741][T15969] device bridge_slave_0 entered promiscuous mode
[ 1552.207106][T15969] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1552.222059][T15969] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1552.319535][T15969] device bridge_slave_1 entered promiscuous mode
[ 1552.422626][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1552.725354][T16025] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2770'.
[ 1553.400224][T15969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1553.442657][T15969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1553.545558][T16033] loop9: detected capacity change from 0 to 1024
[ 1553.553237][T16033] EXT4-fs: Ignoring removed nobh option
[ 1553.558949][T16033] EXT4-fs: Ignoring removed bh option
[ 1553.627528][T16033] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1554.712574][ T4266] Bluetooth: hci2: command 0x040f tx timeout
[ 1554.776436][T16033] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1555.122081][T15969] team0: Port device team_slave_0 added
[ 1555.494910][T15969] team0: Port device team_slave_1 added
[ 1556.178216][T15969] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1556.197038][T15969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1556.282481][T15969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1556.481585][T16047] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2773: Allocating blocks 497-513 which overlap fs metadata
[ 1556.498598][T15969] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1556.511301][T15969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1556.790158][ T4267] Bluetooth: hci2: command 0x0419 tx timeout
[ 1557.093782][T16047] EXT4-fs (loop9): pa ffff888075b691c0: logic 256, phys. 385, len 8
[ 1557.102026][T16047] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1557.207438][T15969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1557.648792][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1557.886787][T16069] loop9: detected capacity change from 0 to 1024
[ 1557.910043][T15969] device hsr_slave_0 entered promiscuous mode
[ 1558.114423][T16069] EXT4-fs: Ignoring removed nobh option
[ 1558.127870][T15969] device hsr_slave_1 entered promiscuous mode
[ 1558.134679][T16069] EXT4-fs: Ignoring removed bh option
[ 1558.177142][T15969] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1558.196192][T16069] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1558.227441][T15969] Cannot create hsr debugfs directory
[ 1558.325544][T16069] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1558.970287][ T4531] device hsr_slave_0 left promiscuous mode
[ 1559.083285][ T4531] device hsr_slave_1 left promiscuous mode
[ 1559.287030][T16082] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2779: Allocating blocks 497-513 which overlap fs metadata
[ 1559.309671][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1559.317221][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1559.544856][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1559.662955][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1559.879991][ T4531] device bridge_slave_1 left promiscuous mode
[ 1559.886316][ T4531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1559.894293][T16082] EXT4-fs (loop9): pa ffff888072446000: logic 256, phys. 385, len 8
[ 1559.902579][T16082] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1559.995388][ T4531] device bridge_slave_0 left promiscuous mode
[ 1560.007605][ T4531] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1560.090862][ T4531] device veth1_vlan left promiscuous mode
[ 1560.107279][ T4531] device veth0_vlan left promiscuous mode
[ 1560.443149][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1561.184469][T16094] netlink: 'syz.4.2785': attribute type 29 has an invalid length.
[ 1562.199847][ T4531] team0 (unregistering): Port device team_slave_1 removed
[ 1562.330775][T16098] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2786'.
[ 1562.375531][T16100] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2787'.
[ 1562.415631][T16100] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2787'.
[ 1562.426336][ T4531] team0 (unregistering): Port device team_slave_0 removed
[ 1562.790714][ T4531] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1563.003669][ T4531] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1565.179576][T16118] loop9: detected capacity change from 0 to 1024
[ 1565.206540][T16118] EXT4-fs: Ignoring removed nobh option
[ 1565.212232][T16118] EXT4-fs: Ignoring removed bh option
[ 1565.246942][T16118] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1565.284497][T16118] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1569.295060][ T4531] bond0 (unregistering): Released all slaves
[ 1569.364398][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1569.559809][T16094] netlink: 'syz.4.2785': attribute type 29 has an invalid length.
[ 1570.830819][T16141] loop9: detected capacity change from 0 to 1024
[ 1570.877035][T16141] EXT4-fs: Ignoring removed nobh option
[ 1570.897596][T16141] EXT4-fs: Ignoring removed bh option
[ 1570.923315][T16141] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1571.562005][T16141] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1573.223955][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1575.601161][T16185] loop9: detected capacity change from 0 to 1024
[ 1575.834252][T16185] EXT4-fs: Ignoring removed nobh option
[ 1575.894326][T16185] EXT4-fs: Ignoring removed bh option
[ 1575.930095][T15969] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1575.937885][T16185] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1575.966636][T15969] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1576.002694][T15969] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1576.236579][T15969] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1576.254598][T16185] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1577.162451][T16185] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2809: Allocating blocks 497-513 which overlap fs metadata
[ 1577.175803][T15969] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1577.228060][T16185] EXT4-fs (loop9): pa ffff888055b0a9a0: logic 256, phys. 385, len 8
[ 1577.236139][T16185] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1577.263998][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1577.274461][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1577.321651][T15969] 8021q: adding VLAN 0 to HW filter on device team0
[ 1577.348360][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1577.388035][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1577.463472][ T4279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1577.470624][ T4279] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1577.527057][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1578.755854][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1578.810964][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1578.871165][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1578.896519][ T4531] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1578.903745][ T4531] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1578.937715][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1578.963823][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1579.017984][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1579.068540][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1579.088417][T16239] netlink: 68 bytes leftover after parsing attributes in process `syz.9.2814'.
[ 1579.105632][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1579.289860][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1579.298414][T16239] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2814'.
[ 1579.339809][ T7593] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1579.375327][T15969] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1579.596892][T15969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1579.637600][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1579.677825][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1579.738520][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1579.768655][T16241] netlink: 68 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1579.778694][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1579.788716][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1579.796707][T16241] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1579.898719][T16243] loop9: detected capacity change from 0 to 1024
[ 1579.905940][T16243] EXT4-fs: Ignoring removed nobh option
[ 1579.967887][T16243] EXT4-fs: Ignoring removed bh option
[ 1579.979787][T16243] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1580.070100][T16243] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1581.884472][ T4525] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1581.908212][ T4525] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1581.977738][T15969] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1582.007662][T16243] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2817: Allocating blocks 497-513 which overlap fs metadata
[ 1582.039965][T16243] EXT4-fs (loop9): pa ffff888055b0a2a0: logic 256, phys. 385, len 8
[ 1582.048103][T16243] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1582.180724][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1582.200986][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1582.265606][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1582.464122][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1582.550557][T15969] device veth0_vlan entered promiscuous mode
[ 1582.791078][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1582.799954][T15969] device veth1_vlan entered promiscuous mode
[ 1582.850082][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1582.881098][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1582.924067][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1583.007031][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1583.039534][T16278] loop9: detected capacity change from 0 to 1024
[ 1583.048502][T16278] EXT4-fs: Ignoring removed nobh option
[ 1583.054121][T16278] EXT4-fs: Ignoring removed bh option
[ 1583.074758][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1583.112610][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1583.153823][T15969] device veth0_macvtap entered promiscuous mode
[ 1583.157585][T16278] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1583.183808][T15969] device veth1_macvtap entered promiscuous mode
[ 1583.243745][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1583.282531][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.306135][T16278] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1583.309913][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1583.331566][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.342704][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1583.366188][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.453282][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1583.513234][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.607482][T15969] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1583.620559][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1583.631121][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.641103][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1583.651712][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1583.661723][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1583.705363][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1584.614565][T15969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1584.906123][T15969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1585.448561][T15969] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1585.456039][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1585.465432][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1585.474467][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1585.484070][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1585.494535][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1585.509617][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1585.531388][T15969] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1585.546057][T15969] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1585.555866][T15969] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1585.568735][T15969] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1585.690929][T16278] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2822: Allocating blocks 497-513 which overlap fs metadata
[ 1585.714704][T16278] EXT4-fs (loop9): pa ffff88805595a1c0: logic 256, phys. 385, len 8
[ 1585.722846][T16278] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1585.904897][T11580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1585.955255][T11580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1586.009169][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1586.021488][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1586.038111][ T4528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1586.065403][ T4528] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1587.314630][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1588.575096][T16334] loop9: detected capacity change from 0 to 1024
[ 1588.616994][T16334] EXT4-fs: Ignoring removed nobh option
[ 1588.688110][T16334] EXT4-fs: Ignoring removed bh option
[ 1588.722722][T16339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2831'.
[ 1588.740407][T16334] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1589.154686][T16334] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1589.628794][T16334] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2830: Allocating blocks 497-513 which overlap fs metadata
[ 1589.672084][T16334] EXT4-fs (loop9): pa ffff88805595a7e0: logic 256, phys. 385, len 8
[ 1589.680197][T16334] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1589.736943][T16353] netlink: 'syz.6.2833': attribute type 29 has an invalid length.
[ 1589.789308][T16353] netlink: 'syz.6.2833': attribute type 29 has an invalid length.
[ 1589.818186][T16355] netlink: 'syz.6.2833': attribute type 29 has an invalid length.
[ 1589.983940][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1590.471773][T16363] loop9: detected capacity change from 0 to 1024
[ 1590.548148][T16363] EXT4-fs: Ignoring removed nobh option
[ 1590.553771][T16363] EXT4-fs: Ignoring removed bh option
[ 1590.615448][T16363] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1590.753097][T16363] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1591.206594][T16363] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2834: Allocating blocks 497-513 which overlap fs metadata
[ 1591.263923][T16363] EXT4-fs (loop9): pa ffff88805595ae00: logic 256, phys. 385, len 8
[ 1591.272200][T16363] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1591.816412][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1596.147828][ T4296] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1596.357593][ T4296] usb 10-1: Using ep0 maxpacket: 16
[ 1596.369064][ T4296] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1596.430200][ T4296] usb 10-1: config 0 has no interface number 0
[ 1597.491964][ T4296] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1597.504608][ T4296] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1597.516209][ T4296] usb 10-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1597.707733][ T4296] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1597.772916][ T4296] usb 10-1: config 0 descriptor??
[ 1597.807579][ T4296] usb 10-1: can't set config #0, error -71
[ 1597.831620][T16420] loop9: detected capacity change from 0 to 1024
[ 1597.867201][ T4296] usb 10-1: USB disconnect, device number 2
[ 1597.924871][T16420] EXT4-fs: Ignoring removed nobh option
[ 1597.987537][T16420] EXT4-fs: Ignoring removed bh option
[ 1598.035261][T16420] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1598.103047][T16420] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1599.075805][T16420] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2846: Allocating blocks 497-513 which overlap fs metadata
[ 1599.092423][T16420] EXT4-fs (loop9): pa ffff88804f5bf460: logic 256, phys. 385, len 8
[ 1599.100683][T16420] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1599.865663][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1603.762956][ T4266] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1603.773541][ T4266] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1603.786202][ T4266] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1603.794488][ T4266] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1603.822002][ T4266] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1603.838186][ T4266] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1604.401718][T16487] loop9: detected capacity change from 0 to 1024
[ 1604.481386][T16487] EXT4-fs: Ignoring removed nobh option
[ 1604.487011][T16487] EXT4-fs: Ignoring removed bh option
[ 1604.519376][T16487] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1604.572264][ T4531] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1604.690975][T16487] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1604.806842][ T4531] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1605.745508][T12309] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1605.908100][ T4267] Bluetooth: hci3: command 0x0409 tx timeout
[ 1606.062086][ T4531] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.077487][T12309] usb 9-1: Using ep0 maxpacket: 16
[ 1606.084766][T12309] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1606.126841][T12309] usb 9-1: config 0 has no interface number 0
[ 1606.150600][T16487] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2861: Allocating blocks 497-513 which overlap fs metadata
[ 1606.171937][T12309] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1606.186056][T16487] EXT4-fs (loop9): pa ffff88804f5bfb60: logic 256, phys. 385, len 8
[ 1606.194284][T16487] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1606.224159][T12309] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1606.249603][T12309] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1606.290802][T12309] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1606.293309][ T4531] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.822114][T12309] usb 9-1: config 0 descriptor??
[ 1606.983448][T16475] chnl_net:caif_netlink_parms(): no params data found
[ 1607.149385][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1607.354659][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.361356][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.536538][T16523] loop9: detected capacity change from 0 to 1024
[ 1607.545238][T16475] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1607.554037][T16523] EXT4-fs: Ignoring removed nobh option
[ 1607.559827][T16523] EXT4-fs: Ignoring removed bh option
[ 1607.566019][T16523] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1607.578791][T16475] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1607.670540][T16475] device bridge_slave_0 entered promiscuous mode
[ 1607.753856][T16475] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1607.786134][T16475] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1607.926849][T16475] device bridge_slave_1 entered promiscuous mode
[ 1607.998081][ T4267] Bluetooth: hci3: command 0x041b tx timeout
[ 1608.011734][T16523] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1608.393119][T12309] usbhid 9-1:0.1: can't add hid device: -71
[ 1608.549402][T12309] usbhid: probe of 9-1:0.1 failed with error -71
[ 1608.564979][T12309] usb 9-1: USB disconnect, device number 2
[ 1608.605588][T16475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1608.680045][T16475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1609.408809][T16523] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2864: Allocating blocks 497-513 which overlap fs metadata
[ 1609.429109][T16475] team0: Port device team_slave_0 added
[ 1609.449265][T16523] EXT4-fs (loop9): pa ffff888072446c40: logic 256, phys. 385, len 8
[ 1609.457459][T16523] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1609.515897][T16475] team0: Port device team_slave_1 added
[ 1609.644186][T16475] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1609.654778][T16475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1609.681578][T16475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1609.776145][T16545] netlink: 'syz.3.2869': attribute type 29 has an invalid length.
[ 1609.807069][T16475] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1609.815570][T16475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1609.817271][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1609.844484][T16475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1609.862258][T16545] netlink: 'syz.3.2869': attribute type 29 has an invalid length.
[ 1609.925586][T16548] netlink: 'syz.3.2869': attribute type 29 has an invalid length.
[ 1610.033859][T16475] device hsr_slave_0 entered promiscuous mode
[ 1610.049432][T16475] device hsr_slave_1 entered promiscuous mode
[ 1610.066806][T16475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1610.074607][ T4266] Bluetooth: hci3: command 0x040f tx timeout
[ 1610.088105][T16475] Cannot create hsr debugfs directory
[ 1610.478889][T16554] loop9: detected capacity change from 0 to 32768
[ 1612.147687][ T4266] Bluetooth: hci3: command 0x0419 tx timeout
[ 1613.668092][T16573] loop9: detected capacity change from 0 to 1024
[ 1613.703808][T16573] EXT4-fs: Ignoring removed nobh option
[ 1613.782946][T16573] EXT4-fs: Ignoring removed bh option
[ 1613.874447][T16573] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1614.050419][T16573] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1614.597620][ T4531] device hsr_slave_0 left promiscuous mode
[ 1614.670067][T16582] ubi0: attaching mtd0
[ 1614.679418][T16582] ubi0: scanning is finished
[ 1615.445496][T16582] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[ 1616.409672][ T4531] device hsr_slave_1 left promiscuous mode
[ 1616.416615][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1616.424793][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1616.433704][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1616.441477][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1616.450321][ T4531] device bridge_slave_1 left promiscuous mode
[ 1616.456926][ T4531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1616.488685][ T4531] device bridge_slave_0 left promiscuous mode
[ 1616.494966][ T4531] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1617.389316][T16597] netlink: 68 bytes leftover after parsing attributes in process `syz.8.2876'.
[ 1617.417277][ T4531] device veth1_vlan left promiscuous mode
[ 1617.427013][ T4531] device veth0_vlan left promiscuous mode
[ 1617.514577][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1617.984080][T16602] loop9: detected capacity change from 0 to 32768
[ 1618.751357][T16612] netlink: 'syz.8.2880': attribute type 29 has an invalid length.
[ 1619.051391][T16615] loop9: detected capacity change from 0 to 1024
[ 1619.071077][T16615] EXT4-fs: Ignoring removed nobh option
[ 1619.088333][T16615] EXT4-fs: Ignoring removed bh option
[ 1619.109115][T16615] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1619.155658][ T4531] team0 (unregistering): Port device team_slave_1 removed
[ 1619.204874][T16615] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1619.299590][ T4531] team0 (unregistering): Port device team_slave_0 removed
[ 1619.382879][T16615] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2878: Allocating blocks 497-513 which overlap fs metadata
[ 1619.399635][T16615] EXT4-fs (loop9): pa ffff888055b0a0e0: logic 256, phys. 385, len 8
[ 1619.407784][T16615] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1619.679497][ T4531] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1620.071875][ T4531] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1620.356357][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1620.473549][T16626] loop9: detected capacity change from 0 to 1024
[ 1620.485842][T16626] EXT4-fs: Ignoring removed nobh option
[ 1620.526944][T16626] EXT4-fs: Ignoring removed bh option
[ 1620.543774][T16626] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1620.695419][T16626] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1621.327101][T16626] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2883: Allocating blocks 497-513 which overlap fs metadata
[ 1621.356838][T16626] EXT4-fs (loop9): pa ffff888055b0a7e0: logic 256, phys. 385, len 8
[ 1621.365277][T16626] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1621.704424][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1621.944572][T16635] loop9: detected capacity change from 0 to 1024
[ 1621.951968][T16635] EXT4-fs: Ignoring removed nobh option
[ 1621.993704][T16635] EXT4-fs: Ignoring removed bh option
[ 1622.004541][T16635] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1622.065018][ T4531] bond0 (unregistering): Released all slaves
[ 1622.233454][T16635] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1622.600464][T16612] netlink: 'syz.8.2880': attribute type 29 has an invalid length.
[ 1622.782397][T16475] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1622.991941][T16475] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1623.098239][T16475] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1623.166880][T16475] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1624.194230][T16475] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1624.340467][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1624.379231][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1624.389640][T16475] 8021q: adding VLAN 0 to HW filter on device team0
[ 1624.469669][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1624.512423][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1624.583566][T10525] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1624.590792][T10525] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1624.749021][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1624.797421][ T4266] Bluetooth: hci0: command 0x0406 tx timeout
[ 1625.000518][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1625.125069][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1625.154518][T10525] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1625.161759][T10525] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1625.207922][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1625.276905][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1625.356877][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1625.397023][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1625.516789][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1625.564006][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1625.590262][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1625.668056][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1625.727225][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1625.751692][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1625.837916][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1626.047961][T16475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1626.292725][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1626.528196][T16675] loop9: detected capacity change from 0 to 1024
[ 1626.555818][T16675] EXT4-fs: Ignoring removed nobh option
[ 1626.566328][T16675] EXT4-fs: Ignoring removed bh option
[ 1626.600656][T16675] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1626.660909][T16675] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1627.092136][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1627.124970][T11580] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1627.180898][T16475] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1628.148082][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1628.175972][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1628.255230][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1628.288492][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1628.304835][T16709] netlink: 'syz.6.2897': attribute type 29 has an invalid length.
[ 1628.308066][T16475] device veth0_vlan entered promiscuous mode
[ 1628.356778][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1628.370929][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1628.406636][T16475] device veth1_vlan entered promiscuous mode
[ 1628.460020][T16709] netlink: 'syz.6.2897': attribute type 29 has an invalid length.
[ 1628.483278][T16712] netlink: 'syz.6.2897': attribute type 29 has an invalid length.
[ 1628.496691][T16475] device veth0_macvtap entered promiscuous mode
[ 1628.519447][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1628.534842][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1628.559281][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1628.594499][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1628.628682][T16475] device veth1_macvtap entered promiscuous mode
[ 1628.672249][T16714] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2898'.
[ 1628.702137][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1628.754651][ T4524] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1628.887103][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1628.950595][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1629.036941][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1629.341852][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1629.416431][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1629.459678][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1629.543511][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1629.640376][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1629.889133][T16475] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1629.917696][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1630.019348][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1630.062250][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1630.116506][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1630.902364][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1630.913435][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1630.923683][T16475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1630.934397][T16475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1630.956445][T16475] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1630.964810][T14260] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1631.157686][T14260] usb 4-1: Using ep0 maxpacket: 16
[ 1631.167935][T14260] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1631.181590][T14260] usb 4-1: config 0 has no interface number 0
[ 1631.189788][T14260] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1631.214816][T14260] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1631.230169][T14260] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1631.242972][T14260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.259668][ T4458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1631.296169][ T4458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1631.318090][T14260] usb 4-1: config 0 descriptor??
[ 1631.367640][ T4458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1631.402534][ T4458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1631.426634][T16733] mmap: syz.6.2901 (16733) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1631.471453][T16475] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.517454][T16475] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.564973][T16475] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.576036][T16475] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.736321][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1631.781638][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1631.796691][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1631.914965][T10525] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1631.964792][ T4531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1631.987411][ T4531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1632.185927][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1632.333298][T16745] loop9: detected capacity change from 0 to 1024
[ 1632.349153][T16745] EXT4-fs: Ignoring removed nobh option
[ 1632.413513][T16745] EXT4-fs: Ignoring removed bh option
[ 1632.645613][T14260] usbhid 4-1:0.1: can't add hid device: -71
[ 1632.651712][T14260] usbhid: probe of 4-1:0.1 failed with error -71
[ 1632.776717][T16745] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1633.066195][T14260] usb 4-1: USB disconnect, device number 6
[ 1633.135448][T16745] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1634.641964][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1635.720353][T16772] netlink: 'syz.9.2908': attribute type 29 has an invalid length.
[ 1635.772713][T16772] netlink: 'syz.9.2908': attribute type 29 has an invalid length.
[ 1635.813299][T16776] netlink: 'syz.9.2908': attribute type 29 has an invalid length.
[ 1636.584501][T16779] loop9: detected capacity change from 0 to 1024
[ 1636.678595][T16779] EXT4-fs: Ignoring removed nobh option
[ 1636.708672][T16779] EXT4-fs: Ignoring removed bh option
[ 1636.723036][T16779] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1636.848290][T16779] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1638.027070][T16779] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2909: Allocating blocks 497-513 which overlap fs metadata
[ 1638.051705][T16779] EXT4-fs (loop9): pa ffff888072446d20: logic 256, phys. 385, len 8
[ 1638.060446][T16779] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1638.382226][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1638.789736][T16806] loop9: detected capacity change from 0 to 1024
[ 1638.815201][T16806] EXT4-fs: Ignoring removed nobh option
[ 1640.344088][T16806] EXT4-fs: Ignoring removed bh option
[ 1640.353133][T16806] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1640.538021][T16806] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1641.003528][T16806] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2924: Allocating blocks 497-513 which overlap fs metadata
[ 1641.126416][T16806] EXT4-fs (loop9): pa ffff888055b0a380: logic 256, phys. 385, len 8
[ 1641.134878][T16806] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1641.515836][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1641.714503][T16831] loop9: detected capacity change from 0 to 1024
[ 1641.798135][T16831] EXT4-fs: Ignoring removed nobh option
[ 1641.852860][T16831] EXT4-fs: Ignoring removed bh option
[ 1641.911249][T16831] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1642.001998][T16831] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1642.638751][T16831] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2918: Allocating blocks 497-513 which overlap fs metadata
[ 1642.653451][T16831] EXT4-fs (loop9): pa ffff88804f5bf460: logic 256, phys. 385, len 8
[ 1642.661824][T16831] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1644.397413][ T6091] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1644.637232][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1644.753300][ T6091] usb 9-1: Using ep0 maxpacket: 16
[ 1644.761780][ T6091] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1644.792585][ T6091] usb 9-1: config 0 has no interface number 0
[ 1644.821881][T16850] loop9: detected capacity change from 0 to 1024
[ 1644.832769][ T6091] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1644.864103][T16850] EXT4-fs: Ignoring removed nobh option
[ 1644.872509][ T6091] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1644.885060][T16850] EXT4-fs: Ignoring removed bh option
[ 1644.894686][T16850] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1644.896656][T16851] netlink: 'syz.6.2921': attribute type 29 has an invalid length.
[ 1644.912544][ T6091] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1644.935315][ T6091] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1644.966439][ T6091] usb 9-1: config 0 descriptor??
[ 1645.027784][T16851] netlink: 'syz.6.2921': attribute type 29 has an invalid length.
[ 1645.058443][T16850] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1645.075744][T16853] netlink: 'syz.6.2921': attribute type 29 has an invalid length.
[ 1646.018647][T16861] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2923'.
[ 1646.088273][T16859] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2922: Allocating blocks 497-513 which overlap fs metadata
[ 1646.103865][T16859] EXT4-fs (loop9): pa ffff888055b0a7e0: logic 256, phys. 385, len 8
[ 1646.112041][T16859] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1646.360108][ T6091] usbhid 9-1:0.1: can't add hid device: -71
[ 1646.366150][ T6091] usbhid: probe of 9-1:0.1 failed with error -71
[ 1646.458268][ T6091] usb 9-1: USB disconnect, device number 3
[ 1647.131881][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1648.301071][T16880] loop9: detected capacity change from 0 to 1024
[ 1648.314160][T16880] EXT4-fs: Ignoring removed nobh option
[ 1648.332964][T16884] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2930'.
[ 1648.367519][T16880] EXT4-fs: Ignoring removed bh option
[ 1648.415068][T16880] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1648.551570][T16880] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1650.186508][T16898] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2929: Allocating blocks 497-513 which overlap fs metadata
[ 1650.838336][T16898] EXT4-fs (loop9): pa ffff88804f5bf2a0: logic 256, phys. 385, len 8
[ 1650.846416][T16898] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1651.796801][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1652.006031][T16912] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2938'.
[ 1653.117696][T10153] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1653.317580][T10153] usb 5-1: Using ep0 maxpacket: 16
[ 1653.329849][T10153] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1653.338310][T10153] usb 5-1: config 0 has no interface number 0
[ 1653.351688][T10153] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1653.362977][T10153] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1653.373285][T10153] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1653.382550][T10153] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1653.413873][T10153] usb 5-1: config 0 descriptor??
[ 1653.648881][T16932] loop9: detected capacity change from 0 to 1024
[ 1653.762154][T16932] EXT4-fs: Ignoring removed nobh option
[ 1653.824807][T16932] EXT4-fs: Ignoring removed bh option
[ 1653.835120][T16932] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1654.008686][T16932] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1655.015811][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1655.117431][T10153] usbhid 5-1:0.1: can't add hid device: -71
[ 1655.123564][T10153] usbhid: probe of 5-1:0.1 failed with error -71
[ 1655.178070][T10153] usb 5-1: USB disconnect, device number 4
[ 1655.938671][T16951] loop9: detected capacity change from 0 to 32768
[ 1656.693881][T16958] netlink: 'syz.6.2946': attribute type 29 has an invalid length.
[ 1656.805825][T16958] netlink: 'syz.6.2946': attribute type 29 has an invalid length.
[ 1657.070210][T16963] netlink: 'syz.6.2946': attribute type 29 has an invalid length.
[ 1658.082795][T16970] loop9: detected capacity change from 0 to 1024
[ 1658.156401][T16970] EXT4-fs: Ignoring removed nobh option
[ 1658.177596][T16970] EXT4-fs: Ignoring removed bh option
[ 1658.356531][T16970] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1658.549314][T16970] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1660.134782][T16970] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2958: Allocating blocks 497-513 which overlap fs metadata
[ 1660.151183][T16970] EXT4-fs (loop9): pa ffff88804f5bf460: logic 256, phys. 385, len 8
[ 1660.159301][T16970] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1661.264978][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1661.920957][T17000] loop9: detected capacity change from 0 to 1024
[ 1661.978873][T17000] EXT4-fs: Ignoring removed nobh option
[ 1662.209180][T17000] EXT4-fs: Ignoring removed bh option
[ 1662.419574][T17000] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1662.588319][T17000] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1663.677939][ T4297] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1663.897706][ T4297] usb 5-1: Using ep0 maxpacket: 16
[ 1663.913750][ T4297] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1663.944344][ T4297] usb 5-1: config 0 has no interface number 0
[ 1663.967732][ T4297] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1663.984189][ T4297] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1663.997124][ T4297] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1664.067783][ T4297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1664.079463][ T4297] usb 5-1: config 0 descriptor??
[ 1665.534608][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1665.644022][ T4297] usbhid 5-1:0.1: can't add hid device: -71
[ 1665.650595][ T4297] usbhid: probe of 5-1:0.1 failed with error -71
[ 1665.689148][ T4297] usb 5-1: USB disconnect, device number 5
[ 1665.749813][T17026] netlink: 'syz.8.2959': attribute type 29 has an invalid length.
[ 1665.824878][T17026] netlink: 'syz.8.2959': attribute type 29 has an invalid length.
[ 1665.855261][T17028] netlink: 'syz.8.2959': attribute type 29 has an invalid length.
[ 1666.580674][T17041] loop9: detected capacity change from 0 to 1024
[ 1666.595646][T17041] EXT4-fs: Ignoring removed nobh option
[ 1666.609436][T17041] EXT4-fs: Ignoring removed bh option
[ 1666.664812][T17041] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1666.838516][T17041] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1668.289874][T17055] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2965: Allocating blocks 497-513 which overlap fs metadata
[ 1668.344271][T17055] EXT4-fs (loop9): pa ffff888055b0a2a0: logic 256, phys. 385, len 8
[ 1668.352538][T17055] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1668.792563][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.799368][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.050464][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1669.221808][T17076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2971'.
[ 1669.276425][T17078] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2972'.
[ 1669.803924][T17087] netlink: 'syz.3.2975': attribute type 29 has an invalid length.
[ 1669.853682][T17087] netlink: 'syz.3.2975': attribute type 29 has an invalid length.
[ 1669.875419][T17091] netlink: 'syz.3.2975': attribute type 29 has an invalid length.
[ 1670.049843][T17093] loop9: detected capacity change from 0 to 1024
[ 1670.333588][T17093] EXT4-fs: Ignoring removed nobh option
[ 1670.487939][T17093] EXT4-fs: Ignoring removed bh option
[ 1670.548630][T17093] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1670.634556][T17093] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1670.867767][ T4266] Bluetooth: hci2: command 0x0406 tx timeout
[ 1671.123194][T17093] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2977: Allocating blocks 497-513 which overlap fs metadata
[ 1671.165607][T17093] EXT4-fs (loop9): pa ffff888055b0a540: logic 256, phys. 385, len 8
[ 1671.173823][T17093] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1672.055213][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1672.269982][T17121] loop9: detected capacity change from 0 to 1024
[ 1672.325525][T17121] EXT4-fs: Ignoring removed nobh option
[ 1672.384060][T17121] EXT4-fs: Ignoring removed bh option
[ 1672.417141][T17121] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1672.510792][T17121] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1673.362686][T17132] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2982: Allocating blocks 497-513 which overlap fs metadata
[ 1673.431244][T17132] EXT4-fs (loop9): pa ffff88804f5bf8c0: logic 256, phys. 385, len 8
[ 1673.439607][T17132] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1674.459878][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1674.695370][T17144] loop9: detected capacity change from 0 to 1024
[ 1674.758111][T17144] EXT4-fs: Ignoring removed nobh option
[ 1674.808486][T17144] EXT4-fs: Ignoring removed bh option
[ 1675.199572][T17144] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1675.319139][T17144] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1675.488020][T17153] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2988'.
[ 1675.581614][T17155] netlink: 'syz.3.2989': attribute type 29 has an invalid length.
[ 1675.617788][T17155] netlink: 'syz.3.2989': attribute type 29 has an invalid length.
[ 1675.686357][T17157] netlink: 'syz.3.2989': attribute type 29 has an invalid length.
[ 1675.758600][T17144] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.2986: Allocating blocks 497-513 which overlap fs metadata
[ 1675.785884][T17144] EXT4-fs (loop9): pa ffff888055b0ac40: logic 256, phys. 385, len 8
[ 1675.794350][T17144] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1676.174445][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1678.832633][T17184] loop9: detected capacity change from 0 to 1024
[ 1678.847070][T17184] EXT4-fs: Ignoring removed nobh option
[ 1678.854996][T17184] EXT4-fs: Ignoring removed bh option
[ 1678.873579][T17184] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1678.983861][T17184] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1682.830329][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1683.610818][T17218] netlink: 'syz.3.3003': attribute type 29 has an invalid length.
[ 1683.619210][T17218] netlink: 'syz.3.3003': attribute type 29 has an invalid length.
[ 1683.632311][T17218] netlink: 'syz.3.3003': attribute type 29 has an invalid length.
[ 1683.698538][T17220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3004'.
[ 1684.101287][T17220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3004'.
[ 1685.267399][ T4267] Bluetooth: hci0: command 0x0406 tx timeout
[ 1687.934083][T17257] loop9: detected capacity change from 0 to 1024
[ 1687.995679][T17257] EXT4-fs: Ignoring removed nobh option
[ 1688.047759][T17257] EXT4-fs: Ignoring removed bh option
[ 1688.087239][T17257] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1688.471055][T17257] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1689.120782][T17257] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3013: Allocating blocks 497-513 which overlap fs metadata
[ 1689.153533][T17257] EXT4-fs (loop9): pa ffff88804f5bfd20: logic 256, phys. 385, len 8
[ 1689.161697][T17257] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1689.209549][T17272] netlink: 'syz.8.3015': attribute type 29 has an invalid length.
[ 1689.252865][T17272] netlink: 'syz.8.3015': attribute type 29 has an invalid length.
[ 1689.285857][T17275] netlink: 'syz.8.3015': attribute type 29 has an invalid length.
[ 1689.676543][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1691.162519][T17295] loop9: detected capacity change from 0 to 1024
[ 1691.197055][T17295] EXT4-fs: Ignoring removed nobh option
[ 1691.241215][T17295] EXT4-fs: Ignoring removed bh option
[ 1691.273975][T17295] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1691.480253][T17295] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1692.907409][T17295] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3021: Allocating blocks 497-513 which overlap fs metadata
[ 1692.922260][T17295] EXT4-fs (loop9): pa ffff88804f5bf9a0: logic 256, phys. 385, len 8
[ 1692.930438][T17295] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1693.231004][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1695.642572][T17348] netlink: 'syz.4.3029': attribute type 29 has an invalid length.
[ 1695.704844][T17348] netlink: 'syz.4.3029': attribute type 29 has an invalid length.
[ 1695.743733][T17350] netlink: 'syz.4.3029': attribute type 29 has an invalid length.
[ 1700.139392][T17411] loop9: detected capacity change from 0 to 1024
[ 1700.177908][T17411] EXT4-fs: Ignoring removed nobh option
[ 1700.183537][T17411] EXT4-fs: Ignoring removed bh option
[ 1700.218278][T17411] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1700.313871][T17411] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1702.705608][T17432] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3041: Allocating blocks 497-513 which overlap fs metadata
[ 1703.112747][T17432] EXT4-fs (loop9): pa ffff888075b697e0: logic 256, phys. 385, len 8
[ 1703.121231][T17432] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1704.235789][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1704.527909][T17460] loop9: detected capacity change from 0 to 1024
[ 1704.880419][T17460] EXT4-fs: Ignoring removed nobh option
[ 1704.886221][T17460] EXT4-fs: Ignoring removed bh option
[ 1704.970661][T17460] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1705.093125][T17460] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1707.324355][T17490] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3056'.
[ 1709.313957][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1710.454526][T17514] loop9: detected capacity change from 0 to 1024
[ 1710.527589][T17514] EXT4-fs: Ignoring removed nobh option
[ 1710.533212][T17514] EXT4-fs: Ignoring removed bh option
[ 1710.577457][T17514] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1710.654492][T17514] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1710.697550][T17520] netlink: 'syz.4.3062': attribute type 29 has an invalid length.
[ 1710.736612][T17520] netlink: 'syz.4.3062': attribute type 29 has an invalid length.
[ 1710.777709][T17520] netlink: 'syz.4.3062': attribute type 29 has an invalid length.
[ 1711.879242][T17514] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3060: Allocating blocks 497-513 which overlap fs metadata
[ 1711.911509][T17514] EXT4-fs (loop9): pa ffff88804f5bf700: logic 256, phys. 385, len 8
[ 1711.919687][T17514] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1712.247119][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1712.441487][T17539] loop9: detected capacity change from 0 to 1024
[ 1712.478290][T17539] EXT4-fs: Ignoring removed nobh option
[ 1712.494233][T17539] EXT4-fs: Ignoring removed bh option
[ 1712.514569][T17539] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1712.628996][T17539] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1713.549710][T17539] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3064: Allocating blocks 497-513 which overlap fs metadata
[ 1713.583886][T17539] EXT4-fs (loop9): pa ffff888075b69380: logic 256, phys. 385, len 8
[ 1713.592201][T17539] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1714.015762][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1717.598961][T17584] netlink: 'syz.8.3073': attribute type 29 has an invalid length.
[ 1717.620367][T17584] netlink: 'syz.8.3073': attribute type 29 has an invalid length.
[ 1717.713826][T17587] netlink: 'syz.8.3073': attribute type 29 has an invalid length.
[ 1718.093330][T17593] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3074'.
[ 1719.479367][T17608] netlink: 5 bytes leftover after parsing attributes in process `syz.6.3079'.
[ 1727.361978][ T4267] Bluetooth: hci3: command 0x0406 tx timeout
[ 1727.441348][T17666] netlink: 5 bytes leftover after parsing attributes in process `syz.9.3090'.
[ 1727.959451][T17673] loop9: detected capacity change from 0 to 32768
[ 1730.405932][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.412332][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1733.856611][T17733] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3106'.
[ 1738.972756][T17769] netlink: 'syz.4.3116': attribute type 29 has an invalid length.
[ 1739.025027][T17769] netlink: 'syz.4.3116': attribute type 29 has an invalid length.
[ 1739.035350][T17771] netlink: 'syz.4.3116': attribute type 29 has an invalid length.
[ 1739.955703][T17787] ./file0: Can't open blockdev
[ 1745.179149][T17827] netlink: 'syz.4.3133': attribute type 29 has an invalid length.
[ 1745.219661][T17827] netlink: 'syz.4.3133': attribute type 29 has an invalid length.
[ 1745.257932][T17828] netlink: 'syz.4.3133': attribute type 29 has an invalid length.
[ 1747.709107][T17847] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3139'.
[ 1750.351034][T17860] loop9: detected capacity change from 0 to 32768
[ 1751.867041][T17876] netlink: 84 bytes leftover after parsing attributes in process `syz.8.3148'.
[ 1753.161068][T17887] loop9: detected capacity change from 0 to 1024
[ 1753.174441][T17887] EXT4-fs: Ignoring removed nobh option
[ 1753.180306][T17887] EXT4-fs: Ignoring removed bh option
[ 1753.478618][T17890] ./file0: Can't open blockdev
[ 1754.267838][T17887] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1754.408574][T17887] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1754.788708][T17905] ./file0: Can't open blockdev
[ 1756.765851][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1758.727177][T17928] loop9: detected capacity change from 0 to 1024
[ 1758.776906][T17928] EXT4-fs: Ignoring removed nobh option
[ 1758.793682][T17928] EXT4-fs: Ignoring removed bh option
[ 1758.809827][T17928] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1758.857977][T17928] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1759.989745][T17937] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3162'.
[ 1760.548438][T17935] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3160: Allocating blocks 497-513 which overlap fs metadata
[ 1760.570984][T17935] EXT4-fs (loop9): pa ffff88804f5bf460: logic 256, phys. 385, len 8
[ 1760.579174][T17935] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1761.852532][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1762.509731][T17955] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3166'.
[ 1763.757683][T17960] ./file0: Can't open blockdev
[ 1764.601609][T17966] loop9: detected capacity change from 0 to 1024
[ 1764.679973][T17966] EXT4-fs: Ignoring removed nobh option
[ 1764.685653][T17966] EXT4-fs: Ignoring removed bh option
[ 1764.765259][T17966] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1764.846621][T17966] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1766.064358][T17966] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3169: Allocating blocks 497-513 which overlap fs metadata
[ 1766.080857][T17966] EXT4-fs (loop9): pa ffff88804f5bf000: logic 256, phys. 385, len 8
[ 1766.089047][T17966] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1766.665354][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1768.638524][T17989] loop9: detected capacity change from 0 to 32768
[ 1768.678497][T17995] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3179'.
[ 1768.687458][T17995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1768.694897][T17995] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1769.376095][T17995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1769.383953][T17995] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1771.530863][T18010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3184'.
[ 1771.540116][T18010] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1771.547612][T18010] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1772.428388][T18010] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1772.435943][T18010] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1773.129751][T16056] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1773.417594][T16056] usb 5-1: Using ep0 maxpacket: 32
[ 1773.455195][T16056] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1773.601489][T16056] usb 5-1: config 0 has no interface number 0
[ 1773.755704][T16056] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1773.789676][T16056] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1773.800751][T16056] usb 5-1: Product: syz
[ 1773.804979][T16056] usb 5-1: Manufacturer: syz
[ 1773.817513][T16056] usb 5-1: SerialNumber: syz
[ 1773.845208][T16056] usb 5-1: config 0 descriptor??
[ 1773.868007][T16056] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1774.092405][T16056] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1774.228779][T16056] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1774.522752][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1774.533036][T16056] usb 5-1: USB disconnect, device number 6
[ 1774.573197][T16056] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1774.616687][T16056] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1774.664842][T16056] quatech2 5-1:0.51: device disconnected
[ 1775.213026][T18035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3191'.
[ 1776.717701][ T4297] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1778.303465][T18056] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3198'.
[ 1778.769766][T18060] loop9: detected capacity change from 0 to 128
[ 1778.831215][T18060] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1778.861811][T18060] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1778.884956][T18060] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1779.387085][T18060] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[ 1779.741337][T18071] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3201'.
[ 1779.750524][T18071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1779.758336][T18071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1779.769994][T18071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1779.778654][T18071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1780.832891][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1781.300090][ T6091] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1781.517496][ T6091] usb 10-1: Using ep0 maxpacket: 32
[ 1781.537583][ T6091] usb 10-1: config 0 has an invalid interface number: 51 but max is 0
[ 1781.594843][ T6091] usb 10-1: config 0 has no interface number 0
[ 1781.634263][ T6091] usb 10-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1781.660718][ T6091] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1781.675198][ T6091] usb 10-1: Product: syz
[ 1781.687190][ T6091] usb 10-1: Manufacturer: syz
[ 1781.699627][ T6091] usb 10-1: SerialNumber: syz
[ 1781.733722][ T6091] usb 10-1: config 0 descriptor??
[ 1781.782554][ T6091] quatech2 10-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1781.974484][ T6091] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1782.109619][T18089] ./file0: Can't open blockdev
[ 1782.862590][ T6091] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1783.069187][    C0] usb 10-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1783.088232][T10374] usb 10-1: USB disconnect, device number 3
[ 1783.115649][T10374] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1783.189182][T10374] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1783.220538][T10374] quatech2 10-1:0.51: device disconnected
[ 1784.134940][T18100] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3210'.
[ 1784.179256][T18104] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3211'.
[ 1784.195055][T18104] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1785.038111][ T4297] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1786.303887][T18112] loop9: detected capacity change from 0 to 32768
[ 1786.404863][T18112] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop9 scanned by syz.9.3215 (18112)
[ 1786.566560][T18112] BTRFS info (device loop9): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1786.602414][T18112] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[ 1786.701463][T18112] BTRFS info (device loop9): use zlib compression, level 3
[ 1786.818572][T18112] BTRFS info (device loop9): using free space tree
[ 1787.346765][T18112] BTRFS info (device loop9): enabling ssd optimizations
[ 1788.266614][T18153] ./file0: Can't open blockdev
[ 1790.557382][ T4296] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1790.854849][ T4267] Bluetooth: hci5: command 0x0406 tx timeout
[ 1791.001297][T15533] BTRFS info (device loop9): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1791.348496][T14260] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1791.379028][T18162] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3226'.
[ 1791.537655][T14260] usb 4-1: Using ep0 maxpacket: 8
[ 1791.545778][T14260] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1791.571667][T14260] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1791.608193][T14260] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1791.620416][T14260] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1791.633988][T18173] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3225'.
[ 1791.653456][T14260] usb 4-1: Product: syz
[ 1791.662941][T14260] usb 4-1: Manufacturer: syz
[ 1791.663553][T18173] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1791.679421][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.686443][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1791.695936][T14260] usb 4-1: SerialNumber: syz
[ 1791.920584][T14260] cdc_ncm 4-1:1.0: bind() failure
[ 1792.095235][T14260] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1792.102206][T14260] cdc_ncm 4-1:1.1: bind() failure
[ 1792.120163][T14260] usb 4-1: USB disconnect, device number 7
[ 1792.942748][T18188] ./file0: Can't open blockdev
[ 1794.196865][T18196] ./file0: Can't open blockdev
[ 1795.737617][ T6091] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1795.937334][ T6091] usb 4-1: Using ep0 maxpacket: 8
[ 1795.956362][T18209] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3239'.
[ 1795.982956][ T6091] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1796.035191][ T6091] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1796.259393][ T6091] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1796.277884][ T6091] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1796.286209][ T6091] usb 4-1: Product: syz
[ 1796.291081][ T6091] usb 4-1: Manufacturer: syz
[ 1796.295712][ T6091] usb 4-1: SerialNumber: syz
[ 1796.608838][ T6091] cdc_ncm 4-1:1.0: bind() failure
[ 1796.609572][T18212] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3240'.
[ 1796.627417][T18212] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1796.654206][ T6091] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1796.663081][ T6091] cdc_ncm 4-1:1.1: bind() failure
[ 1796.695181][ T6091] usb 4-1: USB disconnect, device number 8
[ 1797.049028][T18216] loop9: detected capacity change from 0 to 1024
[ 1797.056368][T18216] EXT4-fs: Ignoring removed nobh option
[ 1797.137603][T18216] EXT4-fs: Ignoring removed bh option
[ 1797.177943][T18216] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1797.274221][T18216] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1797.495837][T18216] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3242: Allocating blocks 497-513 which overlap fs metadata
[ 1797.512221][T18216] EXT4-fs (loop9): pa ffff88804f5bfc40: logic 256, phys. 385, len 8
[ 1797.520581][T18216] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1797.760158][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1797.854107][T18226] loop9: detected capacity change from 0 to 128
[ 1797.884437][T18226] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1797.942859][T18226] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1797.955570][T18226] ext4 filesystem being mounted at /108/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1798.403162][T18237] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3245'.
[ 1799.215492][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1800.037308][ T6091] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1801.097354][T18168] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1801.195878][T18253] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3251'.
[ 1801.287397][T18168] usb 4-1: Using ep0 maxpacket: 16
[ 1801.310374][T18168] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1801.341745][T18168] usb 4-1: config 0 has no interface number 0
[ 1801.366472][T18168] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1801.406301][T18168] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1801.433397][T18168] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1801.457203][T18257] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3252'.
[ 1801.467358][T18168] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1801.472245][T18257] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1801.561328][T18168] usb 4-1: config 0 descriptor??
[ 1803.609245][T18273] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3259'.
[ 1803.616769][T18168] usbhid 4-1:0.1: can't add hid device: -71
[ 1803.660410][T18168] usbhid: probe of 4-1:0.1 failed with error -71
[ 1803.696494][T18168] usb 4-1: USB disconnect, device number 9
[ 1804.912333][T18293] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3272'.
[ 1805.165875][ T6091] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1805.507353][ T6091] usb 4-1: Using ep0 maxpacket: 8
[ 1807.139712][ T6091] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1807.158820][ T6091] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1807.207205][ T6091] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1807.216398][ T6091] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1807.228805][T18307] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3269'.
[ 1807.247321][ T6091] usb 4-1: Product: syz
[ 1807.251555][ T6091] usb 4-1: Manufacturer: syz
[ 1807.256182][ T6091] usb 4-1: SerialNumber: syz
[ 1807.261619][T18307] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1807.477403][ T4296] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1807.498134][ T6091] cdc_ncm 4-1:1.0: bind() failure
[ 1807.508768][ T6091] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1807.515795][ T6091] cdc_ncm 4-1:1.1: bind() failure
[ 1807.533201][ T6091] usb 4-1: USB disconnect, device number 10
[ 1807.677561][ T4296] usb 9-1: Using ep0 maxpacket: 16
[ 1807.686163][ T4296] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1807.694406][ T4296] usb 9-1: config 0 has no interface number 0
[ 1807.700576][ T4296] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1807.711580][ T4296] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1807.721445][ T4296] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1807.731867][ T4296] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1807.759747][ T4296] usb 9-1: config 0 descriptor??
[ 1809.099343][ T4296] usbhid 9-1:0.1: can't add hid device: -71
[ 1809.105401][ T4296] usbhid: probe of 9-1:0.1 failed with error -71
[ 1809.117651][ T4296] usb 9-1: USB disconnect, device number 5
[ 1809.695470][T18327] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3273'.
[ 1810.666680][T18310] loop9: detected capacity change from 0 to 32768
[ 1810.727492][ T4296] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1810.937491][ T4296] usb 9-1: Using ep0 maxpacket: 8
[ 1810.947729][ T4296] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1810.976011][ T4296] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1810.989423][ T6091] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1811.031271][ T4296] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1811.060353][ T4296] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1811.092372][ T4296] usb 9-1: Product: syz
[ 1811.096859][ T4296] usb 9-1: Manufacturer: syz
[ 1811.130456][ T4296] usb 9-1: SerialNumber: syz
[ 1811.386266][ T4296] cdc_ncm 9-1:1.0: bind() failure
[ 1811.420674][ T4296] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1811.437599][ T4296] cdc_ncm 9-1:1.1: bind() failure
[ 1811.692685][ T4296] usb 9-1: USB disconnect, device number 6
[ 1812.478637][ T4297] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1814.191810][T18353] loop9: detected capacity change from 0 to 128
[ 1814.230757][T18353] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1814.579075][T18353] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1814.755986][T18353] ext4 filesystem being mounted at /119/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1815.470659][T18359] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3284'.
[ 1816.131176][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1817.184124][T18372] loop9: detected capacity change from 0 to 128
[ 1817.927385][T18372] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1818.014601][T18372] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1818.149239][T18372] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1818.877550][ T4297] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1819.451682][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1819.499348][ T4297] usb 5-1: Using ep0 maxpacket: 8
[ 1819.521478][ T4297] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1819.558937][ T4297] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1819.608574][ T4297] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1819.627358][T18168] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1819.639628][ T4297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1819.649552][ T4297] usb 5-1: Product: syz
[ 1819.653826][ T4297] usb 5-1: Manufacturer: syz
[ 1819.660779][ T4297] usb 5-1: SerialNumber: syz
[ 1819.954789][ T4297] cdc_ncm 5-1:1.0: bind() failure
[ 1819.973176][ T4297] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1819.996824][ T4297] cdc_ncm 5-1:1.1: bind() failure
[ 1820.105268][ T4297] usb 5-1: USB disconnect, device number 10
[ 1820.828682][T18409] loop9: detected capacity change from 0 to 1024
[ 1820.852052][T18409] EXT4-fs: Ignoring removed nobh option
[ 1820.884416][T18409] EXT4-fs: Ignoring removed bh option
[ 1820.892659][T18409] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1821.011393][T18409] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1821.200431][T18415] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3296'.
[ 1821.209488][T18415] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1821.217081][T18415] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1821.227834][T18415] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1821.235492][T18415] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1822.415878][T18409] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3306: Allocating blocks 497-513 which overlap fs metadata
[ 1822.434861][T18409] EXT4-fs (loop9): pa ffff888075b69460: logic 256, phys. 385, len 8
[ 1822.442993][T18409] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1822.966561][T18427] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3297'.
[ 1823.624018][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1829.217466][T18168] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1829.465142][T18168] usb 10-1: Using ep0 maxpacket: 16
[ 1829.492215][T18168] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1829.521784][T18168] usb 10-1: config 0 has no interface number 0
[ 1829.867419][T18168] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1829.887311][T18168] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1830.037673][T18168] usb 10-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1830.065671][T18168] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1830.136674][T18168] usb 10-1: config 0 descriptor??
[ 1830.627409][T14261] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1830.827379][T14261] usb 5-1: Using ep0 maxpacket: 8
[ 1830.930973][T14261] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1831.038641][T14261] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1831.096946][T14261] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1831.386465][T14261] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1831.395611][T14261] usb 5-1: Product: syz
[ 1831.401099][T14261] usb 5-1: Manufacturer: syz
[ 1831.407332][T14261] usb 5-1: SerialNumber: syz
[ 1831.456635][T18168] usb 10-1: can't set config #0, error -71
[ 1831.478528][T18168] usb 10-1: USB disconnect, device number 6
[ 1831.635075][T14261] cdc_ncm 5-1:1.0: bind() failure
[ 1831.652376][T14261] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1831.659489][T14261] cdc_ncm 5-1:1.1: bind() failure
[ 1831.705038][T14261] usb 5-1: USB disconnect, device number 11
[ 1832.027320][T10153] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1832.217829][T10153] usb 4-1: Using ep0 maxpacket: 32
[ 1832.814715][T10153] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[ 1832.872932][T10153] usb 4-1: config 0 has no interface number 0
[ 1832.888409][T10153] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1832.915020][T10153] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1832.918522][T18499] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3321'.
[ 1832.952810][T10153] usb 4-1: Product: syz
[ 1832.968007][T10153] usb 4-1: Manufacturer: syz
[ 1833.135810][T10153] usb 4-1: SerialNumber: syz
[ 1833.157522][T10153] usb 4-1: config 0 descriptor??
[ 1833.165350][T10153] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1833.383564][T10153] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1833.449775][T10153] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1833.834408][T18501] loop9: detected capacity change from 0 to 32768
[ 1833.859152][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1834.837266][T14261] usb 4-1: USB disconnect, device number 12
[ 1834.858714][T14261] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1834.962082][T14261] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1835.031178][T14261] quatech2 4-1:0.51: device disconnected
[ 1836.392119][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3325'.
[ 1839.018210][T18533] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3334'.
[ 1839.690614][T18538] loop9: detected capacity change from 0 to 1024
[ 1839.749958][T18538] EXT4-fs: Ignoring removed nobh option
[ 1839.755572][T18538] EXT4-fs: Ignoring removed bh option
[ 1839.934539][T18538] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1840.149741][T18547] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3337'.
[ 1841.000656][T18538] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1841.378116][T14261] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1841.555196][T18538] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3336: Allocating blocks 497-513 which overlap fs metadata
[ 1841.575230][T18538] EXT4-fs (loop9): pa ffff88804f5bf380: logic 256, phys. 385, len 8
[ 1841.583552][T18538] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1841.747471][T14261] usb 4-1: Using ep0 maxpacket: 16
[ 1841.807843][T14261] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1841.815900][T14261] usb 4-1: config 0 has no interface number 0
[ 1841.887005][T14261] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1841.927362][T14261] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1842.467593][T14261] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1842.477510][T14261] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1842.487477][T14261] usb 4-1: config 0 descriptor??
[ 1842.628104][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1843.074321][T18557] loop9: detected capacity change from 0 to 1024
[ 1843.120239][T18557] EXT4-fs: Ignoring removed nobh option
[ 1843.125934][T18557] EXT4-fs: Ignoring removed bh option
[ 1843.199448][T18557] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1843.272054][T18557] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1843.533915][T14261] usb 4-1: can't set config #0, error -71
[ 1843.549243][T14261] usb 4-1: USB disconnect, device number 13
[ 1843.639840][T18557] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3841: comm syz.9.3339: Allocating blocks 497-513 which overlap fs metadata
[ 1843.655303][T18557] EXT4-fs (loop9): pa ffff88804f5bfee0: logic 256, phys. 385, len 8
[ 1843.663421][T18557] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1844.178467][T18567] ./file0: Can't open blockdev
[ 1845.032032][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1845.668198][T18579] loop9: detected capacity change from 0 to 32768
[ 1846.562528][T18582] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3347'.
[ 1850.719928][T18610] netlink: 5 bytes leftover after parsing attributes in process `syz.9.3358'.
[ 1851.696716][T18615] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3360'.
[ 1852.133740][T18619] loop9: detected capacity change from 0 to 32768
[ 1853.448233][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.457932][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1854.214103][T18636] ./file0: Can't open blockdev
[ 1855.469527][T18643] loop9: detected capacity change from 0 to 32768
[ 1858.814584][T18662] loop9: detected capacity change from 0 to 32768
[ 1862.532342][T18690] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3380'.
[ 1862.541383][T18690] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1862.548933][T18690] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1862.567868][T14261] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1863.184761][T18690] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1863.192398][T18690] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1863.547620][T18347] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1863.767837][T18701] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3385'.
[ 1864.239698][T18693] loop9: detected capacity change from 0 to 32768
[ 1864.287087][T18693] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop9 scanned by syz.9.3382 (18693)
[ 1864.423906][T18693] BTRFS info (device loop9): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1864.437566][T18693] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[ 1864.447052][T18693] BTRFS info (device loop9): use zlib compression, level 3
[ 1865.117361][T18693] BTRFS info (device loop9): using free space tree
[ 1865.423002][T18693] BTRFS info (device loop9): enabling ssd optimizations
[ 1866.249261][T15533] BTRFS info (device loop9): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1868.876101][T18756] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3396'.
[ 1869.925424][T18761] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3397'.
[ 1870.047176][T18765] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1873.529658][T18796] capability: warning: `syz.6.3410' uses deprecated v2 capabilities in a way that may be insecure
[ 1873.810696][T18807] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3416'.
[ 1874.002177][T18818] loop9: detected capacity change from 0 to 512
[ 1874.074600][T18818] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1874.120201][T18818] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1874.305060][T18835] futex_wake_op: syz.4.3424 tries to shift op by -1; fix this program
[ 1874.337345][T18752] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1874.537159][T18752] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 62, changing to 9
[ 1874.557411][T18752] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 11
[ 1874.587726][T18752] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1874.604311][T18752] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1874.619599][T18752] usb 4-1: Product: syz
[ 1874.627995][T18752] usb 4-1: Manufacturer: syz
[ 1874.639870][T18752] usb 4-1: SerialNumber: syz
[ 1875.331912][  T127] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1875.532960][  T127] usb 5-1: Using ep0 maxpacket: 16
[ 1875.543020][  T127] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1875.552829][  T127] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1875.561397][  T127] usb 5-1: Product: syz
[ 1875.565651][  T127] usb 5-1: Manufacturer: syz
[ 1875.570438][  T127] usb 5-1: SerialNumber: syz
[ 1875.587718][  T127] r8152-cfgselector 5-1: config 0 descriptor??
[ 1875.691301][T18752] cdc_ncm 4-1:1.0: bind() failure
[ 1875.707908][T18752] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1875.715036][T18752] cdc_ncm 4-1:1.1: bind() failure
[ 1875.802363][  T127] r8152-cfgselector 5-1: Unknown version 0x0000
[ 1875.899084][T18752] usb 4-1: USB disconnect, device number 14
[ 1876.010619][  T127] r8152-cfgselector 5-1: Unknown version 0x0000
[ 1876.021562][  T127] r8152-cfgselector 5-1: bad CDC descriptors
[ 1876.033398][  T127] r8152-cfgselector 5-1: Unknown version 0x0000
[ 1876.049820][  T127] r8152-cfgselector 5-1: USB disconnect, device number 12
[ 1877.612745][T15533] EXT4-fs (loop9): unmounting filesystem.
[ 1878.085048][T18897] loop9: detected capacity change from 0 to 764
[ 1878.160819][T18897] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1878.376281][T18905] loop9: detected capacity change from 0 to 16
[ 1878.404013][T18870] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1878.411687][T18870] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1878.437640][T18905] erofs: (device loop9): mounted with root inode @ nid 36.
[ 1878.481717][T18905] syz.9.3452: attempt to access beyond end of device
[ 1878.481717][T18905] loop9: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1878.505646][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 24 @ nid 36
[ 1878.519975][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 19 @ nid 36
[ 1878.530850][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 18 @ nid 36
[ 1878.552792][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 17 @ nid 36
[ 1878.572290][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 16 @ nid 36
[ 1878.592621][T18905] erofs: (device loop9): z_erofs_readahead: readahead error at page 12 @ nid 36
[ 1878.612884][T18905] syz.9.3452: attempt to access beyond end of device
[ 1878.612884][T18905] loop9: rw=524288, sector=376, nr_sectors = 16 limit=16
[ 1878.639024][T18905] syz.9.3452: attempt to access beyond end of device
[ 1878.639024][T18905] loop9: rw=524288, sector=384, nr_sectors = 16 limit=16
[ 1880.201609][T18870] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.211456][T18870] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.220969][T18870] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.233118][T18870] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.298073][T18165] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1880.316294][T18942] fuse: Unknown parameter 'func'
[ 1880.489553][T18165] usb 4-1: config 0 has no interfaces?
[ 1880.498014][T18165] usb 4-1: New USB device found, idVendor=e748, idProduct=7698, bcdDevice=38.cc
[ 1880.504555][T18947] fuse: Unknown parameter ''
[ 1880.509406][T18948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3468'.
[ 1880.523518][T18165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1880.532595][T18948] netlink: 'syz.4.3468': attribute type 2 has an invalid length.
[ 1880.542876][T18165] usb 4-1: Product: syz
[ 1880.547154][T18165] usb 4-1: Manufacturer: syz
[ 1880.552596][T18948] netlink: 'syz.4.3468': attribute type 1 has an invalid length.
[ 1880.560702][T18165] usb 4-1: SerialNumber: syz
[ 1880.567117][T18948] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3468'.
[ 1880.589114][T18165] usb 4-1: config 0 descriptor??
[ 1880.987558][   T27] audit: type=1326 audit(1735108197.993:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18956 comm="syz.8.3473" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5abef85d29 code=0x0
[ 1883.140551][ T4299] usb 4-1: USB disconnect, device number 15
[ 1883.170076][T18983] fuse: Unknown parameter 'func'
[ 1883.222980][T18983] fuse: Unknown parameter ''
[ 1883.607790][ T4299] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1883.657689][  T127] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1883.798952][ T4299] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1883.809804][ T4299] usb 4-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 1883.820357][ T4299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1883.838992][ T4299] usb 4-1: config 0 descriptor??
[ 1883.846028][  T127] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1883.862706][  T127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1883.874079][  T127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1883.885453][  T127] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1883.898600][  T127] usb 9-1: New USB device found, idVendor=046d, idProduct=c30a, bcdDevice= 0.00
[ 1883.908093][  T127] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1883.926843][  T127] usb 9-1: config 0 descriptor??
[ 1884.003060][T19021] fuse: Unknown parameter 'func'
[ 1884.020653][T19021] fuse: Unknown parameter ''
[ 1884.258932][ T4299] usb 4-1: USB disconnect, device number 16
[ 1884.378371][  T127] logitech 0003:046D:C30A.0001: hidraw0: USB HID v0.00 Device [HID 046d:c30a] on usb-dummy_hcd.8-1/input0
[ 1884.544885][T16056] usb 9-1: USB disconnect, device number 9
[ 1884.844177][T19047] fuse: Unknown parameter 'func'
[ 1884.859810][T19047] fuse: Unknown parameter ''
[ 1884.917365][T16521] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1885.107460][T16521] usb 5-1: Using ep0 maxpacket: 8
[ 1885.116089][T16521] usb 5-1: config 0 has no interfaces?
[ 1885.136045][T16521] usb 5-1: New USB device found, idVendor=06cb, idProduct=0013, bcdDevice=e8.00
[ 1885.155889][T16521] usb 5-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1885.174625][T16521] usb 5-1: Manufacturer: syz
[ 1885.187757][T16521] usb 5-1: config 0 descriptor??
[ 1885.217387][T16056] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1885.403312][T16521] usb 5-1: USB disconnect, device number 13
[ 1885.417429][T16056] usb 4-1: Using ep0 maxpacket: 32
[ 1885.424220][T16056] usb 4-1: config 2 has an invalid interface number: 114 but max is 0
[ 1885.435962][T16056] usb 4-1: config 2 has no interface number 0
[ 1885.443691][T16056] usb 4-1: config 2 interface 114 has no altsetting 0
[ 1885.456910][T16056] usb 4-1: New USB device found, idVendor=0586, idProduct=343e, bcdDevice=36.25
[ 1885.466299][T16056] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1885.474406][T16056] usb 4-1: Product: syz
[ 1885.479010][T16056] usb 4-1: Manufacturer: syz
[ 1885.483644][T16056] usb 4-1: SerialNumber: syz
[ 1886.497355][T16056] usb 4-1: USB disconnect, device number 17
[ 1886.763986][T19091] binder: 19090:19091 ioctl c0306201 20000280 returned -14
[ 1887.177507][  T127] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1887.368858][  T127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1887.380435][  T127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1887.392324][  T127] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1887.418800][  T127] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1887.462044][  T127] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1887.488413][  T127] usb 9-1: config 0 descriptor??
[ 1887.912230][  T127] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[ 1887.938496][  T127] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[ 1887.977326][  T127] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[ 1890.735489][T19155] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1890.743108][T19155] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1891.257416][T19155] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1891.309008][ T4299] usb 9-1: USB disconnect, device number 10
[ 1891.867355][T18166] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1892.059216][T18166] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1892.077146][T18166] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1892.101799][T18166] usb 4-1: New USB device found, idVendor=1b96, idProduct=0013, bcdDevice= 0.00
[ 1892.111629][T18166] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1892.135846][T18166] usb 4-1: config 0 descriptor??
[ 1892.553603][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x6
[ 1892.566761][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0xd
[ 1892.584437][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x1
[ 1892.591699][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.607372][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.615286][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.627374][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.637725][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.649688][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.660081][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.672689][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.696587][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.716828][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.726948][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.747327][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.763375][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.777331][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.785121][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.793199][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.801081][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.808932][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.815952][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.826431][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.836465][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.846399][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.854637][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.877394][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.884366][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.896069][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.916098][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.923727][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.937492][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.944529][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.967372][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.974411][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1892.997358][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.004385][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.024118][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.038477][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.047578][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.054588][T18166] ntrig 0003:1B96:0013.0003: unknown main item tag 0x0
[ 1893.093121][T18166] ntrig 0003:1B96:0013.0003: hidraw0: USB HID v0.00 Device [HID 1b96:0013] on usb-dummy_hcd.3-1/input0
[ 1893.131667][T18166] usb 4-1: USB disconnect, device number 18
[ 1893.973156][ T4266] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1893.985263][ T4266] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1893.995624][ T4266] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1894.006364][ T4266] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1894.017171][ T4266] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1894.025215][ T4266] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1895.342568][T19234] chnl_net:caif_netlink_parms(): no params data found
[ 1895.419686][T19258] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3596'.
[ 1895.441714][T19258] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3596'.
[ 1895.554477][T19234] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1895.577560][T19234] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1895.585968][T19234] device bridge_slave_0 entered promiscuous mode
[ 1895.658976][T19234] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1895.666210][T19234] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1895.678579][T19234] device bridge_slave_1 entered promiscuous mode
[ 1895.741674][T19234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1895.791508][T19234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1895.982106][T19234] team0: Port device team_slave_0 added
[ 1896.258072][T19237] Bluetooth: hci4: command 0x0409 tx timeout
[ 1896.640107][T19234] team0: Port device team_slave_1 added
[ 1896.710921][T18165] hid-generic 0009:267F:0010.0004: item fetching failed at offset 0/2
[ 1896.769304][T18165] hid-generic: probe of 0009:267F:0010.0004 failed with error -22
[ 1896.903679][T19234] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1896.943002][T19234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1897.108493][T19234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1897.168627][T19234] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1897.213949][T19234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1897.318448][T19234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1897.355993][T19290] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3608'.
[ 1897.573160][T19234] device hsr_slave_0 entered promiscuous mode
[ 1897.604438][T19234] device hsr_slave_1 entered promiscuous mode
[ 1898.307407][ T4267] Bluetooth: hci4: command 0x041b tx timeout
[ 1898.841881][T19321] syz.6.3618 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1899.168146][T16521] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1899.370015][T16521] usb 4-1: config 0 has an invalid interface number: 216 but max is 0
[ 1899.387404][T16521] usb 4-1: config 0 has no interface number 0
[ 1899.419263][T16521] usb 4-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1899.432306][T16521] usb 4-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1900.266335][T16521] usb 4-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7
[ 1900.279536][T16521] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1900.288375][T16521] usb 4-1: Product: syz
[ 1900.292583][T16521] usb 4-1: Manufacturer: syz
[ 1900.297661][T16521] usb 4-1: SerialNumber: syz
[ 1900.318467][T16521] usb 4-1: config 0 descriptor??
[ 1900.328762][ T4299] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1900.346815][T16521] usb 4-1: Interface #216 referenced by multiple IADs
[ 1900.389368][ T4267] Bluetooth: hci4: command 0x040f tx timeout
[ 1900.410281][T16521] snd-usb-audio: probe of 4-1:0.216 failed with error -2
[ 1900.490459][T18860] udevd[18860]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1900.537501][ T4299] usb 9-1: Using ep0 maxpacket: 32
[ 1900.554760][ T4299] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[ 1900.595684][T16521] usb 4-1: USB disconnect, device number 19
[ 1900.607147][ T4299] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[ 1900.645446][ T4299] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1900.664141][ T4299] usb 9-1: Product: syz
[ 1900.674266][ T4299] usb 9-1: Manufacturer: syz
[ 1900.689411][ T4299] usb 9-1: SerialNumber: syz
[ 1900.699469][ T4299] usb 9-1: config 0 descriptor??
[ 1900.716504][T19336] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1900.946348][ T4299] usb 9-1: USB disconnect, device number 11
[ 1901.003946][T19234] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1901.035698][T19362] udevd[19362]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1901.062789][T19234] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1901.166367][T19234] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1901.249116][T19234] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1902.474671][ T4267] Bluetooth: hci4: command 0x0419 tx timeout
[ 1902.816636][T19234] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1902.860354][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1902.882137][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1902.902184][T19234] 8021q: adding VLAN 0 to HW filter on device team0
[ 1902.923442][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1902.953979][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1903.005278][T14153] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1903.012557][T14153] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1903.017718][T19389] kvm: pic: single mode not supported
[ 1903.021017][T19389] kvm: pic: level sensitive irq not supported
[ 1903.058879][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1903.068241][T19389] kvm: pic: single mode not supported
[ 1903.081974][T19389] kvm: pic: single mode not supported
[ 1903.102512][T19389] kvm: pic: single mode not supported
[ 1903.111289][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1903.142787][T19389] kvm: pic: single mode not supported
[ 1903.143025][T19389] kvm: pic: level sensitive irq not supported
[ 1903.156086][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1903.158119][T19389] kvm: pic: single mode not supported
[ 1903.187029][T14153] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1903.189844][T19389] kvm: pic: single mode not supported
[ 1903.192573][T14153] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1903.213540][T19389] kvm: pic: single mode not supported
[ 1903.273670][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1903.321861][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1903.357994][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1903.412407][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1903.428565][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1903.450422][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1903.484335][T19234] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1903.514637][T19234] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1903.540098][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1903.559373][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1903.568249][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1903.590614][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1903.610388][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1903.645610][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1903.994034][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1904.003496][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1904.020706][T19234] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1904.046256][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1904.056437][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1904.089372][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1904.100526][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1904.113897][T19234] device veth0_vlan entered promiscuous mode
[ 1904.123968][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1904.133218][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1904.154234][T19234] device veth1_vlan entered promiscuous mode
[ 1904.191186][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1904.200129][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1904.209366][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1904.219787][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1904.232925][T19234] device veth0_macvtap entered promiscuous mode
[ 1904.245378][T19234] device veth1_macvtap entered promiscuous mode
[ 1904.271585][T19234] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1904.279204][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1904.293344][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1904.302584][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1904.314120][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1904.327814][T19234] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1904.337405][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1904.348223][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1904.361164][T19234] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.370953][T19234] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.380574][T19234] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.390630][T19234] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.493398][T14153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1904.512048][T14153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1904.541377][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1904.561641][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1904.571761][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1904.587147][T14153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1914.550797][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.557146][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1975.990137][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1975.996484][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 2019.027341][T19237] Bluetooth: hci4: command 0x0406 tx timeout
[ 2025.917567][   T28] INFO: task syz.9.3452:18905 blocked for more than 143 seconds.
[ 2025.925353][   T28]       Tainted: G        W          6.1.121-syzkaller #0
[ 2025.932626][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2025.941395][   T28] task:syz.9.3452      state:D stack:24224 pid:18905 ppid:15533  flags:0x00004004
[ 2025.951514][   T28] Call Trace:
[ 2025.954833][   T28]  <TASK>
[ 2025.957865][   T28]  __schedule+0x143f/0x4570
[ 2025.962440][   T28]  ? release_firmware_map_entry+0x186/0x186
[ 2025.968419][   T28]  ? blk_check_plugged+0x250/0x250
[ 2025.973588][   T28]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 2025.980374][   T28]  ? blk_check_plugged+0x250/0x250
[ 2025.985532][   T28]  ? print_irqtrace_events+0x210/0x210
[ 2025.991066][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[ 2025.996213][   T28]  schedule+0xbf/0x180
[ 2026.000367][   T28]  io_schedule+0x88/0x100
[ 2026.004723][   T28]  folio_wait_bit_common+0x878/0x1290
[ 2026.010229][   T28]  ? folio_wait_bit+0x20/0x20
[ 2026.014979][   T28]  ? migration_entry_wait_on_locked+0x1160/0x1160
[ 2026.021489][   T28]  ? erofs_map_blocks+0x1a30/0x1a30
[ 2026.026706][   T28]  ? bio_add_page+0x3a4/0x750
[ 2026.031481][   T28]  z_erofs_runqueue+0xa59/0x1e10
[ 2026.036469][   T28]  ? z_erofs_do_read_page+0x3d00/0x3d00
[ 2026.042107][   T28]  ? __lock_acquire+0x1f80/0x1f80
[ 2026.047750][   T28]  ? z_erofs_pcluster_readmore+0x413/0x450
[ 2026.053607][   T28]  z_erofs_readahead+0xc26/0x1030
[ 2026.059080][   T28]  ? z_erofs_read_folio+0x760/0x760
[ 2026.064326][   T28]  ? __lock_acquire+0x1f80/0x1f80
[ 2026.069460][   T28]  ? blk_start_plug+0x95/0x110
[ 2026.074263][   T28]  read_pages+0x17f/0x830
[ 2026.078669][   T28]  ? folio_add_lru+0x34d/0xd70
[ 2026.083507][   T28]  ? folio_add_lru+0x34d/0xd70
[ 2026.088381][   T28]  ? page_cache_ra_unbounded+0x7b0/0x7b0
[ 2026.094062][   T28]  ? __lock_acquire+0x125b/0x1f80
[ 2026.099241][   T28]  ? __filemap_add_folio+0x1b00/0x1b00
[ 2026.104767][   T28]  page_cache_ra_unbounded+0x68b/0x7b0
[ 2026.110337][   T28]  force_page_cache_ra+0x2a3/0x300
[ 2026.115492][   T28]  generic_fadvise+0x553/0x7b0
[ 2026.120349][   T28]  ? dump_task+0x620/0x620
[ 2026.124806][   T28]  ? __fget_files+0x28/0x4a0
[ 2026.129460][   T28]  ? __fdget+0x182/0x210
[ 2026.133730][   T28]  __x64_sys_fadvise64+0x138/0x180
[ 2026.138935][   T28]  do_syscall_64+0x3b/0xb0
[ 2026.143394][   T28]  ? clear_bhb_loop+0x45/0xa0
[ 2026.148755][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2026.154708][   T28] RIP: 0033:0x7f439ad85d29
[ 2026.159204][   T28] RSP: 002b:00007f439bc77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[ 2026.167817][   T28] RAX: ffffffffffffffda RBX: 00007f439af75fa0 RCX: 00007f439ad85d29
[ 2026.175796][   T28] RDX: 000000000000ff39 RSI: 000000000000aa1f RDI: 0000000000000004
[ 2026.183845][   T28] RBP: 00007f439ae01aa8 R08: 0000000000000000 R09: 0000000000000000
[ 2026.191888][   T28] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[ 2026.199941][   T28] R13: 0000000000000000 R14: 00007f439af75fa0 R15: 00007ffc854ab038
[ 2026.208069][   T28]  </TASK>
[ 2026.211208][   T28] 
[ 2026.211208][   T28] Showing all locks held in the system:
[ 2026.219013][   T28] 2 locks held by kworker/u4:1/11:
[ 2026.224157][   T28] 1 lock held by rcu_tasks_kthre/12:
[ 2026.229647][   T28]  #0: ffffffff8d32b250 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x34/0xde0
[ 2026.240238][   T28] 1 lock held by rcu_tasks_trace/13:
[ 2026.245574][   T28]  #0: ffffffff8d32ba70 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x34/0xde0
[ 2026.257234][   T28] 1 lock held by khungtaskd/28:
[ 2026.262157][   T28]  #0: ffffffff8d32b080 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[ 2026.272119][   T28] 2 locks held by getty/4012:
[ 2026.276811][   T28]  #0: ffff88814d40d098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[ 2026.286816][   T28]  #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[ 2026.297588][   T28] 1 lock held by syz.9.3452/18905:
[ 2026.302720][   T28]  #0: ffff888072710de8 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0
[ 2026.313996][   T28] 
[ 2026.316336][   T28] =============================================
[ 2026.316336][   T28] 
[ 2026.324852][   T28] NMI backtrace for cpu 0
[ 2026.329205][   T28] CPU: 0 PID: 28 Comm: khungtaskd Tainted: G        W          6.1.121-syzkaller #0
[ 2026.338584][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2026.348655][   T28] Call Trace:
[ 2026.351941][   T28]  <TASK>
[ 2026.354886][   T28]  dump_stack_lvl+0x1e3/0x2cb
[ 2026.359638][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[ 2026.365123][   T28]  ? panic+0x764/0x764
[ 2026.369209][   T28]  ? vprintk_emit+0x622/0x740
[ 2026.373912][   T28]  ? printk_sprint+0x490/0x490
[ 2026.378701][   T28]  ? nmi_cpu_backtrace+0x252/0x560
[ 2026.383922][   T28]  nmi_cpu_backtrace+0x4e1/0x560
[ 2026.388907][   T28]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[ 2026.395101][   T28]  ? _printk+0xd1/0x111
[ 2026.399281][   T28]  ? panic+0x764/0x764
[ 2026.403366][   T28]  ? __wake_up_klogd+0xcc/0x100
[ 2026.408259][   T28]  ? panic+0x764/0x764
[ 2026.412340][   T28]  ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0
[ 2026.418431][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 2026.424508][   T28]  nmi_trigger_cpumask_backtrace+0x1ae/0x3f0
[ 2026.430517][   T28]  watchdog+0xf88/0xfd0
[ 2026.434698][   T28]  ? watchdog+0x1f8/0xfd0
[ 2026.439048][   T28]  kthread+0x28d/0x320
[ 2026.443130][   T28]  ? hungtask_pm_notify+0x50/0x50
[ 2026.448169][   T28]  ? kthread_blkcg+0xd0/0xd0
[ 2026.452775][   T28]  ret_from_fork+0x1f/0x30
[ 2026.457225][   T28]  </TASK>
[ 2026.460972][   T28] Sending NMI from CPU 0 to CPUs 1:
[ 2026.466224][    C1] NMI backtrace for cpu 1
[ 2026.466247][    C1] CPU: 1 PID: 14153 Comm: kworker/u4:22 Tainted: G        W          6.1.121-syzkaller #0
[ 2026.466266][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2026.466278][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[ 2026.466307][    C1] RIP: 0010:chacha_permute+0x406/0x1050
[ 2026.466328][    C1] Code: 44 01 f6 89 74 24 20 31 f1 c1 c1 07 01 fa 41 31 d7 41 c1 c7 07 44 01 e8 31 c3 c1 c3 07 41 01 ca 45 31 d5 41 c1 c5 10 45 01 f8 <45> 31 c1 41 c1 c1 10 8b 6c 24 14 01 dd 89 6c 24 14 41 31 ee 41 c1
[ 2026.466343][    C1] RSP: 0018:ffffc90004eaf5e8 EFLAGS: 00000013
[ 2026.466357][    C1] RAX: 000000009a0a681f RBX: 0000000021f309b9 RCX: 000000002652b8ab
[ 2026.466369][    C1] RDX: 0000000084af7a69 RSI: 000000004b624beb RDI: 0000000041287e1e
[ 2026.466381][    C1] RBP: 0000000075021eca R08: 0000000033b53051 R09: 00000000b8e1e159
[ 2026.466392][    C1] R10: 00000000f5ba510e R11: 0000000086d3ad76 R12: 0000000075021eca
[ 2026.466403][    C1] R13: 000000006072f7a2 R14: 00000000af4e946c R15: 00000000ea9984cb
[ 2026.466415][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 2026.466430][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2026.466442][    C1] CR2: 0000562152703600 CR3: 000000007eb67000 CR4: 00000000003506e0
[ 2026.466456][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2026.466466][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2026.466476][    C1] Call Trace:
[ 2026.466481][    C1]  <NMI>
[ 2026.466487][    C1]  ? nmi_cpu_backtrace+0x3de/0x560
[ 2026.466515][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2026.466543][    C1]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[ 2026.466569][    C1]  ? nmi_handle+0x25/0x440
[ 2026.466602][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[ 2026.466618][    C1]  ? nmi_handle+0x12e/0x440
[ 2026.466643][    C1]  ? nmi_handle+0x25/0x440
[ 2026.466669][    C1]  ? chacha_permute+0x406/0x1050
[ 2026.466686][    C1]  ? default_do_nmi+0x62/0x150
[ 2026.466703][    C1]  ? exc_nmi+0xa8/0x100
[ 2026.466717][    C1]  ? end_repeat_nmi+0x16/0x31
[ 2026.466738][    C1]  ? chacha_permute+0x406/0x1050
[ 2026.466756][    C1]  ? chacha_permute+0x406/0x1050
[ 2026.466774][    C1]  ? chacha_permute+0x406/0x1050
[ 2026.466792][    C1]  </NMI>
[ 2026.466797][    C1]  <TASK>
[ 2026.466819][    C1]  chacha_block_generic+0x9b/0x1340
[ 2026.466839][    C1]  ? __crypto_xor+0x1a50/0x1a50
[ 2026.466855][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 2026.466884][    C1]  ? crng_make_state+0x3cd/0xb50
[ 2026.466912][    C1]  crng_make_state+0x3f2/0xb50
[ 2026.466939][    C1]  ? crng_make_state+0x209/0xb50
[ 2026.466964][    C1]  ? urandom_read_iter+0x140/0x140
[ 2026.466988][    C1]  ? process_one_work+0x8a9/0x11d0
[ 2026.467029][    C1]  _get_random_bytes+0xd3/0x2b0
[ 2026.467056][    C1]  ? get_random_bytes+0x20/0x20
[ 2026.467088][    C1]  ? in_aton+0x39b/0x430
[ 2026.467112][    C1]  ? skb_put+0x110/0x1f0
[ 2026.467141][    C1]  nsim_dev_trap_report_work+0x61a/0xab0
[ 2026.467173][    C1]  ? process_one_work+0x7a9/0x11d0
[ 2026.467194][    C1]  process_one_work+0x8a9/0x11d0
[ 2026.467224][    C1]  ? worker_detach_from_pool+0x260/0x260
[ 2026.467247][    C1]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 2026.467271][    C1]  ? kthread_data+0x4e/0xc0
[ 2026.467302][    C1]  ? wq_worker_running+0x97/0x190
[ 2026.467321][    C1]  worker_thread+0xa47/0x1200
[ 2026.467349][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 2026.467376][    C1]  kthread+0x28d/0x320
[ 2026.467390][    C1]  ? worker_clr_flags+0x190/0x190
[ 2026.467409][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 2026.467425][    C1]  ret_from_fork+0x1f/0x30
[ 2026.467456][    C1]  </TASK>
[ 2026.483726][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[ 2026.483745][   T28] CPU: 0 PID: 28 Comm: khungtaskd Tainted: G        W          6.1.121-syzkaller #0
[ 2026.483770][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2026.483783][   T28] Call Trace:
[ 2026.483791][   T28]  <TASK>
[ 2026.483800][   T28]  dump_stack_lvl+0x1e3/0x2cb
[ 2026.483842][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[ 2026.483879][   T28]  ? panic+0x764/0x764
[ 2026.483902][   T28]  ? llist_add_batch+0x160/0x1d0
[ 2026.483937][   T28]  ? vscnprintf+0x59/0x80
[ 2026.483966][   T28]  panic+0x318/0x764
[ 2026.483989][   T28]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[ 2026.484026][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[ 2026.484054][   T28]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[ 2026.484089][   T28]  ? nmi_trigger_cpumask_backtrace+0x338/0x3f0
[ 2026.484127][   T28]  ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0
[ 2026.484165][   T28]  watchdog+0xfc7/0xfd0
[ 2026.484202][   T28]  ? watchdog+0x1f8/0xfd0
[ 2026.484236][   T28]  kthread+0x28d/0x320
[ 2026.484263][   T28]  ? hungtask_pm_notify+0x50/0x50
[ 2026.484291][   T28]  ? kthread_blkcg+0xd0/0xd0
[ 2026.484314][   T28]  ret_from_fork+0x1f/0x30
[ 2026.484358][   T28]  </TASK>
[ 2026.492284][   T28] Kernel Offset: disabled
[ 2026.939010][   T28] Rebooting in 86400 seconds..