last executing test programs:

1m26.912790396s ago: executing program 2 (id=265):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
pselect6(0xfffffffffffffe5e, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getrlimit(0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xd}, {0x2, 0xfff1}, {0x1, 0xfff1}}}, 0x24}}, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@empty, @in6=@private1}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x4c, &(0x7f000002eff0)={0x0, 0x0}, 0x10)
sendto(0xffffffffffffffff, 0x0, 0x34000, 0x0, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c)
getsockopt$bt_hci(r2, 0x0, 0x1, 0x0, &(0x7f0000000680))
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)

1m26.712934004s ago: executing program 2 (id=267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@migrate={0xec, 0x21, 0x1, 0x0, 0x0, {{@in=@private, @in=@loopback}}, [@migrate={0x9c, 0x11, [{@in6=@empty, @in6=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@rand_addr=' \x01\x00', 0x0, 0x2, 0x0, 0x0, 0x0, 0xa}, {@in=@empty, @in6=@remote, @in=@remote, @in=@dev}]}]}, 0xec}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x6, &(0x7f00000001c0)={0x1, 0x4})
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
fcntl$lock(r6, 0x6, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)

1m25.510345539s ago: executing program 2 (id=269):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@dioread_nolock}, {@usrjquota}, {@nojournal_checksum}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0x8000c61)
pwritev2(r1, &(0x7f0000000300)=[{&(0x7f0000000140)="e7", 0x1}], 0x1, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x3)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000000dfff000000000006bb8d8d00"})
syz_open_pts(r2, 0x48f00)
syz_open_dev$tty20(0xc, 0x4, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r3, 0x0)
chdir(&(0x7f0000000380)='./file0\x00')
creat(&(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.swap.current\x00', 0x26e1, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000500), 0x10, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x1, 0x3ff, 0x1ff, 0x0, 0x16, "f407a93104d67e1fb6ffffffffffffffffb68e"})

41.253076512s ago: executing program 2 (id=288):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan1\x00', <r2=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r6}, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000080)=0x8000000ffffffff)
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='sysfs\x00', 0x0, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r8)
close(r8)
chroot(&(0x7f0000000340)='./file0/../file0/../file0\x00')
umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000200)='./file0/../file0/../file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={[{@clone_children}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r2, @ANYBLOB="362e97440498215eabc8a4a6086b2e7ebe2607ea3bcec536a2b2da8ff9bf3dc0d536201c1e8b9d3f9103107f07c87f49d20c00ce9f4341dad7acf860e85d881dcf2d4a8217698b28d8151da9cfcb243de6f6b495990d9f268ff02798d7e9e181ef780fe73972b29f4edaa2abfa510419058220d977"], 0x3c}}, 0x0)
socket(0x2000000015, 0x80005, 0x0)

40.812574031s ago: executing program 4 (id=343):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/igmp6\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x3, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
unlinkat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x200)
getdents64(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x28, 0x1, 0x4, 0x3, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFULA_CFG_MODE={0xa, 0x2, {0x6, 0x1}}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x10000004}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r6, &(0x7f0000000000), 0x0)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r7=>0x0)
io_submit(r7, 0x0, &(0x7f0000000800))
fcntl$dupfd(r0, 0x406, r0)
socket$netlink(0x10, 0x3, 0x0)

40.760641705s ago: executing program 0 (id=344):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pselect6(0xfffffffffffffe5e, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5043, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getrlimit(0x2, &(0x7f0000000040))
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xd}, {0x2, 0xfff1}, {0x1, 0xfff1}}}, 0x24}}, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x4c, &(0x7f000002eff0)={0x0, 0x0}, 0x10)
sendto(0xffffffffffffffff, 0x0, 0x34000, 0x0, 0x0, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c)
getsockopt$bt_hci(r4, 0x0, 0x1, 0x0, &(0x7f0000000680))
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)

39.428379422s ago: executing program 2 (id=345):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
rt_sigqueueinfo(0x0, 0x2, &(0x7f00000001c0)={0x2, 0xff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ptrace$peeksig(0x4209, r4, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0xa}, &(0x7f0000000dc0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}}, 0x0, 0x3a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x1010000, &(0x7f0000000300)=ANY=[@ANYBLOB="757466383d302c757466383d312c756e695f786c8474653d302c757466383d312c696f636861727365743d63703836392c73686f72746e616d653d6c6f7765722c757466383d302c636865636b3d72656c617865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c757466383d302c73684f72746e616d6372653d77696e39352c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f775895eab5203c7d0465722c636865636b3d7374726f636861727385ad88bce6564daa5c0a655ab1814ceb338375d1c24b5274e1a7787e4622dd161aa252fd6404650d5303abd271a2e19e259acbe6d5fabc2baae623e50f3f76ad69d591c95b903b59105745fc03dc4231ff7fe5642f1e9ba5077f007fc31af97f5b1d61d8816fbbdf506b267f43b80a47499472aff5"], 0x1, 0x366, &(0x7f0000001e00)="$eJzs3U9oI9UfAPBvOmnSLvx+zU0UhOhN0GW7N73YIl1Y7EUl+OcgBrerklShxWJ72LYeFI+CRz15U9CDB/EogiLePHh1BVkVD7q3BRefJJNJpknbbRerFD8faPL6nfd9782bIZkOyetzC9G5NB2Xr1+/FjMzlaguPLIQNyrRiCwKOzGptk8MADgdbqQUv6fcEVMqJzwkAOCE9d//X4iIZjTyyOtfHlY/efcHgFNv8Pf/7GF1Zg7a8MqJDAkAOGET9//v3bO51v+pFr9WS58KAABOqyeefubRxeWIx5vNmYjVNzdaG614aLR98XK8FN1YiXMxFzcj8guF3kOl/3jh4vLSuWazuR0/NaIVEVODxFZ+pbCY9fPrMR9z0RjkD642UkrZhU+Wl+abfRGxs93vP1YrG63pODPo//szsTK68Cga6T9FXFxeOt8cNNBaLfK3I3ZH9y164z8bc/Ht88NmUio+wbi8dGW+GPQof6NVj0vDWTjwDggAAAAAAAAAAAAAAAAAAAAAANyWs82hxnD9nNR7zlfKOTuq0JiKiNH6OHn+YH2g3Xx9oFRPtZR+e+2B1ltZ7FkfaHx9ng0LCQIAAAAAAAAAAAAAAAAAAMDQ+mYt2t3uytr65lanXNheW9+ciohe5OWvP/piNibr3KJQzbuoRwy7aA663eq0U1ZUTlnEZHrW67yIfPDpcMTlOvXhXuw7jPrBm7rd/93z47ujyN1Z0fKfozpZ7L+DWWkYD4+1vPr/fEjHmahh4Xw5Up/s/WpKqRR5o5x+5dnJBqMSUT3+gdvqTMXBdVKv8NW1F+8sZr/9ecrdd//ck1ffef+XTrvb6zn6R7C2tn4zddqVovLxpqU31UWkEnmhUj4Tqoel7+6NtLPvfn3qrre/OVrvqRx5tXc+j9XJ8t35eDy9lhd6wxzbNDtKnx7sRHdlep+T/1aF2zimd7z32Ycp/fDzkbsYmdrzkjH79736AAAAAAAAAAAAAAAAAAAAZaXvig8Mvuw7fVjWg4+d/MgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4J8z+v//pcLuToxFjlL4Y3ufrPrK2npE7d/eTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/uP+CgAA//9XMFlf")

39.157527225s ago: executing program 0 (id=346):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4000, &(0x7f0000001240)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303230322c756d61736b3d30303030303030303030303030303030303030303030322c646d6f64653d30303030303030303030303030303030303037373737372c766f6c756d653d30303030303030303030303030303030303030312c73686f727461642c73686f727461642c6e6f7672732c6e6f7672732c6164696e6963622c6769643d69676e6f72652c646d6f64653d30303030303030303030303030303030303030303031302c6164696e6963622c6164696e6963622c73657373696f6e3d30303030303030302a604f7e3030303030303030303030352c0007ec6278e01f2ca1b3e247de8f095ab58520740203338bee59c32f5ae18bcdb3bf3d6fce2d78715a6d286bf862b384fb75a7b5e8394fe5f2cd121b67bcde32bb50f0dc41a76e187c5e236b84f24e1e8339dc2d02cd718a665a3d49afcfdd0a9efcb4f4bde15333eb64d9cdf83e260f53c2fe4faf03c02e68775d873415a7de35fbe9bc18ffa4458f2ba090163596407e21cf24f3e95d951f94d8b0f928836937d62a232dfe64290984e35230f25dbdf6d9d1fa2d8e381af0f6a01ed43ccb03e1b88162c12dd584649b"], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x3, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000200)={0x0, [], 0xc})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x50f, 0x24)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r2, 0xc0305602, &(0x7f0000000080)={0x0, 0x6})
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2\x00', 0x1ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r5, 0x0, 0x30, &(0x7f0000000000)="1700000002000200000800000000000000002b00030100000057fc5ad90200fb6a880000d6c9db0000db15d091bd8b7002300e00d9ce9bc7e20000000000ff01800a0000ebfc06079b3259100ac45761547a681fc92bbdeab2c65b3c0f077dee4a5acba400001fb700674f00c805bbf9315033bf79ac17c062068f5ee50c08af9bfa558302ffff02ff03060000000840", 0x90)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xffffffffffffffa9)
accept4$packet(r3, &(0x7f0000000e00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000e40)=0x14, 0x80000)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, r6, 0x0)
ftruncate(r6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
read$FUSE(r3, &(0x7f0000002d80)={0x2020}, 0x2025)

39.144846297s ago: executing program 4 (id=347):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000d00)=ANY=[@ANYRESHEX], 0x401, 0x0)
msgsnd(r3, 0x0, 0x401, 0x0)
msgsnd(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="02"], 0x14, 0x0)
msgrcv(r3, 0x0, 0x0, 0x0, 0x1000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/loop0', 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x0, 0x0, 0xb3, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000180)={0x2020}, 0x2020)
lseek(r4, 0xfffffffffffffff5, 0x1)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@dev, @dev}, 0x10)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000001c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @multicast2}, 0x10)

38.851687682s ago: executing program 2 (id=348):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setpriority(0x1, 0x0, 0xfffffffffffffff9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setns(0xffffffffffffffff, 0x4000000)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f00000005c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debug,usefree,tz=UTC,flush,nodots,\x00'], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)={0x60, 0x13, 0x4, 0x70bd2d, 0x0, {0x3, 0x87, 0x1, 0x4, {0x4e22, 0x4e20, [0x8, 0x6, 0x4, 0x2], [0x5, 0x7, 0x1, 0x1000], 0x0, [0x5, 0x4]}, 0x2, 0x1}, [@INET_DIAG_REQ_BYTECODE={0x12, 0x1, "6f17d64dd968298569ca29d86e26"}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000800}, 0x40004)
syz_emit_ethernet(0x76, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x0, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @sack={0x5, 0xe, [0x0, 0x0, 0x0]}, @md5sig={0x13, 0x12, "d60e1e6d1995713e36a45f0895edbac3"}, @md5sig={0x13, 0x12, "3b94bab91e007c67e3bf8194e9d8e3db"}, @mptcp=@ack={0x1e, 0x4}]}}}}}}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400050000000000000000000000000000010c00028005000100000000000800"], 0x98}, 0x1, 0x0, 0x0, 0x4008010}, 0x40000000)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0xc0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x2c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @empty}]}]}, 0xc0}}, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r6 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r6, r5, 0x0, 0x80000000)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f0000000040)={0x2c, &(0x7f0000000240)={0x20, 0x0, 0x5, {0x5, 0x2, "a8dad2"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r7, &(0x7f00000002c0)={0x24, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r7, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)

37.687027144s ago: executing program 4 (id=351):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x7, &(0x7f0000000140)=0x40, 0x4)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f00000000c0)='system.posix_acl_access\x00', 0x0, 0x24, 0x0)
socket$key(0xf, 0x3, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000400000000000900020073797a310000000005000100"], 0x5c}}, 0x800)
sendmsg$IPSET_CMD_DESTROY(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000940)=@newsa={0x180, 0x10, 0x713, 0x1000000, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@empty, 0x0, 0x2}, {@in6=@private2, 0x0, 0x32}, @in=@broadcast, {}, {}, {0x0, 0x200, 0xfffffffe}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x18}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x48, 0x1, {{'digest_null\x00'}}}]}, 0x180}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r7}, 0x38)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@gettaction={0xe0, 0x32, 0x0, 0x70bd28, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x14, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x3ffe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x2000004}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x7}, @action_gd=@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffa}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffff551}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf9}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7f}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x39}]}, 0xe0}}, 0x20000000)
syz_genetlink_get_family_id$tipc2(0x0, r2)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ed5696c5820fae000000000000531f4d33032fe65690c2003e86dda958", 0x1d)
r8 = accept4(r1, 0x0, 0x0, 0x80000)
sendmmsg$unix(r8, 0x0, 0x0, 0x8)
socket$can_bcm(0x1d, 0x2, 0x2)
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r9, &(0x7f0000000000), 0x10)

37.659820017s ago: executing program 0 (id=352):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
pselect6(0xfffffffffffffe5e, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getrlimit(0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xd}, {0x2, 0xfff1}, {0x1, 0xfff1}}}, 0x24}}, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@empty, @in6=@private1}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x4c, &(0x7f000002eff0)={0x0, 0x0}, 0x10)
sendto(0xffffffffffffffff, 0x0, 0x34000, 0x0, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c)
getsockopt$bt_hci(r2, 0x0, 0x1, 0x0, &(0x7f0000000680))
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)

35.387124666s ago: executing program 0 (id=355):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000d80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd072f5b89c3043c47c896ce0bce66a245ad98a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b90007cfa6fa26fa7a34700de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x8, 0x50, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@cgroup=r1, r3, 0x26}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r5 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r4, @ANYRESHEX=r4, @ANYRESOCT=r3], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000580)=""/198, 0xc6}], 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r4, &(0x7f0000000680), &(0x7f0000000040)=@udp6=r2}, 0x20)
r7 = fsopen(&(0x7f0000000100)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
sendmmsg$inet6(r2, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e25, 0x2, @local, 0x4}, 0x5c, 0x0}}], 0x1, 0x0)
unshare(0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

31.535120714s ago: executing program 0 (id=359):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
read$FUSE(r4, &(0x7f000000c600)={0x2020}, 0x2020)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
ioctl$sock_bt_hci(r5, 0x400448c9, &(0x7f0000000880))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

31.488789048s ago: executing program 4 (id=360):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x154}}, 0x9000)
r1 = syz_usbip_server_init(0x3)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r2, &(0x7f00000000c0)={0x1a, 0x309, 0x0, 0x5, 0x0, 0x0, @remote}, 0x10)
write$usbip_server(r1, &(0x7f0000000980)=ANY=[@ANYBLOB="000000030000000300000000000000010000000100010000000000c50000010700000017000000020000000000000000d9ea674cb745f1030ee2135d07ef8da5916b1a3650a15dec672c3b254efc68094486a8c06db50751318972661ff8331acde30b7866643ed73955b6949f82a02182fd6ce9b5b9f27eb889dfd6de034c7862365a46a75c199e680cfb93a21f710354bd1dd8124f4660d6179a4dce7c5a9fc05fad3451e852ac0747da2c25508c0db13eefa3d6da1f40a44bbdaaec8841151e5af587790101e3a77a9a60b0417788e765f42a8652406f6174bd9a076e9f0c973006406aff127de33767fae5ff2d4eb580847ee4fc000000040000000200000001000001ff00000007000000050000000000000000000000010000ffff0000000800000003000000c000000fff00000002000007ff000017ccffffffc1000000060000000100004dab0000000100000a3d000000490000800000000008000000070000005c0001000100000020000000bd0000dfffffff8fc900000001000052bc00000fff00000009000004000000000200ff0000000100000000fffffff9000007ff00000fff00000009000000090000000800000009000001cf00000006000005b600000004000101000001000000000fff000040000000000000000f140000e8d7000000200000000000000009000000040000d46d0000001c0000000800000fff000002a3000000060000003fffffffff000000000000800000001000fffffffc000000010000036100000006fffffffd0000000700000200000001000000000000000900000004000000fe000000070000089c5f"], 0x265)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000011c0)={0x18, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x4800)
ioperm(0x0, 0xe4d, 0x2)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x8, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000300)={{{@in=@multicast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {0xcb}, 0x0, 0xfffffffc, 0x1}, {{@in=@loopback, 0x0, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffffffff00000001, 0x151000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0402"], 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
getpid()
sched_setscheduler(0x0, 0x3, &(0x7f0000000280)=0x1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_GETPROPERTY(0xffffffffffffffff, 0xc04064aa, &(0x7f0000000100)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000600)=[{}, {}, {}, {}, {}], 0x0, 0x0, '\x00', 0x7, 0x5})

28.890490716s ago: executing program 4 (id=364):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
pselect6(0xfffffffffffffe5e, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getrlimit(0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xd}, {0x2, 0xfff1}, {0x1, 0xfff1}}}, 0x24}}, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@empty, @in6=@private1}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x4c, &(0x7f000002eff0)={0x0, 0x0}, 0x10)
sendto(0xffffffffffffffff, 0x0, 0x34000, 0x0, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c)
getsockopt$bt_hci(r2, 0x0, 0x1, 0x0, &(0x7f0000000680))
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)

28.252512992s ago: executing program 0 (id=365):
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x408440, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000100), 0x500, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r2, 0x4010640a, &(0x7f0000000e40)={0x0, 0x0})
syz_emit_ethernet(0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="e5ed806abf77aaaaaaaaaabb08004500004c00611000002190780a0101000000000005009078ac1e03014c000000fffe000000000000ac1414bbe0000001075300ac1414aafffffffeac1414bbffffffff89072de00000020000"], 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000200)={0x10, 0x2, 0x0, "11010100001400000100b64c0000005c4b7c1500"})
readv(r1, &(0x7f0000002740)=[{&(0x7f0000000180)=""/29, 0x1b}], 0x2)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
pwritev(r6, &(0x7f0000000080)=[{&(0x7f0000000300)="c70f1c13", 0x4}], 0x1, 0x7ffffd, 0x0)
fallocate(r5, 0x3, 0x80000, 0x80000001)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0))
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
gettid()
r9 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES8=r5, @ANYRES16=r8, @ANYBLOB="010000000000000000000200000008000100", @ANYRES64=r9, @ANYBLOB="c523339da09c66caaed1fbcdf9529c2cd8880f601306c6f7dd95a1ff9a10fb81fc94323c5167e6695eaa076982c67becb7394e1b710a2b926fd6eda172a9d8cd34945e70f79219543186c1"], 0x1c}, 0x1, 0x0, 0x0, 0x4041}, 0x20000000)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r10, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
socket$unix(0x1, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582"], 0x0)

28.169524509s ago: executing program 4 (id=366):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRESOCT, @ANYBLOB="67b8ed77ab82513664511ea67d1fcaadffba39938d78be1ff85280771cf63d5f423eadaf2193d1e15762b9fe3a3f3c7d8a18f88d43f98558a0422d07ccaab56ad8ab2b9b747b61f26421cc72cc01f6ca35858dbe4b83312410696970ed243f36e1d5630000000000", @ANYRES32, @ANYRES8, @ANYBLOB="4ae1a945aeb21706957dde351ec8ff116a6b3473e0deff096a7a9960f5281511c5c47eb1c5e81a6f4e6b67d2f104c6f6bd75ba564ea271b90918141ca9ae7ec8ff84f65a8e55ef364ed4b7cda365d2935abbeb15bc14f380d8de399a640bca33e95e253b42ccf675343ce2da37825992301874699273f67b3e31955525703878d46297f48914be3520ae0ff1e18afd8bea2ac8070fedf1312f364323304c89f699f1b79fa834ae4a0303d0aed4146c43a4a0e2c3867144adba2514bfa44470568e04b7f7ed242f22faa1335c5f3f9c151a49b9f400492aed270d726951f9808f13465695b4ae78bf1e6a128ed02cc1ad69065b02e40d4707ff5296a387094ab8f508d10647690f9b8af8258ad2f7d91ba4a4ede6620dc8503e8f6a8a41e5c92940956302a6259132839a3bfbe40c86037740c457a4a91663dbe29eb8018d1a64431406b565db6e9edd275be2e1972868165404eb55b61c9e3bb4a6666fabf1872e84582c08c0d252d33cf30815f79effbb8abaa9cdeb2be24ab58bedb8cdd44e337a45f24c647b5fc3277a7061864f2fe3915ff7b909f1391dc295f0f96d719109d57b4a74fd1c8595984a4d7091831164344646ada99ff84618f0efda712d61cbf8c74a7c74e9f02f0c5b7911c2eaed7658b1b7b127b8bd9ab9c02bafdfb6b80b57a8fc33adf94b80c7a0e0a75c52fcc19bc43f28167b7f34def1a65a8a678cddc3469b0e264610f3e6ce4fcc654d3d226eb096af08f661e967f902d578c3dde4e2b163f0d9324b069df875eca253e1b23e79e12ad7ffeef2482abe03a174dc1833d32a8449e7869e33d36bab788d3607eceac192d8962631ee1f347bf885734ac099b29d6dbdb21c19eac52e6ebd5cf262f7380b08c93dcc6d9ce8302a0964c3393b7f91e85b794db2877df27ec391c4eed19494be1d8577d844231ee04e4fb4d9ebee4ca840400dd48f3956cc00cb4cf4eb385f677ef464cf33ae593bc56d6f8a708913a31fd33529f3277234045e7a40625abe72ef2721c56180ea493abf500d4d3bcc705cd86ca9aba1b5ac6ba1e3d45fb7e924de2981c4ebd12c3153ecee793a6d73d6607f83058cc5bbc7cd0b2dbf87cd0c53d4013607a572933dbbdc41da669dbbdf2af1021dc45842728dde269ed7b1ad1ac659587906496f6c31672809d32d8fa3971e5805d6fbeac54edde27336b737cb50e7d934d65a75f631823fd8f3322ba173201f5678f22c5413291837a6fcbf66befc4186a42baaf798fdf256659d5d9c3a4cd7086981f4b62e80a58790e029a84c365beb6b880a0de307a6cba3366f035cfaadd3ba25bb474965a3b8c441a469477bf5b43bffe448532f4fa421f3f832b9523057d848a6f83a80f82a333e743e856988c017abf5468237d8c032aebe39d2b24f9c35c30739791e51b0050744bdaa799b019aa40e273d74775f1ed3b505aa74c1cb125c63b042b82135bfe81712cea79873f56736e8299903f40a0342f543040d9181b6357e2b3135f39117c5739dc5aac2487338f92b9935cf9a0a5ea7654721f859aea6c269f303ed48fb440b23ccfc4aac318652512ca0290e44dd7edc44cda783a2c0c23353f1ef6ea23a21035d8818594e6bf032f70bca9b96d5f2b1c49939fc90cdfed94a3c6c3890755d8b2d9502c66c23699247b478b21529112fea692f5716019743eaf4918c360e06298de9cd07351e41bb94253d6b62af611b6395df7a696ea2a5469247dd2cfcc26f86bfcc400973b05cfdb933aac527d0b8d31b103d092ab8d84626a954c76cdbbf498b93bf54a356882df73d9e51b084fdb84e2a3bf1710ff28a6862977e3b34fa0e44f57a6c97281db14392bed28c36e603d08b9b679c3a46a3d9654fc876311d64c96f126b006f3e7b3f832f5d88224b096f5564fe1fa39a0e6d9586842e3dd0e70c0dca86dffaae586c3e5bbcd2a48aa6d2890f67f9545d7feb28f61b98b27f124c731a17df7c9f752d578d29816512057a4c719cc0f8ce5896e27b49b19b4c093da0836bfdff6502530f99c7330d7be4336cfdb131714775bbea2fe9e07af8081f3f8acc0c321a83c3e7c3b7d7822648e462bf338a316ad4cccc3a2bc96d5d5dea390b246106a0979df7e53bc9370f478e294e35bfa23002854a14d36d740613be869948170ec07e11c9dfc4cac9d66c1c46b97b9cedbb2ce6bc7e42bbf700f26c89291f3ac53e422f8a5690b0f5862a661c3d2164d1a815db77d0331012a06fc4e73790ae1f721f630b140d0248e46c00ff321aa47a8d8f2b448a741b329ce60b09fa72255d18126e8c683c8ad8b192b31e692d3621b3cf8d2b2672cea04b2319c7f1455023ed6174f62b3811dbb68da4cd2a4f950baed469bf6f539d1e2abdc8c3bfaa95eb92032831eddaf016e36d02974e2a2d67f268ef9c0bded357da782edf9d8304839de89ec92f0d67bcbfc6b0a3e24a8e40860c733189fed8dadfae613db02a23bc29759e67630f1d7a31f696e7cad8223b50dc03d5875a995464a4495595719e52e9e57a375f3ee49c5e7043159d9adf5bf9b40f9effeecaf457bf3a247bd7bc5881e16a511f2da4d75b96d2e7f397c2df0cd1890cb652521f7c46f7a625b1d1c1ce6249853cf804c8e5bb7f02f16248866598c8b8d381e9c1916f00c054d6702da885ccca963af918eaea1146fb6c8218e78174050aa47184e7f5872d8a005653d3f6614cfdb3a8b5a41bafb42f8d8097c6c6c7c3bea26a2e407ffdb6382bbed386ed57981df875e82799132dc1df4d30faff99afb51c17c1feef7acd1d2e25dcbf5ea74b58dd825efdac023d4797d76102891095e5c7bfe7cf0b3acabac2c62eb6b363005b0a64ebe05afbd3d97023f215bf581ab114ab69846e971a52c8d8883da4ec9d9dbb68153898104707c7e3e5c7a4cfaa2140b9dda57db0cde2aaccfadebc9bd355d770f13d3b21f9580608272d4daea47ce89a013445d0dd0b559d6277a9c86e477f8961670a7045dce55302c354ad5d59aa6c0adca442184a087109047762a87c9e4bbf2eaeb5b93cf1c32c5a8e424b0c5232fa0b57743b663531c15a160bca95ba9af8ae4d12c54fefd2ff69af6d32800ec548246903e744ddacf2b62ad2dcd0c0ea4f9b407f30d0dda54c62b232e20d382a11cf32a30ea0e73c6642688c02eb3ff4c953b10de4fa5350d8ab4d8acebd267ecd811774f38398bac5c3767f3ccef6a2767573d964194fcd75021f73d354f8298ea9a91eba7d6f5bb6f53ef046f4a12b8ed78605e544802fcaf12d40f77b7012428d6777aecb0b4a80cd666effb788fd78a45520921770ea520651ee24d12eb250a09f79d1247cc3319dcbb512b39a63ccf8cb2c9ab62e90ee3e7a7f50c9e0d4ee06b06005b77b373de73d8b0d9c3e47007b1fbae0b22a636abd141561964792a27f68d33190f949450ec4e06179b1298d90dd3e67d328143e92e323c21de8d9163fa6f4377620b0a161b234aa2b84d6aa04a36bf4498d64128b7fe3a55dba817cbe9b01d306410a4ed12f7cc81d065115fbe1799e7a22ff24e7b66d96a65cc3dcbedadf98e551a623cf0d9a888166dc23e930cba3800330818b8a393dde3824e2f67229118fd82254625ab890ccc9e15028bcd6df9acb9f55b58feda6620c62297d525422146a5def29987898d5fd53c67770cc84de20db55de9ea0066a524a2f351993ab9b725342486ed9f1f5e566265f03e73a8fe57f628eb7ce922a181c0b31f60c8617f867cc9a61ffe2b6e8ac4d551bec492bec9c8a7f24422758e76b390739cfdea1622b3899207692bc695d4a13b25dd360ba4abc718a8ce85b526a41a74a4021afecd01dca2274f50e108e54988fb34f47bcb5fdba976989ed275f43a97ab02b74543ec4ca6d65dd137a891a4f005c6c701ddfd3ace3593bf381035040547229d1a02e87b75010d33c401b9646af008cec1710812df6e6ab5e660afec887bf2375a2faef35258506953cc5c9f6dab183ccca76c6d631e1be4191d8e556d5b6db8b364e766442083db46736bf54cb4f2762832857006830c28a1ac94a69ede53f5d43392a2353a1c07a3ea64358c4c23cc956efc29dfe6417e23bda0852edda6e40752a009258a8fbd222948c1e738373fec6c473161b2f6550b59f354bcdc0426abe030d75d22b93157db999eb57d96f587386a7fccbbe4248ce1df7ade0ab2900fa70794c5fc90667ab1b4b159550f181b4a34c540709b2811cadcc9b630ad209276ee06025547d9f4ebea7d64bfa18fea6e4380e107c29bd75f33a44dd9039abd7f007e8ea753d5eb59feb2a5793191e08164e3858b1c308e76b9f6df1b3a3f7e0619ee63f81668e04c4c48044465a2549a93cf984f7b5835d59cc1a0cd693fc6a4599c5fb19982cd83735a9339491bb241ba01d881116d83ce89c9b77b480f206042b8782f4bafbc8f8026e4ce357696fd3124d77b6fb790b0a7025a9ed7f13a8f0bb62f3b4f304889de66b7c6b2dc26389945d828241746bf8925a2e621318bd0c67e063250d61a47c17a617529f624513e2ac15d995e660acefb27e0275e1abb5cf16d5bcb328aef57cfb951b3b0f805dfe301bf2f41f83b74d41221c67eae9813dad54e9c09a2e6902e888ac36bea5b2ee05a24cad650b87c5e0a62a9b7a29de7d5985a338931bc007eda2b1f1f3f693619274d2d08fc9f646366b784205ef25e071ac4ec0d4963b032f2040fb5faddd1c354fc96e8eee486d3f3070baae630d74aa5e610b300c78a9cd767946b0dc3ef27c1f370c1a3028788a1b5d6531e9abd3f02d5b4e56f3d32f4b9b04a198038831226e2e522106c6c0892e7059fa645e0937d37e4b373fd4014ad62db94a8a6fc7ed44b2f684dd6df4bc2158f66311d9eed766bf36a8aa2a4d5daa55c59740140dd01025b0272aeee5058b56b0e39c7037364dd653d48da305b375bbcbcbd16e53cd7aed9eef03b74769d5045bb03981f057d917c417b30fd5c0c5961a2eae5d9859dcba3a763a64b4d0a8ca16f4c2b227c03036622a1ea4731dba15820f01d1da4817c7eb07b0126de799cbb2ec646fe0c15c7b3a7caa150cdc865dfaf7a93b7ae87a5fcfdc8162d76739f24a23ce8d3e4289cd69bd4c961eb939496e60939b1c8426881f802447bd875eb0241ea1e427dcf25c95c1b91c53cf1e357b6e4738e42ba2f06335c2924121ff3ffb81f9a26e70a3d4bc57e5cb4605d08995a2a4a0588d2f8901a9910bee0d216a29248f2335c206dddecebc13162850b3131a7fb1f677e97d97739147c5c4122a48cc9b6c9c8fc4cb21781f2d5d32e9e3c020b6aebdaeec494f5edefdc8aea0f4ce74bc8cd047826ef2268de922c4d403c6bf3acedf72da1b8b300f466a0423d9afd73a163dfb7fe91bdff3510acc23482c5c08a55f3d9ac61dc2d60d57f11f2ff72dc4d0e8b005cbf09afc2c0d0302d4da324962a0fbb3509bbd33f7572ff8ee47e379e6e8cfd13bf9fd46844a5f1370b1efd5bd93e18e363274451176c5e3d4c4983f11f4a1275f1b3a402b345f394fa31bb202779cafc2eb5fb8ff52be48613a6a9428a9917963c4f971c5c26162fb9fa95f16d7be391262ab9f520a77758a38f9b0184ab7ee3ab90d223bd96586681a0662819f54f912f70ef7359d3285b6e4fdc652a224d237d38a47c09361c8b3c24b54cc8e0abd17ec283ee0b68ba242de247fc0e6912c38808e33df489fdb593e59e3837914f978f3cf9482a6441ccb67d89929a5453111c3365a5ca31459e870efec48e64e212f1146", @ANYRES16], 0x9, 0x2af, &(0x7f00000001c0)="$eJzs3b9ra1UcAPDvTdMk6pAOTiJ4QQenx+tbXVIkDx5mUjKogz5sC9IEoYWCP/DSydXF0b9AENz8J1z8D9wV3OxQOHKTe5u0pmmjTau+z2doT+8533O+9/T0F+V+8+HL44PdPPZPvvglOp0sGr3oxWkWW9GIWkopxUzv6wAA/stOU4rf09QqcVlEdNaXFgCwRiv//P9h7SkBAGv2zrvvvbUzGPTfzvNOPB5/dTws/7Iv30/7d/bj4xjFXjyMbpxN/xdQ/7ZQvn2cUiqaeWkrXhsXx8MycvzBT9X8O79FTOK3oxtbk0sX458M+tv51K9vnMcXZR7PV+v3yvhH0Y0XF6z/ZNB/VMXPrV/EsBWvvzqX/4Poxs8fxScxit1JErP4L7fz/M30zR+fv1+mV8ZnxfGwPRk3kzbu+FMDAAAAAAAAAAAAAAAAAAAAAMD/2IOqdk47JvV7yktV/Z2Ns/KDzchr8/V9iro+UFZPdKk+UJHi25TazYhB/2Ge56kaOItvxkvNaN7PXQMAAAAAAAAAAAAAAAAAAMC/y9Gnnx08HY32Dm+lUVcDqB/r/7vz9OauvBLLB7dnazWq5pKZY6Mek5WtJTOXN3FL23Jd47mrcv7u+1Un7Fw/ZnPZ/vyTRuf8Sn26Dp5mi/ewfb7znfqQ/Dg/phU3XLR1VVda6fi1FnZ1V96E1guTRrFkTGSLE2tf+LqsurLLd9G6+tBuVo258EtnY6Xz/NfvFZlqHQAAAAAAAAAAAAAAAAAAsFazh34XdJ4sDW2k9trSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA7NXv9/xUaRRV8g8GtODy651sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfBnAAAA//+haF7r")
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, &(0x7f00000004c0)={0x81, 0x5, 0x6a8, 0x2ea1, 0x6})
lseek(r3, 0x851, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x6}, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
write$rfkill(r6, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000340)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1152c08, 0x0, 0xfe, 0x0, &(0x7f0000000000))
sysinfo(&(0x7f0000000080))

22.951827797s ago: executing program 3 (id=369):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000d80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd072f5b89c3043c47c896ce0bce66a245ad98a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b90007cfa6fa26fa7a34700de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x8, 0x50, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@cgroup=r1, r3, 0x26}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r5 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r4, @ANYRESHEX=r4, @ANYRESOCT=r3], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000580)=""/198, 0xc6}], 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r4, &(0x7f0000000680), &(0x7f0000000040)=@udp6=r2}, 0x20)
r7 = fsopen(&(0x7f0000000100)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
sendmmsg$inet6(r2, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e25, 0x2, @local, 0x4}, 0x5c, 0x0}}], 0x1, 0x0)
unshare(0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

21.6673109s ago: executing program 3 (id=371):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
rt_sigqueueinfo(0x0, 0x2, &(0x7f00000001c0)={0x2, 0xff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ptrace$peeksig(0x4209, r4, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0xa}, &(0x7f0000000dc0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}}, 0x0, 0x3a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x1010000, &(0x7f0000000300)=ANY=[@ANYBLOB="757466383d302c757466383d312c756e695f786c8474653d302c757466383d312c696f636861727365743d63703836392c73686f72746e616d653d6c6f7765722c757466383d302c636865636b3d72656c617865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c757466383d302c73684f72746e616d6372653d77696e39352c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f775895eab5203c7d0465722c636865636b3d7374726f636861727385ad88bce6564daa5c0a655ab1814ceb338375d1c24b5274e1a7787e4622dd161aa252fd6404650d5303abd271a2e19e259acbe6d5fabc2baae623e50f3f76ad69d591c95b903b59105745fc03dc4231ff7fe5642f1e9ba5077f007fc31af97f5b1d61d8816fbbdf506b267f43b80a47499472aff5"], 0x1, 0x366, &(0x7f0000001e00)="$eJzs3U9oI9UfAPBvOmnSLvx+zU0UhOhN0GW7N73YIl1Y7EUl+OcgBrerklShxWJ72LYeFI+CRz15U9CDB/EogiLePHh1BVkVD7q3BRefJJNJpknbbRerFD8faPL6nfd9782bIZkOyetzC9G5NB2Xr1+/FjMzlaguPLIQNyrRiCwKOzGptk8MADgdbqQUv6fcEVMqJzwkAOCE9d//X4iIZjTyyOtfHlY/efcHgFNv8Pf/7GF1Zg7a8MqJDAkAOGET9//v3bO51v+pFr9WS58KAABOqyeefubRxeWIx5vNmYjVNzdaG614aLR98XK8FN1YiXMxFzcj8guF3kOl/3jh4vLSuWazuR0/NaIVEVODxFZ+pbCY9fPrMR9z0RjkD642UkrZhU+Wl+abfRGxs93vP1YrG63pODPo//szsTK68Cga6T9FXFxeOt8cNNBaLfK3I3ZH9y164z8bc/Ht88NmUio+wbi8dGW+GPQof6NVj0vDWTjwDggAAAAAAAAAAAAAAAAAAAAAANyWs82hxnD9nNR7zlfKOTuq0JiKiNH6OHn+YH2g3Xx9oFRPtZR+e+2B1ltZ7FkfaHx9ng0LCQIAAAAAAAAAAAAAAAAAAMDQ+mYt2t3uytr65lanXNheW9+ciohe5OWvP/piNibr3KJQzbuoRwy7aA663eq0U1ZUTlnEZHrW67yIfPDpcMTlOvXhXuw7jPrBm7rd/93z47ujyN1Z0fKfozpZ7L+DWWkYD4+1vPr/fEjHmahh4Xw5Up/s/WpKqRR5o5x+5dnJBqMSUT3+gdvqTMXBdVKv8NW1F+8sZr/9ecrdd//ck1ffef+XTrvb6zn6R7C2tn4zddqVovLxpqU31UWkEnmhUj4Tqoel7+6NtLPvfn3qrre/OVrvqRx5tXc+j9XJ8t35eDy9lhd6wxzbNDtKnx7sRHdlep+T/1aF2zimd7z32Ycp/fDzkbsYmdrzkjH79736AAAAAAAAAAAAAAAAAAAAZaXvig8Mvuw7fVjWg4+d/MgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4J8z+v//pcLuToxFjlL4Y3ufrPrK2npE7d/eTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/uP+CgAA//9XMFlf")

18.964053367s ago: executing program 3 (id=373):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000280)={@local, @remote, 0x1000, "e2efb77af24ce3055db0e168ed7dbd48dd4b09efdc20d8ac8a838dcbd1a2a6e8"}, 0x3c)

17.944781446s ago: executing program 1 (id=375):
getpid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000452df2a1525e0000000000000002000000007110ba000000000095000dfb03345fb8d2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401, @void, @value}, 0x90)
fallocate(r1, 0x0, 0x0, 0x20000)
prctl$PR_GET_FPEMU(0x9, &(0x7f00000008c0))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000380), 0x101bf)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f00000002c0))
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(r3, &(0x7f0000000740)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {0x0}, {&(0x7f00000003c0)=""/69, 0x45}, {0x0}, {0x0}, {0x0}], 0x6, 0x0, 0xffff0001)
r4 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0xc4c85513, &(0x7f0000000040)={0xb, 0x2})
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x0, 0x0, 0x5})
close(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000001a40)={[], [{@dont_hash}, {@euid_eq}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/hsr\x04g\x00'}}, {@subj_user={'subj_user', 0x3d, '/dev/snd/controlC#\x00'}}, {@context={'context', 0x3d, 'system_u'}}, {@subj_type={'subj_type', 0x3d, ':\\^).-[\'@,%'}}, {@uid_eq}, {@appraise_type}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x61, 0x37, 0x34, 0x36, 0x31, 0x63, 0x34], 0x2d, [0x38, 0x64, 0x38, 0x31], 0x2d, [0x39, 0x32, 0x64, 0x39], 0x2d, [0x62, 0x64, 0x61, 0x63], 0x2d, [0x36, 0x39, 0x39, 0x37, 0x62, 0x64, 0x39, 0x36]}}}]}, 0x3, 0x459, &(0x7f00000010c0)="$eJzs289rHFUcAPDvTJL+rom1/ugPNVrF4I+kSav24EVR8KAgeKnHmKSldttIE8GWolGkHqUgeBSPgn+BJ72IehK86l0KRXKxelqZ3Znsj+5u0nSTbbOfD0z2vZk3O+87b97um3nZAPrWaPYnidgTEX9ExHA121hgtPpyY/nyzL/Ll2eSKJff/juplPtn+fJMUbTYb3eeGUsj0s+SONTiuAsXL52dLpXmLuT5icVz708sXLz03Jlz06fnTs+dnzpx4vixyRdfmHq+K3Hem9X14Efzhw+8/s7VN2dOXn33l++SIv6mOLpktNPGJ8vlLh+ut/bWpZPBNewwsIGVYc2yZsiaa6jS/4djIGqNNxyvfdrTygEbqpxrs3mpDGxhSfS6BkBvFF/02f1vsWze6KP3rr9cvQHK4r6RL9Utg5HmZYaa7m+7aTQiTi7993W2xMY8hwAAaPBDNv55ttX4L40H6srdE9src0Mj+VzKvoi4LyL2R8T9EZWyD0bEQ60O0mFCoHmS5ObxT3pt/dGtLhv/vZTPbTWO/4rRX4wM5Lm9lfiHklNnSnNHK+ckYiyGtmf5yQ7H+PHV379ot61+/Jct2fGLsWBej2uD2xv3mZ1enL6dmOtd/yTi4GCr+JOVmYAkIg5ExMF1HuPM098ebrdt9fg7WMs80yrK30Q8VW3/pWiKv5B0np+c2BGluaMTxVVxs19/u/JWu+PfVvxdkLX/rpbX/0r8I0n9fO3Crbx7tXdf+fPztvc04+u6/msrtuWvH04vLl6YjNiWvFGtdP36qdq+Rb4on8U/dqR1/98XtTNxKCKyi/jhiHgkIh7No3ssIh6PiCMdzsLPrzzxXqcz1Ov2n21q/5HGIk3tX0tsi+Y1rRMDZ3/6vvEda8m1ff4dr6TG8jWVz7+vOse1lnrd6tUMAAAAd6s0IvZEko6vpNN0fLz6P/z7Y1daml9YfObU/AfnZ6u/ERiJobR40jVc9zx0Mr+tL/JTTflj+XPjLwd2VvLjM/Ol2V4HD31ud5v+n/nLbzRg6+vCPBpwl9L/oX/p/9C/9H/oXy36/85e1APYfK2+/z/uQT2AzdfU/037QR9x/w/9S/+H/lXf/5Me1gPYVAs7Y/UfyW+FRLlcLt8B1dg6iUjviGp0J5FscC/Ys3nhxI6IrrwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlvB/AAAA///tJOms")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000180)}, 0x10)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4040ae79, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8001)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)

17.819592277s ago: executing program 3 (id=376):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r2 = epoll_create1(0x0)
listen(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0x6017be0a})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000015c0)={'syztnl0\x00', 0x0})
epoll_pwait(r2, &(0x7f0000001940)=[{}], 0x1, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x8000000010, 0x2, 0x0)
write(r4, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00')
copy_file_range(r0, &(0x7f0000000100)=0x1, r7, &(0x7f00000001c0)=0xfff, 0x5, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@hyper})
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000200)={0x28, 0x0, 0x1, @host}, 0x10)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000))

16.368785734s ago: executing program 3 (id=377):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x400, 0x9}, {0x0, 0x4}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x4d5, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r2, &(0x7f0000000180), 0x400000000000077, 0x0)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x4080, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)
r7 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058a", @ANYRESHEX=0x0, @ANYRES64, @ANYRES8=0x0], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x2, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x80}}, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
recvmmsg(r0, &(0x7f0000002e80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
semget$private(0x0, 0x2, 0x8)

12.837888984s ago: executing program 3 (id=378):
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x7, &(0x7f00000001c0), 0x4)
vmsplice(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'vlan1\x00', <r5=>0x0})
sendto$packet(r3, &(0x7f00000003c0)="02030e00d3fc02000000ab5d71acedd7c9560385dcb188a8", 0x18, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r6, &(0x7f0000000300)='1\x00', 0xffffff4a)
write$sysctl(r6, &(0x7f0000000000)='2\x00', 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r7 = syz_open_dev$media(&(0x7f0000000400), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r7, 0xc0487c04, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12.835495234s ago: executing program 1 (id=386):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x0, 0x0, @local}, &(0x7f00000003c0)=0x1c, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0xcc, &(0x7f0000000580)="fce49ce78718ef68d31ec3d220e0f1ac13f4ef6de3e146ae42901943d7bdc314063fb080972609c2d976e5b5c31744f4669dcbff6db6a545b3b3db5b124374c023b4084f01e0febd9a76c8cecf3b0a705bd5", 0x52)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0xc00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = creat(&(0x7f0000000000)='./file0\x00', 0x80)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)={0x240, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x200}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffffffff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "6ef854fbcec2e5272c8a6ff2562701a14fdcf81d79ddf9f4abda6b"}}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffff000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xbd9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffd}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8601}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0x130, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7c5d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfc000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffff800}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4999}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1c3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3af8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x140b}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa00000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf3}]}]}]}, 0x240}, 0x1, 0x0, 0x0, 0x4044019}, 0x6000800)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_getroute={0x34, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_MARK={0x8}, @RTA_UID={0x8}, @RTA_IIF={0x8, 0x3, r10}]}, 0x34}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.28400566s ago: executing program 1 (id=380):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

2.267753881s ago: executing program 1 (id=381):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000068000102000000000000000000000000000000000c000200000000000002000006000300000000009b342d78ec55c29d4cf630d6d0606cf44d31d868bc2fad8f67648407c6abba1134ee09ca"], 0x2c}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000007c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000001, 0x110, r3, 0xf7c01000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x1e, &(0x7f0000000400)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r6, 0x0, 0x3}])

1.03332482s ago: executing program 1 (id=382):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
rt_sigqueueinfo(0x0, 0x2, &(0x7f00000001c0)={0x2, 0xff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ptrace$peeksig(0x4209, r4, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0xa}, &(0x7f0000000dc0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}}, 0x0, 0x3a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x1010000, &(0x7f0000000300)=ANY=[@ANYBLOB="757466383d302c757466383d312c756e695f786c8474653d302c757466383d312c696f636861727365743d63703836392c73686f72746e616d653d6c6f7765722c757466383d302c636865636b3d72656c617865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c757466383d302c73684f72746e616d6372653d77696e39352c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f775895eab5203c7d0465722c636865636b3d7374726f636861727385ad88bce6564daa5c0a655ab1814ceb338375d1c24b5274e1a7787e4622dd161aa252fd6404650d5303abd271a2e19e259acbe6d5fabc2baae623e50f3f76ad69d591c95b903b59105745fc03dc4231ff7fe5642f1e9ba5077f007fc31af97f5b1d61d8816fbbdf506b267f43b80a47499472aff5"], 0x1, 0x366, &(0x7f0000001e00)="$eJzs3U9oI9UfAPBvOmnSLvx+zU0UhOhN0GW7N73YIl1Y7EUl+OcgBrerklShxWJ72LYeFI+CRz15U9CDB/EogiLePHh1BVkVD7q3BRefJJNJpknbbRerFD8faPL6nfd9782bIZkOyetzC9G5NB2Xr1+/FjMzlaguPLIQNyrRiCwKOzGptk8MADgdbqQUv6fcEVMqJzwkAOCE9d//X4iIZjTyyOtfHlY/efcHgFNv8Pf/7GF1Zg7a8MqJDAkAOGET9//v3bO51v+pFr9WS58KAABOqyeefubRxeWIx5vNmYjVNzdaG614aLR98XK8FN1YiXMxFzcj8guF3kOl/3jh4vLSuWazuR0/NaIVEVODxFZ+pbCY9fPrMR9z0RjkD642UkrZhU+Wl+abfRGxs93vP1YrG63pODPo//szsTK68Cga6T9FXFxeOt8cNNBaLfK3I3ZH9y164z8bc/Ht88NmUio+wbi8dGW+GPQof6NVj0vDWTjwDggAAAAAAAAAAAAAAAAAAAAAANyWs82hxnD9nNR7zlfKOTuq0JiKiNH6OHn+YH2g3Xx9oFRPtZR+e+2B1ltZ7FkfaHx9ng0LCQIAAAAAAAAAAAAAAAAAAMDQ+mYt2t3uytr65lanXNheW9+ciohe5OWvP/piNibr3KJQzbuoRwy7aA663eq0U1ZUTlnEZHrW67yIfPDpcMTlOvXhXuw7jPrBm7rd/93z47ujyN1Z0fKfozpZ7L+DWWkYD4+1vPr/fEjHmahh4Xw5Up/s/WpKqRR5o5x+5dnJBqMSUT3+gdvqTMXBdVKv8NW1F+8sZr/9ecrdd//ck1ffef+XTrvb6zn6R7C2tn4zddqVovLxpqU31UWkEnmhUj4Tqoel7+6NtLPvfn3qrre/OVrvqRx5tXc+j9XJ8t35eDy9lhd6wxzbNDtKnx7sRHdlep+T/1aF2zimd7z32Ycp/fDzkbsYmdrzkjH79736AAAAAAAAAAAAAAAAAAAAZaXvig8Mvuw7fVjWg4+d/MgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4J8z+v//pcLuToxFjlL4Y3ufrPrK2npE7d/eTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/uP+CgAA//9XMFlf")

0s ago: executing program 1 (id=384):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x45110, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0xc)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff0600600001000000560000002500", 0x1e}], 0x1)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r2, @ANYBLOB="05"], 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff014d564b"])
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000540)={'syztnl2\x00', <r5=>0x0, 0x4, 0x8, 0x2f, 0x9, 0x24, @ipv4={'\x00', '\xff\xff', @multicast1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x8, 0x4, 0x3}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x8, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000200000025000000ffffff779500007b0000000085000000620000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x7, 0x8b, &(0x7f0000000440)=""/139, 0x0, 0xa, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c678f6f75705f69643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r6, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000280)={@local, @remote, 0x1000, "e2efb77af24ce3055db0e168ed7dbd48dd4b09efdc20d8ac8a838dcbd1a2a6e8"}, 0x3c)

kernel console output (not intermixed with test programs):

s interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.124668][ T4893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.147799][ T4794] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  213.200893][ T4794] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  213.215025][ T4893] device hsr_slave_0 entered promiscuous mode
[  213.222393][ T4893] device hsr_slave_1 entered promiscuous mode
[  213.229669][ T4893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.237627][ T4893] Cannot create hsr debugfs directory
[  213.244763][ T4794] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  213.305909][ T4794] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  213.586142][ T4794] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.643392][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  213.653339][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  213.681392][ T4794] 8021q: adding VLAN 0 to HW filter on device team0
[  213.725707][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  213.741516][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  213.752424][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.759634][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  213.762724][ T3649] Bluetooth: hci4: command tx timeout
[  213.781114][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  213.808878][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  213.828985][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  213.845071][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.852212][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.917374][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  213.947841][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  213.965995][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  213.986794][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  214.047298][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  214.058213][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  214.074366][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  214.092412][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  214.101135][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  214.116996][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  214.128963][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  214.144767][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  214.455416][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.463834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.478009][ T4794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.526018][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  214.549465][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  214.627514][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  214.641865][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  214.662058][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  214.670694][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  214.683513][ T4794] device veth0_vlan entered promiscuous mode
[  214.744835][ T4794] device veth1_vlan entered promiscuous mode
[  214.791024][ T4893] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  214.811185][ T4893] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  214.825344][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  214.842478][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  214.850994][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  214.867435][ T4568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  214.889920][ T3709] device hsr_slave_0 left promiscuous mode
[  214.900091][ T3709] device hsr_slave_1 left promiscuous mode
[  214.908558][ T3709] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.916855][ T3709] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.925924][ T3709] device bridge_slave_1 left promiscuous mode
[  214.932196][ T3709] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.941980][ T3709] device bridge_slave_0 left promiscuous mode
[  214.948622][ T3709] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.976077][ T3709] device veth1_macvtap left promiscuous mode
[  214.982158][ T3709] device veth0_macvtap left promiscuous mode
[  214.989503][ T3709] device veth1_vlan left promiscuous mode
[  214.995621][ T3709] device veth0_vlan left promiscuous mode
[  215.340545][ T3709] team0 (unregistering): Port device team_slave_1 removed
[  215.377073][ T3709] team0 (unregistering): Port device team_slave_0 removed
[  215.412710][ T3709] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.450665][ T3709] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.818140][ T3709] bond0 (unregistering): Released all slaves
[  215.843159][ T3649] Bluetooth: hci4: command tx timeout
[  215.885597][ T4893] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  215.895298][ T4893] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  215.919472][ T4794] device veth0_macvtap entered promiscuous mode
[  215.969375][ T4794] device veth1_macvtap entered promiscuous mode
[  215.988358][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.998958][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.010290][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.020815][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.030696][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.041941][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.054422][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.065258][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.076676][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.086598][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.097386][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.107310][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.118758][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.130258][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.138530][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  216.148546][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.157967][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  216.167061][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  216.199069][ T4794] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.209200][ T4794] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.218779][ T4794] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.227764][ T4794] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.340941][ T3777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.363951][ T3777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.387973][ T3777] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.388003][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  216.404785][ T3777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.408153][ T4893] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.425909][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  216.456938][ T4893] 8021q: adding VLAN 0 to HW filter on device team0
[  216.474037][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  216.549130][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.640258][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  216.657874][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.668576][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.675739][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.691405][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  216.700584][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.718177][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.725371][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.784627][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.818734][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  216.834519][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  217.474767][ T4973] loop2: detected capacity change from 0 to 512
[  217.504152][ T4893] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  217.567886][ T4893] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.634555][ T4975] netlink: 24 bytes leftover after parsing attributes in process `syz.2.148'.
[  217.647241][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  217.662061][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  217.675474][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  217.684742][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  217.693751][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  217.702296][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  217.711341][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  217.720396][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  217.729001][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  217.737473][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  218.146852][ T4983] loop4: detected capacity change from 0 to 32768
[  218.310344][ T4989] loop1: detected capacity change from 0 to 1024
[  219.820024][ T4995] loop2: detected capacity change from 0 to 256
[  219.839595][   T26] kauditd_printk_skb: 27 callbacks suppressed
[  219.848551][   T26] audit: type=1326 audit(1725919769.526:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.851658][   T26] audit: type=1326 audit(1725919769.526:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.853406][   T26] audit: type=1326 audit(1725919769.526:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.854955][   T26] audit: type=1326 audit(1725919769.526:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.856345][   T26] audit: type=1326 audit(1725919769.526:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.858340][   T26] audit: type=1326 audit(1725919769.526:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.863748][   T26] audit: type=1326 audit(1725919769.526:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.865783][   T26] audit: type=1326 audit(1725919769.526:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.866869][   T26] audit: type=1326 audit(1725919769.526:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.868306][   T26] audit: type=1326 audit(1725919769.526:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4984 comm="syz.1.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  219.883431][ T4983] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.172 (4983)
[  220.141184][ T4993] tty tty27: ldisc open failed (-12), clearing slot 26
[  220.442302][ T4983] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.452995][ T4983] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  220.461754][ T4983] BTRFS info (device loop4): using free space tree
[  220.474450][ T4989] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  220.643493][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  220.729224][ T4983] BTRFS info (device loop4): enabling ssd optimizations
[  220.743410][ T5013] netlink: 12 bytes leftover after parsing attributes in process `syz.3.173'.
[  220.931482][ T5024] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  222.529596][ T5036] loop1: detected capacity change from 0 to 1024
[  222.626678][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  222.645228][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  222.684329][ T4893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.255811][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  223.256639][ T4116] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  223.279562][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  223.287013][ T5043] tmpfs: Unknown parameter 'ÉõÐóŽöµZ{õÚ» —ÝkSÚb*¬'°Ã\

Ç°U+é5HY0wª»¹ÔVF^î'
[  223.380652][ T4893] device veth0_vlan entered promiscuous mode
[  223.422509][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  223.444999][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  223.513022][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  223.548496][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  223.617429][ T4893] device veth1_vlan entered promiscuous mode
[  223.625234][ T5057] loop2: detected capacity change from 0 to 512
[  223.660162][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  223.663853][ T5057] EXT4-fs warning (device loop2): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  223.778619][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  223.802165][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  223.856865][ T4893] device veth0_macvtap entered promiscuous mode
[  223.889451][ T4893] device veth1_macvtap entered promiscuous mode
[  223.976113][ T5067] loop3: detected capacity change from 0 to 512
[  223.989257][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.021365][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.046901][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.079976][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.092641][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.106015][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.117066][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.129283][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.146332][ T4893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.157908][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.170055][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.206240][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.221145][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.232179][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.245308][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.257475][ T4893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.268550][ T4893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.294999][ T4893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.312931][ T5069] netlink: 4 bytes leftover after parsing attributes in process `syz.4.183'.
[  224.322734][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  224.335485][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  224.346663][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  224.359047][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  224.372066][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  224.381410][ T3777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  224.398234][ T4893] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.492461][ T4893] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.531701][ T4893] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.555057][ T4893] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.032741][ T5081] loop3: detected capacity change from 0 to 1024
[  225.047043][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  225.047104][   T26] audit: type=1326 audit(1725919776.176:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  225.558444][ T5081] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  225.606732][ T3690] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.640395][   T26] audit: type=1326 audit(1725919776.176:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  225.794272][ T3825] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.816416][   T26] audit: type=1326 audit(1725919776.176:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  225.825790][ T3825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.841764][ T3690] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.675326][   T26] audit: type=1326 audit(1725919776.176:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  226.815399][ T3908] EXT4-fs (loop3): unmounting filesystem.
[  226.876196][   T26] audit: type=1326 audit(1725919776.176:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  226.901185][   T26] audit: type=1326 audit(1725919776.176:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  227.691909][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  227.859859][   T26] audit: type=1326 audit(1725919776.176:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  227.902888][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  228.089771][   T26] audit: type=1326 audit(1725919776.176:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  228.114255][ T5102] loop3: detected capacity change from 0 to 1024
[  228.125378][   T26] audit: type=1326 audit(1725919776.186:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  228.698862][   T26] audit: type=1326 audit(1725919776.186:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  229.726715][ T5107] hfsplus: xattr searching failed
[  230.028060][ T5098] loop4: detected capacity change from 0 to 1024
[  230.133275][ T5098] EXT4-fs (loop4): INFO: recovery required on readonly filesystem
[  230.138438][   T26] audit: type=1326 audit(1725919776.186:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  230.180024][ T5115] loop1: detected capacity change from 0 to 512
[  230.188964][ T5114] loop0: detected capacity change from 0 to 256
[  230.388341][ T5098] EXT4-fs (loop4): write access will be enabled during recovery
[  230.396579][ T5098] JBD2: no valid journal superblock found
[  230.402887][ T5098] EXT4-fs (loop4): error loading journal
[  231.350688][ T5115] EXT4-fs: Ignoring removed orlov option
[  231.493185][   T26] audit: type=1326 audit(1725919776.186:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.493226][   T26] audit: type=1326 audit(1725919776.186:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.494829][ T5115] EXT4-fs (loop1): Test dummy encryption mode enabled
[  231.494958][   T26] audit: type=1326 audit(1725919776.186:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.494999][   T26] audit: type=1326 audit(1725919776.186:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.495324][   T26] audit: type=1326 audit(1725919776.186:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.495362][   T26] audit: type=1326 audit(1725919776.186:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.495397][   T26] audit: type=1326 audit(1725919776.196:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.495433][   T26] audit: type=1326 audit(1725919776.196:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.495469][   T26] audit: type=1326 audit(1725919776.196:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5074 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  231.513768][ T5115] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a014e09c, mo2=0002]
[  231.513864][ T5115] System zones: 1-12
[  231.580558][ T5115] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.192: casefold flag without casefold feature
[  231.582014][ T5115] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.192: couldn't read orphan inode 15 (err -117)
[  231.582224][ T5115] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  231.841683][ T5131] loop2: detected capacity change from 0 to 512
[  232.123809][ T5138] netlink: 12 bytes leftover after parsing attributes in process `syz.1.192'.
[  232.568050][ T3645] usb 1-1: new low-speed USB device number 4 using dummy_hcd
[  232.611377][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  232.762719][ T5056] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  233.519683][ T5150] loop2: detected capacity change from 0 to 1024
[  234.122969][ T3645] usb 1-1: unable to get BOS descriptor set
[  234.202872][ T3645] usb 1-1: unable to read config index 0 descriptor/start: -71
[  234.210606][ T3645] usb 1-1: can't read configurations, error -71
[  234.294750][ T5056] usb 4-1: config 0 has an invalid interface number: 5 but max is 0
[  234.308625][ T5056] usb 4-1: config 0 has no interface number 0
[  234.316178][ T5150] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  234.342842][ T5056] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  234.352031][ T5056] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.397273][ T5056] usb 4-1: config 0 descriptor??
[  235.624895][ T4794] EXT4-fs (loop2): unmounting filesystem.
[  235.643243][ T5056] usb 4-1: can't set config #0, error -71
[  235.647190][ T5158] loop4: detected capacity change from 0 to 2048
[  235.668587][ T5056] usb 4-1: USB disconnect, device number 2
[  235.700289][ T5158] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  235.737821][ T5163] loop3: detected capacity change from 0 to 2048
[  235.791586][ T5163] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  235.890236][ T5163] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.188517][ T5172] loop0: detected capacity change from 0 to 2048
[  237.216808][ T5172] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.466974][ T5176] loop2: detected capacity change from 0 to 512
[  237.638754][ T5176] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  237.659367][ T5176] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038 (0x7fffffff)
[  237.807647][ T5183] 9pnet_fd: Insufficient options for proto=fd
[  238.548622][ T5176] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.206: Directory hole found for htree leaf block 0
[  238.564097][ T5185] loop4: detected capacity change from 0 to 64
[  238.803252][ T5188] loop0: detected capacity change from 0 to 256
[  238.811694][ T5188] FAT-fs (loop0): Unrecognized mount option "" or missing value
[  238.848503][ T5189] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  238.848503][ T5189]    program syz.4.208 not setting count and/or reply_len properly
[  238.894230][ T5189] netlink: 'syz.4.208': attribute type 10 has an invalid length.
[  238.902046][ T5189] netlink: 40 bytes leftover after parsing attributes in process `syz.4.208'.
[  238.914300][ T5189] bridge0: port 3(gretap0) entered blocking state
[  238.921356][ T5189] bridge0: port 3(gretap0) entered disabled state
[  238.933352][ T5189] device gretap0 entered promiscuous mode
[  238.942143][ T5189] bridge0: port 3(gretap0) entered blocking state
[  238.948719][ T5189] bridge0: port 3(gretap0) entered forwarding state
[  239.133981][ T5176] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.206: Directory hole found for htree leaf block 0
[  239.640346][ T5191] loop0: detected capacity change from 0 to 512
[  239.871338][ T5198] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.206: Directory hole found for htree leaf block 0
[  239.943110][ T5191] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  240.094134][ T5191] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[  240.210401][ T5201] netlink: 'syz.4.210': attribute type 4 has an invalid length.
[  240.525005][ T5204] netlink: 'syz.4.210': attribute type 4 has an invalid length.
[  241.601856][ T4893] EXT4-fs (loop0): unmounting filesystem.
[  241.630059][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.205'.
[  241.762294][ T5217] SET target dimension over the limit!
[  242.575467][ T4794] EXT4-fs (loop2): unmounting filesystem.
[  242.752503][ T5221] loop0: detected capacity change from 0 to 2048
[  242.796973][ T5221] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.855907][ T5237] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[  243.879137][ T5237] loop3: detected capacity change from 0 to 512
[  244.862136][ T5060] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  245.132770][ T5237] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  245.198566][ T5237] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  245.215943][ T5237] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.215: invalid indirect mapped block 1 (level 1)
[  245.233745][ T5237] EXT4-fs (loop3): 1 truncate cleaned up
[  245.239432][ T5237] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  245.545973][ T3908] EXT4-fs (loop3): unmounting filesystem.
[  245.891282][ T5252] loop1: detected capacity change from 0 to 512
[  246.097503][ T5248] loop2: detected capacity change from 0 to 1024
[  246.284980][ T5252] EXT4-fs (loop1): 1 truncate cleaned up
[  246.290661][ T5252] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  246.376203][ T5258] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  248.585989][ T5246] EXT4-fs error (device loop1): ext4_find_dest_de:2113: inode #2: block 13: comm syz.1.227: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  249.581430][ T5246] EXT4-fs (loop1): Remounting filesystem read-only
[  249.868402][ T5262] hfsplus: xattr searching failed
[  250.144428][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  250.350008][ T5273] loop2: detected capacity change from 0 to 512
[  250.431963][ T5273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  250.441633][ T5273] ext4 filesystem being mounted at /12/bus supports timestamps until 2038 (0x7fffffff)
[  250.610776][ T5054] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  250.756408][ T3686] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  250.867053][ T5060] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  250.922713][ T5054] usb 4-1: Using ep0 maxpacket: 16
[  251.430433][ T4794] EXT4-fs (loop2): unmounting filesystem.
[  251.452938][ T5054] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  251.468998][ T5054] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  251.480983][ T5054] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.524545][ T5054] usb 4-1: config 0 descriptor??
[  251.542680][ T3686] usb 1-1: Using ep0 maxpacket: 32
[  251.663880][ T3686] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.669135][ T5289] loop4: detected capacity change from 0 to 256
[  251.724426][ T5287] loop2: detected capacity change from 0 to 2048
[  251.734650][ T3686] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.748782][ T3686] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  251.762092][ T5060] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.770122][ T5266] netlink: 16 bytes leftover after parsing attributes in process `syz.3.220'.
[  251.777475][ T5060] usb 2-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  251.791518][ T5287] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  251.798243][ T3686] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  251.832710][ T5060] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.840992][ T3686] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  251.867713][ T5060] usb 2-1: config 0 descriptor??
[  251.869359][ T5287] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.885554][   T26] kauditd_printk_skb: 55 callbacks suppressed
[  251.885565][   T26] audit: type=1326 audit(1725919803.116:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  251.925483][ T3686] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  252.097635][   T26] audit: type=1326 audit(1725919803.146:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.173704][ T5295] xt_limit: Overflow, try lower: 33554432/384
[  252.243164][   T26] audit: type=1326 audit(1725919803.146:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.266372][ T4264] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  252.339992][   T26] audit: type=1326 audit(1725919803.146:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.573066][   T26] audit: type=1326 audit(1725919803.146:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.639900][   T26] audit: type=1326 audit(1725919803.146:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.666217][ T4264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.680108][   T26] audit: type=1326 audit(1725919803.146:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.708116][ T4264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.718639][ T4264] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  252.737828][   T26] audit: type=1326 audit(1725919803.146:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.765956][ T4264] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  252.777595][ T4264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.790500][   T26] audit: type=1326 audit(1725919803.146:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.826985][ T4264] usb 5-1: config 0 descriptor??
[  252.839759][   T26] audit: type=1326 audit(1725919803.146:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4b1f57cef9 code=0x7ffc0000
[  252.900277][ T5060] rndis_wlan 2-1:0.0: skipping garbage
[  252.905901][ T5060] usb 2-1: bad CDC descriptors
[  252.913622][ T5060] rndis_host 2-1:0.0: skipping garbage
[  252.919127][ T5060] usb 2-1: bad CDC descriptors
[  252.927860][ T5060] usb 2-1: USB disconnect, device number 5
[  252.963875][ T3686] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  252.974458][ T3686] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.982500][ T3686] usb 1-1: Product: syz
[  252.988212][ T3686] usb 1-1: Manufacturer: syz
[  252.991475][ T5296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.995225][ T3686] usb 1-1: SerialNumber: syz
[  253.026663][ T5296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.039401][ T5296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.050444][ T5296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.073904][ T5054] hid (null): invalid report_size 53675
[  253.081682][ T5054] hid (null): unknown global tag 0xd
[  253.100234][ T5054] hid-generic 0003:0158:0100.0002: unknown main item tag 0x1
[  253.112203][ T5054] hid-generic 0003:0158:0100.0002: unexpected long global item
[  253.121696][ T5054] hid-generic: probe of 0003:0158:0100.0002 failed with error -22
[  253.290620][  T151] usb 4-1: USB disconnect, device number 3
[  253.372903][ T3686] cdc_ncm 1-1:1.0: bind() failure
[  253.388038][ T3686] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  253.401349][ T3686] cdc_ncm 1-1:1.1: bind() failure
[  253.437718][ T3686] usb 1-1: USB disconnect, device number 6
[  253.672796][ T4264] usbhid 5-1:0.0: can't add hid device: -71
[  253.678791][ T4264] usbhid: probe of 5-1:0.0 failed with error -71
[  253.721376][ T4264] usb 5-1: USB disconnect, device number 2
[  255.566075][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  255.572379][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  256.231983][ T5313] loop0: detected capacity change from 0 to 256
[  256.270163][ T5313] FAT-fs (loop0): bogus logical sector size 127
[  256.309419][ T5313] FAT-fs (loop0): Can't find a valid FAT filesystem
[  256.495732][ T5313] tun0: tun_chr_ioctl cmd 1074025675
[  256.572622][ T5313] tun0: persist enabled
[  256.599619][ T5316] tun0: tun_chr_ioctl cmd 1074025675
[  256.630977][ T5316] tun0: persist disabled
[  256.688141][ T5313] tun0: tun_chr_ioctl cmd 1342215226
[  257.174562][ T5322] loop1: detected capacity change from 0 to 2048
[  257.191369][ T5322] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  257.212051][ T5329] loop4: detected capacity change from 0 to 512
[  257.870857][ T5325] loop0: detected capacity change from 0 to 1024
[  259.247837][ T5344] loop3: detected capacity change from 0 to 40427
[  259.311800][ T5343] loop2: detected capacity change from 0 to 1024
[  260.553018][   T26] kauditd_printk_skb: 22 callbacks suppressed
[  260.553031][   T26] audit: type=1326 audit(1725919810.516:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  260.893617][ T5343] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  261.184402][ T4794] EXT4-fs (loop2): unmounting filesystem.
[  261.212918][   T26] audit: type=1326 audit(1725919810.516:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  261.235831][ T3632] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  261.513235][   T26] audit: type=1326 audit(1725919810.516:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  261.582168][ T5352] loop1: detected capacity change from 0 to 2048
[  261.600596][ T5357] netlink: 'syz.4.239': attribute type 12 has an invalid length.
[  261.654980][   T26] audit: type=1326 audit(1725919810.516:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  262.830684][ T5366] loop0: detected capacity change from 0 to 512
[  262.913586][ T5352] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  262.929017][   T26] audit: type=1326 audit(1725919810.516:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  263.027864][   T26] audit: type=1326 audit(1725919810.516:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  263.050721][   T26] audit: type=1326 audit(1725919810.516:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  263.083467][   T26] audit: type=1326 audit(1725919810.516:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  263.097476][ T5366] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  263.147990][ T5352] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.241: bg 0: block 234: padding at end of block bitmap is not set
[  263.191873][ T5366] UDF-fs: Scanning with blocksize 512 failed
[  263.200575][   T26] audit: type=1326 audit(1725919810.516:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  263.236152][ T5366] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  263.702871][ T5366] UDF-fs: Scanning with blocksize 1024 failed
[  263.986515][ T5375] loop3: detected capacity change from 0 to 1024
[  263.993953][ T5375] hfsplus: unable to parse mount options
[  264.020179][ T5366] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  264.112627][ T5366] UDF-fs: Scanning with blocksize 2048 failed
[  264.198165][ T5381] binder: 5379:5381 ioctl 4018620d 0 returned -22
[  264.820658][ T5366] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  264.856273][ T3632] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  265.004686][   T26] audit: type=1326 audit(1725919810.516:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  265.066106][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  265.081407][ T5366] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  266.602622][   T26] audit: type=1326 audit(1725919810.516:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  266.641200][   T26] audit: type=1326 audit(1725919810.516:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  266.723169][   T26] audit: type=1326 audit(1725919810.516:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  266.756414][   T26] audit: type=1326 audit(1725919810.526:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.307462][ T5388] loop2: detected capacity change from 0 to 512
[  267.433004][   T26] audit: type=1326 audit(1725919810.526:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.522652][ T3727] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  267.531205][ T5388] EXT4-fs: Invalid want_extra_isize 5
[  267.618366][ T5399] IPVS: set_ctl: invalid protocol: 58 10.1.1.0:20003
[  267.627689][   T26] audit: type=1326 audit(1725919810.526:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.660421][ T3632] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  267.701105][   T26] audit: type=1326 audit(1725919810.526:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.725727][ T5388] loop2: detected capacity change from 0 to 512
[  267.758605][ T5398] loop3: detected capacity change from 0 to 2048
[  267.758695][   T26] audit: type=1326 audit(1725919810.526:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.765352][ T3727] usb 2-1: Using ep0 maxpacket: 8
[  267.826378][   T26] audit: type=1326 audit(1725919810.526:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.827901][ T3632] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  267.858529][   T26] audit: type=1326 audit(1725919810.526:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288fb7cef9 code=0x7ffc0000
[  267.894776][ T5398] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  267.952852][ T3727] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  267.968470][ T3727] usb 2-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  267.998390][ T3727] usb 2-1: config 0 has no interface number 0
[  268.004757][ T3727] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 12408, setting to 64
[  268.016033][ T3727] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  268.038389][ T3727] usb 2-1: config 0 interface 52 has no altsetting 0
[  268.065925][ T5388] loop2: detected capacity change from 0 to 1764
[  268.264526][  T151] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  268.302986][ T3727] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  268.434580][ T3727] usb 2-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  268.480388][ T3727] usb 2-1: Product: syz
[  268.749081][ T3727] usb 2-1: Manufacturer: syz
[  268.843122][  T151] usb 1-1: Using ep0 maxpacket: 8
[  269.020369][ T3727] usb 2-1: SerialNumber: syz
[  269.096149][ T3727] usb 2-1: config 0 descriptor??
[  269.252843][  T151] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  269.282632][  T151] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  269.340420][ T5417] loop2: detected capacity change from 0 to 8
[  269.340841][  T151] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  269.410552][ T5417] squashfs: Unknown parameter 'Cf¹€'
[  269.432912][  T151] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  269.615964][  T151] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  269.625396][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.247'.
[  269.634633][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.247'.
[  269.643718][  T151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.657084][ T5413] loop2: detected capacity change from 0 to 8
[  270.722429][ T5061] usb 2-1: USB disconnect, device number 6
[  270.773012][  T151] usb 1-1: can't set config #16, error -71
[  270.781052][  T151] usb 1-1: USB disconnect, device number 7
[  271.122622][ T4263] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  271.840145][ T5481] "syz.2.257" (5481) uses obsolete ecb(arc4) skcipher
[  271.901227][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  271.901243][   T26] audit: type=1326 audit(1725919823.126:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  271.945091][ T4263] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  271.960784][ T4263] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  271.970436][ T4263] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.978998][   T26] audit: type=1326 audit(1725919823.126:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.010302][ T4263] usb 4-1: config 0 descriptor??
[  272.021075][   T26] audit: type=1326 audit(1725919823.126:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=176 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.050700][   T26] audit: type=1326 audit(1725919823.126:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.150680][   T26] audit: type=1326 audit(1725919823.126:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.182640][   T26] audit: type=1326 audit(1725919823.126:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.232847][   T26] audit: type=1326 audit(1725919823.126:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.255767][   T26] audit: type=1326 audit(1725919823.126:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.278572][   T26] audit: type=1326 audit(1725919823.126:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.283009][ T4263] ath6kl: Failed to submit usb control message: -71
[  272.303088][   T26] audit: type=1326 audit(1725919823.126:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5483 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798f97cef9 code=0x7ffc0000
[  272.391058][ T4263] ath6kl: unable to send the bmi data to the device: -71
[  272.441922][ T4263] ath6kl: Unable to send get target info: -71
[  272.456592][ T4263] ath6kl: Failed to init ath6kl core: -71
[  272.588321][ T4263] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  272.617060][ T4263] usb 4-1: USB disconnect, device number 4
[  272.653368][ T5504] loop0: detected capacity change from 0 to 1024
[  273.836223][ T5520] Zero length message leads to an empty skb
[  275.029403][ T5533] loop4: detected capacity change from 0 to 8
[  275.046893][ T5533] squashfs: Unknown parameter 'Cf¹€'
[  275.095200][ T3632] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  275.107886][ T5530] loop4: detected capacity change from 0 to 8
[  275.111713][ T3632] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  275.132024][ T3632] Buffer I/O error on dev loop4, logical block 0, async page read
[  275.228607][ T5536] loop2: detected capacity change from 0 to 1024
[  275.633839][ T5536] EXT4-fs: Ignoring removed nobh option
[  275.700557][ T5536] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  275.879429][ T5536] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  277.286264][ T5469] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.545487][ T5469] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.678927][ T5469] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.805263][ T5547] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.269: bg 0: block 2048: padding at end of block bitmap is not set
[  277.900207][ T5469] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.918064][ T5547] EXT4-fs error (device loop2): ext4_find_dest_de:2113: inode #12: block 7: comm syz.2.269: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=12, rec_len=0, size=68 fake=0
[  279.214719][ T5557] loop0: detected capacity change from 0 to 4096
[  279.338577][ T5567] loop1: detected capacity change from 0 to 16
[  279.419457][ T5567] erofs: Unknown parameter 'ÿÿÿÿ)|'
[  279.447649][ T5557] ntfs: volume version 3.1.
[  279.539589][ T5567] loop1: detected capacity change from 0 to 512
[  279.567105][ T5567] ext4: Unknown parameter 'nouser_xattr'
[  279.739705][ T5557] __ntfs_error: 13 callbacks suppressed
[  279.739725][ T5557] ntfs: (device loop0): ntfs_nlstoucs(): Name using character set utf8 contains characters that cannot be converted to Unicode.
[  279.832704][ T5557] ntfs: (device loop0): ntfs_lookup(): Failed to convert name to Unicode.
[  279.866714][ T3658] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  280.843117][ T3658] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  281.002714][ T3658] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  281.010724][ T3658] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  281.023931][ T3652] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  281.034004][ T3658] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  281.067135][ T5570] overlayfs: failed to resolve './file2': -2
[  281.518825][ T5587] loop1: detected capacity change from 0 to 512
[  281.560165][ T5587] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  281.567818][ T5587] UDF-fs: Scanning with blocksize 512 failed
[  281.579789][ T5587] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  281.587269][ T5587] UDF-fs: Scanning with blocksize 1024 failed
[  281.597736][ T5587] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  281.605200][ T5587] UDF-fs: Scanning with blocksize 2048 failed
[  281.616719][ T5587] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  281.637381][ T5587] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  282.116472][ T5590] loop4: detected capacity change from 0 to 8
[  282.262945][ T5590] squashfs: Unknown parameter 'Cf¹€'
[  282.386491][ T5593] loop1: detected capacity change from 0 to 16
[  282.389677][ T5589] loop4: detected capacity change from 0 to 8
[  282.403462][ T5374] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  282.480620][ T5593] erofs: (device loop1): mounted with root inode @ nid 36.
[  284.050108][ T5601] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  284.110724][ T3652] Bluetooth: hci1: command tx timeout
[  284.470954][ T5601] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851]
[  284.482661][ T5601] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  286.282797][ T3652] Bluetooth: hci1: command tx timeout
[  287.996128][   T26] audit: type=1326 audit(1725919838.856:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7fc00000
[  288.064212][   T26] audit: type=1326 audit(1725919838.866:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00af37cef9 code=0x7fc00000
[  288.091541][ T5631] loop1: detected capacity change from 0 to 512
[  288.174970][ T5631] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  288.220055][   T26] audit: type=1326 audit(1725919839.226:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7fc00000
[  288.322824][ T3652] Bluetooth: hci1: command tx timeout
[  288.349425][ T5631] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  288.424080][ T5631] System zones: 1-12
[  288.455965][ T5631] EXT4-fs (loop1): 1 truncate cleaned up
[  288.465621][ T5573] chnl_net:caif_netlink_parms(): no params data found
[  288.496235][ T5631] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  288.572767][ T5061] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  288.701026][ T3649] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  288.712472][ T3649] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  288.722630][ T3649] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  288.731273][ T3658] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  288.738932][ T3658] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  288.746958][ T3658] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  288.865073][ T5649] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  288.952734][ T5061] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  288.963307][ T5061] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  289.043149][ T5061] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  289.075569][ T5535] EXT4-fs (loop2): unmounting filesystem.
[  289.086855][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  289.095164][ T5061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  289.122913][ T5061] usb 5-1: SerialNumber: syz
[  289.162962][ T5573] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.197836][ T5573] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.224604][ T5573] device bridge_slave_0 entered promiscuous mode
[  289.295655][ T5573] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.303327][ T5573] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.311165][ T5573] device bridge_slave_1 entered promiscuous mode
[  289.361117][ T5573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.420154][ T5634] fuse: Unknown parameter 'g�oup_id'
[  289.448550][ T5469] device hsr_slave_0 left promiscuous mode
[  289.462088][ T5469] device hsr_slave_1 left promiscuous mode
[  289.478482][ T5469] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.490525][ T5469] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.502481][ T5469] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  289.523554][ T3727] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  289.575851][ T5469] batman_adv: batadv0: Removing interface: batadv_slave_1
[  289.617451][ T5469] device bridge_slave_1 left promiscuous mode
[  289.695177][ T5469] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.821149][ T5469] device bridge_slave_0 left promiscuous mode
[  289.860579][ T5469] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.123735][ T3727] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  290.167931][ T3727] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.252119][ T3727] usb 2-1: Product: syz
[  290.319327][ T3727] usb 2-1: Manufacturer: syz
[  290.324349][ T3727] usb 2-1: SerialNumber: syz
[  290.349366][ T3727] usb 2-1: config 0 descriptor??
[  290.364434][ T5469] device veth1_macvtap left promiscuous mode
[  290.370514][ T5469] device veth0_macvtap left promiscuous mode
[  290.384016][ T5469] device veth1_vlan left promiscuous mode
[  290.389862][ T5469] device veth0_vlan left promiscuous mode
[  290.401683][ T3727] ch341 2-1:0.0: ch341-uart converter detected
[  290.407994][ T3658] Bluetooth: hci1: command tx timeout
[  290.802934][ T3652] Bluetooth: hci3: command tx timeout
[  290.967798][ T3727] usb 2-1: failed to send control message: -71
[  290.977742][ T3727] ch341-uart: probe of ttyUSB0 failed with error -71
[  290.988353][ T3727] usb 2-1: USB disconnect, device number 7
[  291.000348][ T3727] ch341 2-1:0.0: device disconnected
[  291.058321][ T5469] team0 (unregistering): Port device team_slave_1 removed
[  291.103955][ T5469] team0 (unregistering): Port device team_slave_0 removed
[  291.150426][ T5469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.193836][ T5469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.571888][ T5677] loop1: detected capacity change from 0 to 256
[  291.608512][ T5677] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  291.837085][ T5469] bond0 (unregistering): Released all slaves
[  292.883163][ T3652] Bluetooth: hci3: command tx timeout
[  293.001196][ T5573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.147918][ T5573] team0: Port device team_slave_0 added
[  293.216068][ T5061] usb 5-1: 0:2 : does not exist
[  293.223882][ T5061] usb 5-1: unit 5: unexpected type 0x09
[  293.250541][ T5573] team0: Port device team_slave_1 added
[  293.403824][ T5061] usb 5-1: USB disconnect, device number 3
[  293.571287][ T5573] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.648286][ T5573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.697380][ T3632] udevd[3632]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  293.790563][ T5573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  293.990558][ T5573] batman_adv: batadv0: Adding interface: batadv_slave_1
[  293.993518][ T5685] loop4: detected capacity change from 0 to 8
[  294.013105][ T5573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.017226][ T5685] squashfs: Unknown parameter 'Cf¹€'
[  294.054338][ T5573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.117582][ T3632] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  294.127697][ T5688] mmap: syz.0.297 (5688) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  294.129238][ T5683] loop4: detected capacity change from 0 to 8
[  294.150355][ T5688] loop0: detected capacity change from 0 to 16
[  294.157224][ T5688] erofs: Unknown parameter '®'
[  294.224000][ T5374] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  294.251579][ T5688] loop0: detected capacity change from 0 to 1024
[  294.464044][ T5573] device hsr_slave_0 entered promiscuous mode
[  294.478272][ T5573] device hsr_slave_1 entered promiscuous mode
[  296.533626][ T5703] nfs4: Bad value for 'source'
[  296.540867][ T5643] chnl_net:caif_netlink_parms(): no params data found
[  297.162353][ T5717] loop4: detected capacity change from 0 to 1024
[  297.233034][   T26] audit: type=1326 audit(1725919848.296:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  297.464710][ T5717] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  297.677895][   T26] audit: type=1326 audit(1725919848.306:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  297.814118][ T4116] EXT4-fs (loop4): unmounting filesystem.
[  297.888956][   T26] audit: type=1326 audit(1725919848.306:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  297.932735][   T26] audit: type=1326 audit(1725919848.306:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  298.431283][   T26] audit: type=1326 audit(1725919848.306:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  298.723793][ T5643] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.730919][ T5643] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.743616][ T5643] device bridge_slave_0 entered promiscuous mode
[  298.753407][ T5643] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.761158][   T26] audit: type=1326 audit(1725919848.306:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  298.761207][ T5643] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.762488][ T5643] device bridge_slave_1 entered promiscuous mode
[  298.875049][   T26] audit: type=1326 audit(1725919848.306:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  298.957351][   T26] audit: type=1326 audit(1725919848.306:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  299.028420][   T26] audit: type=1326 audit(1725919848.316:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  299.055699][   T26] audit: type=1326 audit(1725919848.316:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5708 comm="syz.4.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  299.089626][ T5731] loop0: detected capacity change from 0 to 1024
[  299.154157][ T5731] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  299.345332][ T4893] EXT4-fs (loop0): unmounting filesystem.
[  299.386639][ T5469] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.495365][ T5643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  299.606923][ T5643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.294428][ T5469] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.344449][ T5754] netlink: 84 bytes leftover after parsing attributes in process `syz.1.306'.
[  300.489632][ T5643] team0: Port device team_slave_0 added
[  300.504217][ T5643] team0: Port device team_slave_1 added
[  300.829150][ T5762] loop0: detected capacity change from 0 to 164
[  301.225629][ T5762] netlink: 'syz.0.308': attribute type 4 has an invalid length.
[  301.447201][ T5766] loop4: detected capacity change from 0 to 512
[  301.467811][ T5469] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.484511][ T5766] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.309: casefold flag without casefold feature
[  301.499696][ T5643] batman_adv: batadv0: Adding interface: batadv_slave_0
[  301.507133][ T5643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.534179][ T5643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  301.544930][ T5766] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.309: couldn't read orphan inode 16 (err -117)
[  301.559524][ T5766] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  301.564429][ T5764] netlink: 'syz.0.308': attribute type 4 has an invalid length.
[  301.568696][ T5766] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038 (0x7fffffff)
[  301.627110][ T5643] batman_adv: batadv0: Adding interface: batadv_slave_1
[  301.641908][ T5643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.668843][ T5643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  301.710405][ T5469] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.802720][ T3688] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  301.817476][ T5643] device hsr_slave_0 entered promiscuous mode
[  301.824491][ T5643] device hsr_slave_1 entered promiscuous mode
[  301.831045][ T5643] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  301.839496][ T5643] Cannot create hsr debugfs directory
[  301.927213][ T5573] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  301.970115][ T5573] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  301.999289][ T5573] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  302.098739][ T5573] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  302.163075][ T3688] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  302.209423][ T3688] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.237201][ T3688] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  302.256985][ T3688] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.285046][ T3688] usb 1-1: config 0 descriptor??
[  302.328546][ T3688] usbhid 1-1:0.0: can't add hid device: -22
[  302.331198][ T4116] EXT4-fs (loop4): unmounting filesystem.
[  302.373515][ T3688] usbhid: probe of 1-1:0.0 failed with error -22
[  302.559435][ T5787] loop4: detected capacity change from 0 to 2048
[  302.605246][ T5786] ubi0: attaching mtd0
[  302.614869][ T5787] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  302.657782][ T5786] ubi0: scanning is finished
[  302.690991][ T3688] usb 1-1: USB disconnect, device number 8
[  302.700788][ T5786] ubi0: empty MTD device detected
[  302.767552][ T5573] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.812395][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  302.824598][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  302.972084][ T5573] 8021q: adding VLAN 0 to HW filter on device team0
[  303.078900][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  303.108884][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  303.119255][ T5786] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  303.123324][ T3776] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.133913][ T3776] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.143297][ T5786] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  303.163081][ T5786] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  303.170056][ T5786] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  303.184577][ T5786] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  303.191445][ T5786] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  303.200038][ T5786] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1721237526
[  303.241838][ T5786] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  303.323024][ T5798] ubi0: background thread "ubi_bgt0d" started, PID 5798
[  303.437416][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  303.450501][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  303.460047][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  303.470674][ T3776] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.477806][ T3776] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.556839][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  303.572856][ T4263] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  303.580505][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  303.602512][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  303.631635][ T5806] loop1: detected capacity change from 0 to 16
[  303.641503][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  303.656491][ T5806] erofs: (device loop1): erofs_init_device: empty device tag @ pos 0
[  303.671863][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  303.730566][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  303.742225][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  303.751612][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  303.773806][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  303.788716][ T5573] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  303.801258][ T5573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  303.914670][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  303.924339][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  303.938051][ T5643] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  303.952785][ T4263] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  303.972840][ T4263] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  304.072978][ T4263] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  304.103510][ T4263] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  304.111918][ T5643] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  304.138434][ T4263] usb 5-1: SerialNumber: syz
[  304.201814][ T5643] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  304.444587][ T5643] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  304.454730][ T4263] usb 5-1: 0:2 : does not exist
[  304.466396][ T4263] usb 5-1: unit 5: unexpected type 0x09
[  304.574222][ T4263] usb 5-1: USB disconnect, device number 4
[  304.866707][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  304.882880][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  304.928573][ T5573] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.001377][ T5469] device hsr_slave_0 left promiscuous mode
[  305.018475][ T5469] device hsr_slave_1 left promiscuous mode
[  305.067458][ T5469] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.088150][ T5469] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.133579][ T5469] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.141675][ T5469] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.174286][ T5469] device bridge_slave_1 left promiscuous mode
[  305.180544][ T5469] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.200696][ T5469] device bridge_slave_0 left promiscuous mode
[  305.246424][ T5469] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.355447][ T5838] loop4: detected capacity change from 0 to 128
[  305.367429][ T5469] device veth1_macvtap left promiscuous mode
[  305.399539][ T5469] device veth0_macvtap left promiscuous mode
[  305.417085][ T5469] device veth1_vlan left promiscuous mode
[  305.492622][ T5469] device veth0_vlan left promiscuous mode
[  305.554734][ T5838] VFS: Found a Xenix FS (block size = 512) on device loop4
[  306.506356][ T5469] team0 (unregistering): Port device team_slave_1 removed
[  306.559259][ T5469] team0 (unregistering): Port device team_slave_0 removed
[  306.648813][ T5469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.727378][ T5469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  306.888689][ T4116] sysv_free_block: trying to free block not in datazone
[  306.908545][ T4116] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  307.131553][ T5853] loop4: detected capacity change from 0 to 8
[  307.153439][ T5853] squashfs: Unknown parameter 'Cf¹€'
[  307.490426][ T5469] bond0 (unregistering): Released all slaves
[  307.720048][ T5643] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.763564][ T5643] 8021q: adding VLAN 0 to HW filter on device team0
[  307.787850][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  307.795923][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  308.565566][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  308.577240][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  308.607322][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  308.629561][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  308.784212][ T5473] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.791457][ T5473] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.807803][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  308.823084][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  308.831699][ T5473] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.838823][ T5473] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.056399][ T5873] loop1: detected capacity change from 0 to 1024
[  309.070361][   T26] kauditd_printk_skb: 79 callbacks suppressed
[  309.070483][   T26] audit: type=1326 audit(1725919860.206:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.630380][   T26] audit: type=1326 audit(1725919860.206:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.653499][   T26] audit: type=1326 audit(1725919860.206:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.681209][   T26] audit: type=1326 audit(1725919860.206:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.703914][   T26] audit: type=1326 audit(1725919860.206:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.726968][   T26] audit: type=1326 audit(1725919860.206:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.752750][   T26] audit: type=1326 audit(1725919860.206:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.776013][   T26] audit: type=1326 audit(1725919860.206:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.799002][ T5873] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  309.836385][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  309.860516][   T26] audit: type=1326 audit(1725919860.206:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  309.886724][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  309.949238][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  309.964322][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  309.970887][   T26] audit: type=1326 audit(1725919860.206:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5864 comm="syz.1.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  310.007654][ T5573] device veth0_vlan entered promiscuous mode
[  310.026569][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  310.179361][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  310.221623][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  310.239183][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  310.285649][ T5884] 9pnet_fd: Insufficient options for proto=fd
[  310.566225][ T5573] device veth1_vlan entered promiscuous mode
[  311.038178][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  311.049441][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  311.058536][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  311.076975][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  311.086065][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  311.095137][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  311.159399][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  311.177735][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  311.201817][ T5890] loop4: detected capacity change from 0 to 1024
[  311.206925][ T5643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  311.209243][ T5890] hfsplus: unable to parse mount options
[  311.270858][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  311.281880][ T3632] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  311.460331][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  311.493258][ T1956] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  312.271824][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  312.285937][ T5573] device veth0_macvtap entered promiscuous mode
[  312.335691][ T5573] device veth1_macvtap entered promiscuous mode
[  312.363383][ T5902] loop4: detected capacity change from 0 to 8
[  312.422743][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.439063][ T5902] squashfs: Unknown parameter 'Cf¹€'
[  312.454856][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.487489][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.516078][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.536387][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.550293][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.567343][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.582509][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.599671][ T5900] loop4: detected capacity change from 0 to 8
[  312.620142][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.630759][ T1956] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  312.636501][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.652391][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.652959][ T1956] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  312.664508][ T5573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.682135][ T5573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.736524][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.752287][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  312.804059][ T1956] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  312.818707][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  312.841939][ T1956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  312.883039][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  312.897577][ T1956] usb 1-1: SerialNumber: syz
[  312.950326][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  313.040430][ T5573] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.085298][ T5573] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.145065][ T5573] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.199564][ T5573] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.245267][ T1956] usb 1-1: 0:2 : does not exist
[  313.282950][ T1956] usb 1-1: USB disconnect, device number 9
[  313.296703][ T5915] loop1: detected capacity change from 0 to 8
[  313.333457][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  313.383993][ T5374] udevd[5374]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  313.399068][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  313.428119][ T5915] SQUASHFS error: lzo decompression failed, data probably corrupt
[  313.492793][ T5915] SQUASHFS error: Failed to read block 0x91: -5
[  313.499097][ T5915] SQUASHFS error: Unable to read metadata cache entry [8f]
[  313.522415][ T5643] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.547341][ T5915] SQUASHFS error: Unable to read inode 0x11f
[  313.558898][ T3776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.586544][ T3776] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.621282][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  313.641135][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  313.659943][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  313.664374][ T5920] loop4: detected capacity change from 0 to 2048
[  313.716510][ T5920] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  313.739540][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  313.771770][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  313.847299][ T4996] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.860100][ T5643] device veth0_vlan entered promiscuous mode
[  313.870008][ T4996] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.877668][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  313.878409][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  313.924202][ T5643] device veth1_vlan entered promiscuous mode
[  313.956890][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  313.976561][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  314.021732][ T5473] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  314.116203][ T5643] device veth0_macvtap entered promiscuous mode
[  314.198241][ T5643] device veth1_macvtap entered promiscuous mode
[  314.208644][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  314.248556][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  314.840540][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  314.972807][ T4263] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  315.116456][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.174003][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.255462][ T5948] loop3: detected capacity change from 0 to 512
[  315.263332][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.273819][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.284012][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.296523][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.306480][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.317014][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.328534][ T5643] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.389807][ T5955] netlink: 44 bytes leftover after parsing attributes in process `syz.1.335'.
[  315.411718][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.456481][ T5948] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.275: inode #1: comm syz.3.275: iget: illegal inode #
[  315.475555][ T5948] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.275: error while reading EA inode 1 err=-117
[  315.493936][ T5948] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2808: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  315.507337][ T5948] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.275: inode #1: comm syz.3.275: iget: illegal inode #
[  315.526226][ T5948] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.275: error while reading EA inode 1 err=-117
[  315.539396][ T5948] EXT4-fs (loop3): 1 orphan inode deleted
[  315.545224][ T5948] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  315.599258][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.612891][ T4263] usb 1-1: Using ep0 maxpacket: 8
[  315.614372][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.658319][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.707969][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.732841][ T4263] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  315.751350][ T4263] usb 1-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  315.770400][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.792558][ T4263] usb 1-1: config 0 has no interface number 0
[  315.798707][ T4263] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 12408, setting to 64
[  315.811285][ T5643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.860679][ T4263] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  315.867863][ T5643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.899094][ T4263] usb 1-1: config 0 interface 52 has no altsetting 0
[  315.904116][ T5643] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.970993][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  316.019639][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  316.045114][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  316.054218][ T5573] EXT4-fs (loop3): unmounting filesystem.
[  316.063337][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  316.082110][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  316.273241][ T4263] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  316.292607][ T4263] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  316.302738][ T4263] usb 1-1: Product: syz
[  316.305461][ T5643] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.311240][ T4263] usb 1-1: Manufacturer: syz
[  316.320243][ T4263] usb 1-1: SerialNumber: syz
[  316.328452][ T4263] usb 1-1: config 0 descriptor??
[  316.362634][ T5643] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.551226][ T5987] loop4: detected capacity change from 0 to 1024
[  316.565725][   T26] kauditd_printk_skb: 27 callbacks suppressed
[  316.565927][   T26] audit: type=1326 audit(1725919867.706:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  316.796747][ T5987] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  316.876498][ T5643] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.123281][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  317.129673][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  317.159226][   T26] audit: type=1326 audit(1725919867.706:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.182480][ T5643] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.214641][ T4116] EXT4-fs (loop4): unmounting filesystem.
[  317.306599][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[  317.315816][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[  317.331618][   T26] audit: type=1326 audit(1725919867.706:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.396071][ T5998] loop4: detected capacity change from 0 to 16
[  317.425635][ T5998] erofs: Unknown parameter 'ÿÿÿÿ)|'
[  317.448120][   T26] audit: type=1326 audit(1725919867.706:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.521183][ T5998] loop4: detected capacity change from 0 to 512
[  317.535635][ T5998] ext4: Unknown parameter 'nouser_xattr'
[  317.554258][   T26] audit: type=1326 audit(1725919867.706:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.668569][   T26] audit: type=1326 audit(1725919867.706:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.748420][ T3690] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.783232][   T26] audit: type=1326 audit(1725919867.706:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  317.872226][ T3690] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.619439][ T1956] usb 1-1: USB disconnect, device number 10
[  318.829732][   T26] audit: type=1326 audit(1725919867.706:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  318.898237][ T3776] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  318.951674][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.063108][ T6024] loop4: detected capacity change from 0 to 512
[  319.093523][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.140708][   T26] audit: type=1326 audit(1725919867.706:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  319.154518][ T6026] loop0: detected capacity change from 0 to 2048
[  319.170676][ T5471] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  319.179470][ T3632] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  319.258644][   T26] audit: type=1326 audit(1725919867.716:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af37cef9 code=0x7ffc0000
[  319.294753][ T6026] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  319.672654][ T5054] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  320.205661][ T6052] loop4: detected capacity change from 0 to 256
[  321.037099][ T6052] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  321.352956][ T5054] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  321.388545][ T5054] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  321.575511][ T6059] loop0: detected capacity change from 0 to 2048
[  321.666494][ T5054] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  321.679877][ T5054] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  321.691562][ T5054] usb 2-1: SerialNumber: syz
[  321.697189][ T6059] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  322.049042][ T5054] usb 2-1: 0:2 : does not exist
[  322.188133][ T5054] usb 2-1: USB disconnect, device number 8
[  322.376242][ T5374] udevd[5374]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  322.535977][ T3690] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.878554][ T3690] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.252990][ T6083] raw_sendmsg: syz.3.350 forgot to set AF_INET. Fix it!
[  323.843093][ T6085] netlink: 44 bytes leftover after parsing attributes in process `syz.4.351'.
[  324.321472][ T6091] loop3: detected capacity change from 0 to 1024
[  324.392807][   T26] kauditd_printk_skb: 41 callbacks suppressed
[  324.392900][   T26] audit: type=1326 audit(1725919875.479:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  324.990683][ T3690] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.016937][ T6091] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  325.120315][   T26] audit: type=1326 audit(1725919875.479:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  325.214732][ T5573] EXT4-fs (loop3): unmounting filesystem.
[  325.435423][   T26] audit: type=1326 audit(1725919875.479:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  325.546734][ T6109] usb usb3: usbfs: process 6109 (syz.3.356) did not claim interface 0 before use
[  326.353918][   T26] audit: type=1326 audit(1725919875.479:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  326.379662][   T26] audit: type=1326 audit(1725919875.479:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  326.423319][   T26] audit: type=1326 audit(1725919875.479:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  327.769018][ T6102] loop1: detected capacity change from 0 to 2048
[  328.779789][ T6102] EXT4-fs (loop1): cluster size (2048) smaller than block size (4096)
[  328.863615][ T3690] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.898765][   T26] audit: type=1326 audit(1725919875.479:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  329.028331][   T26] audit: type=1326 audit(1725919875.479:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  329.051505][ T3658] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  329.065290][ T3658] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  329.078509][ T3658] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  329.087218][ T3658] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  329.096787][ T3658] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  329.104149][ T3658] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  329.173697][   T26] audit: type=1326 audit(1725919875.489:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  329.376755][ T6130] loop0: detected capacity change from 0 to 512
[  329.389616][ T6125] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  329.396697][ T6125] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  329.417823][ T6125] vhci_hcd vhci_hcd.0: Device attached
[  329.450634][   T26] audit: type=1326 audit(1725919875.489:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  329.704223][ T6137] loop1: detected capacity change from 0 to 1024
[  329.883042][   T41] usb 17-1: new high-speed USB device number 2 using vhci_hcd
[  330.175962][ T6130] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  330.215028][ T6137] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  330.260458][   T26] audit: type=1326 audit(1725919875.489:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  330.285327][ T6130] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[  330.319370][   T26] audit: type=1326 audit(1725919875.489:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  330.320661][ T6130] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.359: Directory hole found for htree leaf block 0
[  330.459539][ T6128] vhci_hcd: connection reset by peer
[  330.676595][    T9] vhci_hcd: stop threads
[  330.698293][    T9] vhci_hcd: release socket
[  330.731647][    T9] vhci_hcd: disconnect device
[  331.191084][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  331.198253][   T26] audit: type=1326 audit(1725919875.489:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.202958][ T3658] Bluetooth: hci2: command tx timeout
[  331.247176][   T26] audit: type=1326 audit(1725919875.489:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.270670][   T26] audit: type=1326 audit(1725919875.489:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.293348][   T26] audit: type=1326 audit(1725919875.489:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.316192][   T26] audit: type=1326 audit(1725919875.489:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.338742][   T26] audit: type=1326 audit(1725919875.499:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  331.363533][   T26] audit: type=1326 audit(1725919875.499:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eee37cef9 code=0x7ffc0000
[  332.076741][ T6117] chnl_net:caif_netlink_parms(): no params data found
[  332.303489][ T4893] EXT4-fs (loop0): unmounting filesystem.
[  332.500546][ T6174] loop4: detected capacity change from 0 to 256
[  332.550020][ T6174] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  332.854985][ T6117] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.057488][ T6117] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.210032][ T1956] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  336.232549][ T3658] Bluetooth: hci2: command tx timeout
[  336.262891][ T6117] device bridge_slave_0 entered promiscuous mode
[  336.292817][   T41] vhci_hcd: vhci_device speed not set
[  336.300305][ T6117] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.315489][ T6117] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.352177][ T6191] x_tables: duplicate underflow at hook 2
[  336.372346][ T6117] device bridge_slave_1 entered promiscuous mode
[  338.244984][ T3658] Bluetooth: hci2: command tx timeout
[  338.532257][ T6117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.680998][ T6117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.497308][ T6221] loop1: detected capacity change from 0 to 1024
[  340.686542][ T6224] loop3: detected capacity change from 0 to 1024
[  340.704790][   T26] kauditd_printk_skb: 55 callbacks suppressed
[  340.704953][   T26] audit: type=1326 audit(1725919890.509:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  340.849246][ T6117] team0: Port device team_slave_0 added
[  340.936235][ T6221] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  340.958686][ T6224] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  341.089133][   T26] audit: type=1326 audit(1725919890.509:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.112675][   T26] audit: type=1326 audit(1725919890.519:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.154351][   T26] audit: type=1326 audit(1725919890.519:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.177745][   T26] audit: type=1326 audit(1725919890.519:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.200127][   T26] audit: type=1326 audit(1725919890.519:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.223035][   T26] audit: type=1326 audit(1725919890.519:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.245623][   T26] audit: type=1326 audit(1725919890.519:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.273580][   T26] audit: type=1326 audit(1725919890.519:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.275633][ T6117] team0: Port device team_slave_1 added
[  341.298951][   T26] audit: type=1326 audit(1725919890.519:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6215 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  341.370596][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  341.387983][ T6117] batman_adv: batadv0: Adding interface: batadv_slave_0
[  341.405099][ T6117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.431883][ T6117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  341.445485][ T6117] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.452466][ T6117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.478793][ T6117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.604806][ T5573] EXT4-fs (loop3): unmounting filesystem.
[  341.675663][ T6117] device hsr_slave_0 entered promiscuous mode
[  341.689156][ T6117] device hsr_slave_1 entered promiscuous mode
[  341.696123][ T6117] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  341.710296][ T6117] Cannot create hsr debugfs directory
[  342.004683][ T6237] loop1: detected capacity change from 0 to 1024
[  342.163359][ T6237] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  342.494230][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  342.942857][ T6248] loop1: detected capacity change from 0 to 512
[  343.030303][ T6248] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  343.040699][ T6248] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038 (0x7fffffff)
[  343.054653][ T6250] netlink: 'syz.3.376': attribute type 12 has an invalid length.
[  344.089013][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  344.230433][ T6117] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  344.245650][ T6117] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  344.260848][ T6117] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  344.271192][ T6117] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  344.414149][ T6117] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.434649][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  344.447939][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  344.462285][ T6117] 8021q: adding VLAN 0 to HW filter on device team0
[  345.013837][ T6117] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  345.075278][ T6117] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  345.094764][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  345.108465][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  345.144062][ T5469] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.151198][ T5469] bridge0: port 1(bridge_slave_0) entered forwarding state
[  345.173007][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  345.182635][ T4263] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  345.201801][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  345.224273][ T5469] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.231481][ T5469] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.239573][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  345.249911][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  345.265483][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  345.279244][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  345.288970][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  345.298630][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  345.308383][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  345.317164][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  345.333415][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  345.342368][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  345.365953][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  345.404412][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  345.417472][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  345.424825][ T4263] usb 4-1: Using ep0 maxpacket: 8
[  345.542795][ T4263] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  345.561173][ T4263] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  345.577334][ T4263] usb 4-1: config 0 has no interface number 0
[  345.590021][ T4263] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 12408, setting to 64
[  345.611950][ T4263] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  345.648953][ T4263] usb 4-1: config 0 interface 52 has no altsetting 0
[  345.783453][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  345.791448][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  345.815420][ T6117] 8021q: adding VLAN 0 to HW filter on device batadv0
[  345.843386][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  345.853308][ T4263] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  345.862374][ T4263] usb 4-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  345.876240][ T3964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  345.915775][ T4263] usb 4-1: Product: syz
[  345.919992][ T4263] usb 4-1: Manufacturer: syz
[  345.929550][ T4263] usb 4-1: SerialNumber: syz
[  345.935162][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  345.945850][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  345.956653][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  345.956679][ T4263] usb 4-1: config 0 descriptor??
[  345.973401][ T5469] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  345.983690][ T6117] device veth0_vlan entered promiscuous mode
[  346.007205][ T6117] device veth1_vlan entered promiscuous mode
[  346.059044][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  346.068936][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  346.083685][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  346.093930][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  346.105144][ T6117] device veth0_macvtap entered promiscuous mode
[  346.117038][ T6117] device veth1_macvtap entered promiscuous mode
[  346.134172][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.146187][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.157748][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.169188][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.179370][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.190234][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.200362][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.211094][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.221223][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.237012][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.260649][ T6117] batman_adv: batadv0: Interface activated: batadv_slave_0
[  346.292129][ T5471] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  346.301788][ T5471] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  346.317480][ T5471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  346.329379][ T5471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  346.347033][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.365415][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.379711][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.396923][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.407850][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.418663][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.428926][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.439790][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.449712][ T6117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.460288][ T6117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.484122][ T6273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.377'.
[  346.487585][ T6117] batman_adv: batadv0: Interface activated: batadv_slave_1
[  346.493170][ T6273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.377'.
[  346.521383][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  346.535977][ T5463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  346.556213][ T6117] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  346.566535][ T6117] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  346.575483][ T6117] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  346.584732][ T6117] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  347.567432][ T3688] usb 4-1: USB disconnect, device number 5
[  358.283597][ T6371] loop1: detected capacity change from 0 to 128
[  359.908420][ T6378] loop1: detected capacity change from 0 to 1024
[  360.092882][   T26] kauditd_printk_skb: 114 callbacks suppressed
[  360.093028][   T26] audit: type=1326 audit(1725919911.059:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.125549][   T26] audit: type=1326 audit(1725919911.059:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.151031][   T26] audit: type=1326 audit(1725919911.059:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.174956][   T26] audit: type=1326 audit(1725919911.059:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.251382][   T26] audit: type=1326 audit(1725919911.059:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.331586][ T6378] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  360.355338][   T26] audit: type=1326 audit(1725919911.059:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.378128][   T26] audit: type=1326 audit(1725919911.069:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.400679][   T26] audit: type=1326 audit(1725919911.069:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.424944][   T26] audit: type=1326 audit(1725919911.069:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.447594][   T26] audit: type=1326 audit(1725919911.069:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f565fd7cef9 code=0x7ffc0000
[  360.498617][ T4140] EXT4-fs (loop1): unmounting filesystem.
[  378.406101][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  378.412441][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  439.853943][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  439.860281][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  494.243086][   T27] INFO: task kworker/1:2:151 blocked for more than 143 seconds.
[  494.250762][   T27]       Not tainted 6.1.109-syzkaller #0
[  494.258873][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  494.267636][   T27] task:kworker/1:2     state:D stack:23296 pid:151   ppid:2      flags:0x00004000
[  494.277110][   T27] Workqueue: events rfkill_global_led_trigger_worker
[  494.284117][   T27] Call Trace:
[  494.287427][   T27]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  494.290355][   T27]  __schedule+0x143f/0x4570
[  494.295357][   T27]  ? release_firmware_map_entry+0x186/0x186
[  494.301299][   T27]  ? print_irqtrace_events+0x210/0x210
[  494.307336][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  494.312823][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  494.318058][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  494.323648][   T27]  schedule+0xbf/0x180
[  494.327756][   T27]  schedule_preempt_disabled+0xf/0x20
[  494.333477][   T27]  __mutex_lock+0x6b9/0xd80
[  494.338026][   T27]  ? __mutex_lock+0x53c/0xd80
[  494.343111][   T27]  ? rfkill_global_led_trigger_worker+0x23/0xd0
[  494.349395][   T27]  ? mutex_lock_nested+0x10/0x10
[  494.354894][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  494.360161][   T27]  ? preempt_schedule_thunk+0x16/0x18
[  494.394734][   T27]  ? process_one_work+0x7a9/0x11d0
[  494.400036][   T27]  rfkill_global_led_trigger_worker+0x23/0xd0
[  494.416418][   T27]  ? process_one_work+0x7a9/0x11d0
[  494.422095][   T27]  process_one_work+0x8a9/0x11d0
[  494.433959][   T27]  ? worker_detach_from_pool+0x260/0x260
[  494.439639][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  494.445595][   T27]  ? kthread_data+0x4e/0xc0
[  494.450135][   T27]  ? wq_worker_running+0x97/0x190
[  494.455257][   T27]  worker_thread+0xa47/0x1200
[  494.459969][   T27]  kthread+0x28d/0x320
[  494.464279][   T27]  ? worker_clr_flags+0x190/0x190
[  494.469359][   T27]  ? kthread_blkcg+0xd0/0xd0
[  494.474010][   T27]  ret_from_fork+0x1f/0x30
[  494.478472][   T27]  </TASK>
[  494.481590][   T27] INFO: task kworker/u4:5:3690 blocked for more than 143 seconds.
[  494.489461][   T27]       Not tainted 6.1.109-syzkaller #0
[  494.495159][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  494.503912][   T27] task:kworker/u4:5    state:D stack:23288 pid:3690  ppid:2      flags:0x00004000
[  494.513197][   T27] Workqueue: netns cleanup_net
[  494.517971][   T27] Call Trace:
[  494.521242][   T27]  <TASK>
[  494.524258][   T27]  __schedule+0x143f/0x4570
[  494.528892][   T27]  ? __mutex_lock+0x6b4/0xd80
[  494.533638][   T27]  ? release_firmware_map_entry+0x186/0x186
[  494.539561][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  494.545284][   T27]  ? wq_worker_sleeping+0x5f/0x270
[  494.550424][   T27]  schedule+0xbf/0x180
[  494.554722][   T27]  schedule_preempt_disabled+0xf/0x20
[  494.560139][   T27]  __mutex_lock+0x6b9/0xd80
[  494.565035][   T27]  ? kobject_put+0x422/0x460
[  494.569661][   T27]  ? __mutex_lock+0x53c/0xd80
[  494.574421][   T27]  ? rfkill_unregister+0xcc/0x220
[  494.579475][   T27]  ? mutex_lock_nested+0x10/0x10
[  494.584504][   T27]  ? kill_device+0x160/0x160
[  494.589140][   T27]  rfkill_unregister+0xcc/0x220
[  494.594094][   T27]  wiphy_unregister+0x223/0xb10
[  494.598986][   T27]  ? wiphy_register+0x2cc0/0x2cc0
[  494.604151][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  494.610073][   T27]  ? _raw_spin_unlock+0x40/0x40
[  494.615018][   T27]  ieee80211_unregister_hw+0x1b8/0x290
[  494.620673][   T27]  mac80211_hwsim_del_radio+0x2be/0x4a0
[  494.626297][   T27]  ? rhashtable_remove_fast+0xc50/0xc50
[  494.631904][   T27]  hwsim_exit_net+0x5b8/0x660
[  494.636654][   T27]  ? hwsim_init_net+0x80/0x80
[  494.641382][   T27]  ? __ip_vs_dev_cleanup_batch+0x235/0x250
[  494.647629][   T27]  cleanup_net+0x6ce/0xb60
[  494.652221][   T27]  ? ops_free_list+0x3b0/0x3b0
[  494.657576][   T27]  ? process_one_work+0x7a9/0x11d0
[  494.662779][   T27]  process_one_work+0x8a9/0x11d0
[  494.667911][   T27]  ? worker_detach_from_pool+0x260/0x260
[  494.673648][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  494.679217][   T27]  ? kthread_data+0x4e/0xc0
[  494.683771][   T27]  ? wq_worker_running+0x97/0x190
[  494.688834][   T27]  worker_thread+0xa47/0x1200
[  494.693805][   T27]  kthread+0x28d/0x320
[  494.697939][   T27]  ? worker_clr_flags+0x190/0x190
[  494.703345][   T27]  ? kthread_blkcg+0xd0/0xd0
[  494.707967][   T27]  ret_from_fork+0x1f/0x30
[  494.712413][   T27]  </TASK>
[  494.715551][   T27] INFO: task syz.0.302:5732 blocked for more than 143 seconds.
[  494.730196][   T27]       Not tainted 6.1.109-syzkaller #0
[  494.736074][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  494.744949][   T27] task:syz.0.302       state:D stack:26192 pid:5732  ppid:4893   flags:0x00004006
[  494.754304][   T27] Call Trace:
[  494.757590][   T27]  <TASK>
[  494.760513][   T27]  __schedule+0x143f/0x4570
[  494.765363][   T27]  ? __mutex_lock+0x6b4/0xd80
[  494.770069][   T27]  ? release_firmware_map_entry+0x186/0x186
[  494.776840][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  494.783105][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  494.788422][   T27]  schedule+0xbf/0x180
[  494.792606][   T27]  schedule_preempt_disabled+0xf/0x20
[  494.798011][   T27]  __mutex_lock+0x6b9/0xd80
[  494.802626][   T27]  ? kobject_put+0x422/0x460
[  494.807248][   T27]  ? __mutex_lock+0x53c/0xd80
[  494.811955][   T27]  ? rfkill_unregister+0xcc/0x220
[  494.817093][   T27]  ? mutex_lock_nested+0x10/0x10
[  494.822066][   T27]  ? kill_device+0x160/0x160
[  494.826734][   T27]  ? kmem_cache_free+0x292/0x510
[  494.831723][   T27]  rfkill_unregister+0xcc/0x220
[  494.836859][   T27]  hci_unregister_dev+0x362/0x500
[  494.841927][   T27]  vhci_release+0x7f/0xd0
[  494.846329][   T27]  ? vhci_open+0x360/0x360
[  494.850767][   T27]  __fput+0x3f6/0x8d0
[  494.854884][   T27]  task_work_run+0x246/0x300
[  494.859517][   T27]  ? kasan_quarantine_put+0xd4/0x220
[  494.864876][   T27]  ? task_work_cancel+0x2e0/0x2e0
[  494.869932][   T27]  ? kmem_cache_free+0x292/0x510
[  494.875120][   T27]  ? do_exit+0xa6e/0x26a0
[  494.879494][   T27]  do_exit+0xa73/0x26a0
[  494.883879][   T27]  ? put_task_struct+0x80/0x80
[  494.888847][   T27]  ? get_signal+0x161c/0x17d0
[  494.893667][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  494.899679][   T27]  ? print_irqtrace_events+0x210/0x210
[  494.905204][   T27]  do_group_exit+0x202/0x2b0
[  494.909818][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  494.915137][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  494.920356][   T27]  get_signal+0x16f7/0x17d0
[  494.924982][   T27]  ? ptrace_notify+0x370/0x370
[  494.929772][   T27]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  494.935507][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  494.940729][   T27]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  494.946488][   T27]  arch_do_signal_or_restart+0xb0/0x1a10
[  494.952145][   T27]  ? debug_object_free+0x2c8/0x460
[  494.957328][   T27]  ? debug_object_free+0x2c1/0x460
[  494.962830][   T27]  ? hrtimer_nanosleep+0x3ab/0x490
[  494.967982][   T27]  ? nanosleep_copyout+0x120/0x120
[  494.973180][   T27]  ? get_sigframe_size+0x10/0x10
[  494.978147][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  494.984395][   T27]  ? exit_to_user_mode_loop+0x39/0x100
[  494.989882][   T27]  exit_to_user_mode_loop+0x6a/0x100
[  494.995381][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  495.000956][   T27]  syscall_exit_to_user_mode+0x60/0x270
[  495.006599][   T27]  do_syscall_64+0x47/0xb0
[  495.011042][   T27]  ? clear_bhb_loop+0x45/0xa0
[  495.015764][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.021711][   T27] RIP: 0033:0x7f798f9aefe5
[  495.026206][   T27] RSP: 002b:00007f7990693f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  495.034676][   T27] RAX: fffffffffffffdfc RBX: 00007f798fb36130 RCX: 00007f798f9aefe5
[  495.042740][   T27] RDX: 00007f7990693fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  495.050723][   T27] RBP: 00007f798f9ef046 R08: 0000000000000000 R09: 0000000000000000
[  495.058729][   T27] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  495.066755][   T27] R13: 0000000000000000 R14: 00007f798fb36130 R15: 00007ffc84ea7318
[  495.074812][   T27]  </TASK>
[  495.077882][   T27] INFO: task syz-executor:6117 blocked for more than 144 seconds.
[  495.086780][   T27]       Not tainted 6.1.109-syzkaller #0
[  495.092407][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  495.101933][   T27] task:syz-executor    state:D stack:21304 pid:6117  ppid:1      flags:0x00004004
[  495.111242][   T27] Call Trace:
[  495.114591][   T27]  <TASK>
[  495.117538][   T27]  __schedule+0x143f/0x4570
[  495.122066][   T27]  ? __mutex_lock+0x6b4/0xd80
[  495.126853][   T27]  ? release_firmware_map_entry+0x186/0x186
[  495.132844][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  495.138332][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  495.143616][   T27]  schedule+0xbf/0x180
[  495.147724][   T27]  schedule_preempt_disabled+0xf/0x20
[  495.153176][   T27]  __mutex_lock+0x6b9/0xd80
[  495.157705][   T27]  ? __mutex_lock+0x53c/0xd80
[  495.162397][   T27]  ? rfkill_fop_open+0x130/0x680
[  495.167433][   T27]  ? mutex_lock_nested+0x10/0x10
[  495.172387][   T27]  ? __init_waitqueue_head+0xaa/0x140
[  495.177834][   T27]  rfkill_fop_open+0x130/0x680
[  495.182704][   T27]  ? module_put+0x15a/0x350
[  495.187218][   T27]  ? rfkill_fop_ioctl+0x230/0x230
[  495.192238][   T27]  misc_open+0x304/0x380
[  495.196526][   T27]  chrdev_open+0x54a/0x630
[  495.200964][   T27]  ? cd_forget+0x160/0x160
[  495.205657][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  495.210896][   T27]  ? fsnotify_perm+0x472/0x590
[  495.215888][   T27]  ? cd_forget+0x160/0x160
[  495.220343][   T27]  do_dentry_open+0x7f9/0x10f0
[  495.225229][   T27]  path_openat+0x2644/0x2e60
[  495.229850][   T27]  ? mark_lock+0x9a/0x340
[  495.234298][   T27]  ? do_filp_open+0x480/0x480
[  495.239028][   T27]  do_filp_open+0x230/0x480
[  495.243630][   T27]  ? vfs_tmpfile+0x4a0/0x4a0
[  495.248266][   T27]  ? _raw_spin_unlock+0x24/0x40
[  495.253177][   T27]  ? alloc_fd+0x5a0/0x640
[  495.257522][   T27]  do_sys_openat2+0x13b/0x4f0
[  495.262215][   T27]  ? do_sys_open+0x220/0x220
[  495.266852][   T27]  ? blkcg_maybe_throttle_current+0x1ac/0xa30
[  495.273004][   T27]  __x64_sys_openat+0x243/0x290
[  495.277886][   T27]  ? __ia32_sys_open+0x270/0x270
[  495.282954][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  495.288962][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  495.294229][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  495.300221][   T27]  do_syscall_64+0x3b/0xb0
[  495.304722][   T27]  ? clear_bhb_loop+0x45/0xa0
[  495.309451][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.316149][   T27] RIP: 0033:0x7fa55f77b890
[  495.320578][   T27] RSP: 002b:00007ffeb118c2d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  495.329052][   T27] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa55f77b890
[  495.337071][   T27] RDX: 0000000000000002 RSI: 00007fa55f7ef91e RDI: 00000000ffffff9c
[  495.345109][   T27] RBP: 00007fa55f7ef91e R08: 0000000000000000 R09: 0000000000000000
[  495.353134][   T27] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000000c
[  495.361111][   T27] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  495.369157][   T27]  </TASK>
[  495.372239][   T27] INFO: task syz.0.365:6180 blocked for more than 144 seconds.
[  495.379844][   T27]       Not tainted 6.1.109-syzkaller #0
[  495.385551][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  495.394267][   T27] task:syz.0.365       state:D stack:24680 pid:6180  ppid:4893   flags:0x00004006
[  495.403571][   T27] Call Trace:
[  495.406863][   T27]  <TASK>
[  495.409795][   T27]  __schedule+0x143f/0x4570
[  495.414396][   T27]  ? __mutex_lock+0x6b4/0xd80
[  495.419088][   T27]  ? release_firmware_map_entry+0x186/0x186
[  495.425231][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  495.430733][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  495.436288][   T27]  schedule+0xbf/0x180
[  495.440395][   T27]  schedule_preempt_disabled+0xf/0x20
[  495.445857][   T27]  __mutex_lock+0x6b9/0xd80
[  495.450364][   T27]  ? kobject_put+0x422/0x460
[  495.455016][   T27]  ? __mutex_lock+0x53c/0xd80
[  495.459705][   T27]  ? rfkill_unregister+0xcc/0x220
[  495.464801][   T27]  ? mutex_lock_nested+0x10/0x10
[  495.469754][   T27]  ? kill_device+0x160/0x160
[  495.474408][   T27]  ? nfc_genl_device_removed+0x251/0x370
[  495.480058][   T27]  ? nfc_genl_setup_device_added+0x3f0/0x3f0
[  495.486114][   T27]  rfkill_unregister+0xcc/0x220
[  495.490982][   T27]  nfc_unregister_device+0x92/0x290
[  495.496251][   T27]  virtual_ncidev_close+0x55/0x90
[  495.501293][   T27]  ? virtual_ncidev_open+0xc0/0xc0
[  495.506448][   T27]  __fput+0x3f6/0x8d0
[  495.510451][   T27]  task_work_run+0x246/0x300
[  495.515133][   T27]  ? kasan_quarantine_put+0xd4/0x220
[  495.520437][   T27]  ? task_work_cancel+0x2e0/0x2e0
[  495.525829][   T27]  ? kmem_cache_free+0x292/0x510
[  495.530793][   T27]  ? do_exit+0xa6e/0x26a0
[  495.535371][   T27]  do_exit+0xa73/0x26a0
[  495.539569][   T27]  ? put_task_struct+0x80/0x80
[  495.545369][   T27]  ? get_signal+0x137e/0x17d0
[  495.550086][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  495.556186][   T27]  ? print_irqtrace_events+0x210/0x210
[  495.561664][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  495.566841][   T27]  do_group_exit+0x202/0x2b0
[  495.571452][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  495.576715][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  495.581927][   T27]  get_signal+0x16f7/0x17d0
[  495.586506][   T27]  ? ptrace_notify+0x370/0x370
[  495.591313][   T27]  arch_do_signal_or_restart+0xb0/0x1a10
[  495.597025][   T27]  ? ____sys_sendmsg+0x8f0/0x8f0
[  495.602005][   T27]  ? get_sigframe_size+0x10/0x10
[  495.606995][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  495.613079][   T27]  ? exit_to_user_mode_loop+0x39/0x100
[  495.618546][   T27]  exit_to_user_mode_loop+0x6a/0x100
[  495.623887][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  495.629441][   T27]  syscall_exit_to_user_mode+0x60/0x270
[  495.635077][   T27]  do_syscall_64+0x47/0xb0
[  495.639537][   T27]  ? clear_bhb_loop+0x45/0xa0
[  495.645029][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.650978][   T27] RIP: 0033:0x7f798f97cef9
[  495.655472][   T27] RSP: 002b:00007f79906b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.663969][   T27] RAX: 00000000000006f4 RBX: 00007f798fb36058 RCX: 00007f798f97cef9
[  495.671936][   T27] RDX: 0000000000000000 RSI: 0000000020001380 RDI: 0000000000000003
[  495.679962][   T27] RBP: 00007f798f9ef046 R08: 0000000000000000 R09: 0000000000000000
[  495.689296][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.697400][   T27] R13: 0000000000000000 R14: 00007f798fb36058 R15: 00007ffc84ea7318
[  495.705435][   T27]  </TASK>
[  495.708458][   T27] INFO: task syz.4.366:6187 blocked for more than 144 seconds.
[  495.716107][   T27]       Not tainted 6.1.109-syzkaller #0
[  495.721753][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  495.730629][   T27] task:syz.4.366       state:D stack:24704 pid:6187  ppid:4116   flags:0x00004004
[  495.739914][   T27] Call Trace:
[  495.743269][   T27]  <TASK>
[  495.746222][   T27]  __schedule+0x143f/0x4570
[  495.750785][   T27]  ? release_firmware_map_entry+0x186/0x186
[  495.757186][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  495.762948][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  495.768237][   T27]  schedule+0xbf/0x180
[  495.772537][   T27]  schedule_preempt_disabled+0xf/0x20
[  495.777961][   T27]  __mutex_lock+0x6b9/0xd80
[  495.782570][   T27]  ? __mutex_lock+0x53c/0xd80
[  495.787263][   T27]  ? nfc_rfkill_set_block+0x4c/0x2f0
[  495.792617][   T27]  ? mutex_lock_nested+0x10/0x10
[  495.797565][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  495.802828][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  495.808050][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  495.814034][   T27]  ? _raw_spin_unlock+0x40/0x40
[  495.818903][   T27]  nfc_rfkill_set_block+0x4c/0x2f0
[  495.824097][   T27]  ? nfc_unregister_device+0x290/0x290
[  495.829588][   T27]  rfkill_set_block+0x1e7/0x430
[  495.834520][   T27]  rfkill_fop_write+0x5b7/0x790
[  495.839394][   T27]  ? rfkill_fop_read+0x470/0x470
[  495.844478][   T27]  ? fsnotify_perm+0x64/0x590
[  495.849175][   T27]  ? security_file_permission+0x75/0xa0
[  495.854771][   T27]  ? rfkill_fop_read+0x470/0x470
[  495.859754][   T27]  vfs_write+0x2d9/0xbc0
[  495.864822][   T27]  ? file_end_write+0x250/0x250
[  495.869696][   T27]  ? __rcu_read_unlock+0x92/0x100
[  495.874799][   T27]  ? __fget_files+0x28/0x4a0
[  495.879416][   T27]  ? __fget_files+0x435/0x4a0
[  495.884215][   T27]  ? __fget_files+0x28/0x4a0
[  495.888841][   T27]  ? __fdget_pos+0x1db/0x360
[  495.893504][   T27]  ? ksys_write+0x77/0x2c0
[  495.897935][   T27]  ksys_write+0x19c/0x2c0
[  495.902288][   T27]  ? print_irqtrace_events+0x210/0x210
[  495.907853][   T27]  ? __ia32_sys_read+0x80/0x80
[  495.912720][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  495.918697][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  495.924275][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  495.930287][   T27]  do_syscall_64+0x3b/0xb0
[  495.934764][   T27]  ? clear_bhb_loop+0x45/0xa0
[  495.939504][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.945453][   T27] RIP: 0033:0x7f00af37cef9
[  495.949878][   T27] RSP: 002b:00007f00b0118038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  495.958368][   T27] RAX: ffffffffffffffda RBX: 00007f00af536208 RCX: 00007f00af37cef9
[  495.966392][   T27] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000008
[  495.975186][   T27] RBP: 00007f00af3ef046 R08: 0000000000000000 R09: 0000000000000000
[  495.983237][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.991217][   T27] R13: 0000000000000001 R14: 00007f00af536208 R15: 00007ffd6d657b88
[  495.999262][   T27]  </TASK>
[  496.002324][   T27] INFO: task syz-executor:6261 blocked for more than 145 seconds.
[  496.010440][   T27]       Not tainted 6.1.109-syzkaller #0
[  496.016475][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  496.025519][   T27] task:syz-executor    state:D stack:27072 pid:6261  ppid:1      flags:0x00004004
[  496.035042][   T27] Call Trace:
[  496.038341][   T27]  <TASK>
[  496.041276][   T27]  __schedule+0x143f/0x4570
[  496.045900][   T27]  ? release_firmware_map_entry+0x186/0x186
[  496.051871][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  496.057403][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  496.062704][   T27]  schedule+0xbf/0x180
[  496.066801][   T27]  schedule_preempt_disabled+0xf/0x20
[  496.072175][   T27]  __mutex_lock+0x6b9/0xd80
[  496.077406][   T27]  ? __mutex_lock+0x53c/0xd80
[  496.082105][   T27]  ? rfkill_register+0x30/0x880
[  496.087310][   T27]  ? mutex_lock_nested+0x10/0x10
[  496.092273][   T27]  ? __init_waitqueue_head+0xaa/0x140
[  496.098144][   T27]  ? device_initialize+0x24a/0x450
[  496.104123][   T27]  rfkill_register+0x30/0x880
[  496.108827][   T27]  hci_register_dev+0x4df/0xa40
[  496.113945][   T27]  vhci_create_device+0x3ba/0x700
[  496.119002][   T27]  vhci_write+0x38b/0x440
[  496.123541][   T27]  vfs_write+0x857/0xbc0
[  496.127804][   T27]  ? file_end_write+0x250/0x250
[  496.133538][   T27]  ? __fdget_pos+0x1db/0x360
[  496.138157][   T27]  ksys_write+0x19c/0x2c0
[  496.142528][   T27]  ? print_irqtrace_events+0x210/0x210
[  496.148026][   T27]  ? __ia32_sys_read+0x80/0x80
[  496.152963][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.158958][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  496.165001][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.171008][   T27]  do_syscall_64+0x3b/0xb0
[  496.175537][   T27]  ? clear_bhb_loop+0x45/0xa0
[  496.180264][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.186365][   T27] RIP: 0033:0x7fbf15f7b9a0
[  496.190792][   T27] RSP: 002b:00007ffcc30f22e8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  496.200239][   T27] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbf15f7b9a0
[  496.208324][   T27] RDX: 0000000000000002 RSI: 00007ffcc30f22fa RDI: 00000000000000ca
[  496.216354][   T27] RBP: 00007fbf16136a38 R08: 0000000000000000 R09: 00007fbf16c6d6c0
[  496.224409][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  496.232394][   T27] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  496.240456][   T27]  </TASK>
[  496.243596][   T27] INFO: task syz-executor:6268 blocked for more than 145 seconds.
[  496.251424][   T27]       Not tainted 6.1.109-syzkaller #0
[  496.258254][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  496.267048][   T27] task:syz-executor    state:D stack:26336 pid:6268  ppid:1      flags:0x00004004
[  496.276311][   T27] Call Trace:
[  496.279589][   T27]  <TASK>
[  496.282630][   T27]  __schedule+0x143f/0x4570
[  496.287177][   T27]  ? release_firmware_map_entry+0x186/0x186
[  496.293754][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  496.299241][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  496.304510][   T27]  schedule+0xbf/0x180
[  496.308597][   T27]  schedule_preempt_disabled+0xf/0x20
[  496.315117][   T27]  __mutex_lock+0x6b9/0xd80
[  496.319636][   T27]  ? __mutex_lock+0x53c/0xd80
[  496.324725][   T27]  ? rfkill_register+0x30/0x880
[  496.329591][   T27]  ? mutex_lock_nested+0x10/0x10
[  496.334593][   T27]  ? __init_waitqueue_head+0xaa/0x140
[  496.339989][   T27]  ? device_initialize+0x24a/0x450
[  496.345152][   T27]  rfkill_register+0x30/0x880
[  496.349853][   T27]  hci_register_dev+0x4df/0xa40
[  496.354796][   T27]  vhci_create_device+0x3ba/0x700
[  496.359843][   T27]  vhci_write+0x38b/0x440
[  496.364587][   T27]  vfs_write+0x857/0xbc0
[  496.368861][   T27]  ? file_end_write+0x250/0x250
[  496.373911][   T27]  ? __fdget_pos+0x1db/0x360
[  496.378523][   T27]  ksys_write+0x19c/0x2c0
[  496.383046][   T27]  ? print_irqtrace_events+0x210/0x210
[  496.388539][   T27]  ? __ia32_sys_read+0x80/0x80
[  496.393523][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.399519][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  496.405097][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.411110][   T27]  do_syscall_64+0x3b/0xb0
[  496.416568][   T27]  ? clear_bhb_loop+0x45/0xa0
[  496.421299][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.427302][   T27] RIP: 0033:0x7f71b277b9a0
[  496.431879][   T27] RSP: 002b:00007ffc6d0737a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  496.440365][   T27] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f71b277b9a0
[  496.448423][   T27] RDX: 0000000000000002 RSI: 00007ffc6d0737ba RDI: 00000000000000ca
[  496.456448][   T27] RBP: 00007f71b2936a38 R08: 0000000000000000 R09: 00007f71b346d6c0
[  496.464570][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  496.472661][   T27] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  496.480668][   T27]  </TASK>
[  496.483803][   T27] INFO: task syz.3.378:6361 blocked for more than 145 seconds.
[  496.491359][   T27]       Not tainted 6.1.109-syzkaller #0
[  496.497095][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  496.505825][   T27] task:syz.3.378       state:D stack:23976 pid:6361  ppid:5573   flags:0x00004004
[  496.515094][   T27] Call Trace:
[  496.518397][   T27]  <TASK>
[  496.521333][   T27]  __schedule+0x143f/0x4570
[  496.526253][   T27]  ? release_firmware_map_entry+0x186/0x186
[  496.532183][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  496.539300][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  496.544571][   T27]  schedule+0xbf/0x180
[  496.548673][   T27]  schedule_preempt_disabled+0xf/0x20
[  496.554148][   T27]  __mutex_lock+0x6b9/0xd80
[  496.558673][   T27]  ? __mutex_lock+0x53c/0xd80
[  496.563450][   T27]  ? misc_open+0x58/0x380
[  496.567798][   T27]  ? mutex_lock_nested+0x10/0x10
[  496.572835][   T27]  ? kobject_get_unless_zero+0x229/0x320
[  496.578515][   T27]  misc_open+0x58/0x380
[  496.583491][   T27]  chrdev_open+0x54a/0x630
[  496.587940][   T27]  ? cd_forget+0x160/0x160
[  496.592358][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  496.597691][   T27]  ? fsnotify_perm+0x472/0x590
[  496.602647][   T27]  ? cd_forget+0x160/0x160
[  496.607102][   T27]  do_dentry_open+0x7f9/0x10f0
[  496.611885][   T27]  path_openat+0x2644/0x2e60
[  496.616627][   T27]  ? mark_lock+0x9a/0x340
[  496.621333][   T27]  ? do_filp_open+0x480/0x480
[  496.626146][   T27]  do_filp_open+0x230/0x480
[  496.630681][   T27]  ? vfs_tmpfile+0x4a0/0x4a0
[  496.635579][   T27]  ? _raw_spin_unlock+0x24/0x40
[  496.640462][   T27]  ? alloc_fd+0x5a0/0x640
[  496.646420][   T27]  do_sys_openat2+0x13b/0x4f0
[  496.651145][   T27]  ? do_sys_open+0x220/0x220
[  496.655818][   T27]  ? cap_safe_nice+0x31f/0x3a0
[  496.660626][   T27]  __x64_sys_openat+0x243/0x290
[  496.665592][   T27]  ? __ia32_sys_open+0x270/0x270
[  496.670561][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.676581][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  496.681799][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  496.687859][   T27]  do_syscall_64+0x3b/0xb0
[  496.692304][   T27]  ? clear_bhb_loop+0x45/0xa0
[  496.697251][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.703866][   T27] RIP: 0033:0x7f9eee37cef9
[  496.708310][   T27] RSP: 002b:00007f9eef16c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  496.716798][   T27] RAX: ffffffffffffffda RBX: 00007f9eee535f80 RCX: 00007f9eee37cef9
[  496.725530][   T27] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  496.734378][   T27] RBP: 00007f9eee3ef046 R08: 0000000000000000 R09: 0000000000000000
[  496.742371][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  496.750373][   T27] R13: 0000000000000000 R14: 00007f9eee535f80 R15: 00007ffccd3cf598
[  496.759192][   T27]  </TASK>
[  496.762242][   T27] 
[  496.762242][   T27] Showing all locks held in the system:
[  496.770007][   T27] 1 lock held by rcu_tasks_kthre/12:
[  496.775322][   T27]  #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  496.785822][   T27] 1 lock held by rcu_tasks_trace/13:
[  496.791115][   T27]  #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  496.802126][   T27] 1 lock held by khungtaskd/27:
[  496.810670][   T27]  #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  496.820789][   T27] 3 locks held by kworker/1:2/151:
[  496.826070][   T27]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  496.836499][   T27]  #1: ffffc90002dcfd20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  496.849745][   T27]  #2: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x23/0xd0
[  496.862172][   T27] 2 locks held by getty/3399:
[  496.866986][   T27]  #0: ffff88814bc82098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  496.876844][   T27]  #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  496.886995][   T27] 4 locks held by kworker/u4:5/3690:
[  496.892277][   T27]  #0: ffff888017e1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  496.902631][   T27]  #1: ffffc9000481fd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  496.912665][   T27]  #2: ffffffff8e4ecb90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  496.922014][   T27]  #3: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  496.932224][   T27] 1 lock held by syz.0.302/5732:
[  496.937223][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  496.947399][   T27] 2 locks held by syz-executor/6117:
[  496.952749][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  496.961226][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_open+0x130/0x680
[  496.971727][   T27] 2 locks held by syz.0.365/6180:
[  496.978306][   T27]  #0: ffff88801bea8100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x5f/0x290
[  496.988129][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  496.998327][   T27] 2 locks held by syz.4.366/6187:
[  497.003449][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a5/0x790
[  497.013626][   T27]  #1: ffff88801bea8100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x4c/0x2f0
[  497.023627][   T27] 2 locks held by syz-executor/6261:
[  497.028942][   T27]  #0: ffff888057055918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  497.039305][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  497.049401][   T27] 2 locks held by syz-executor/6268:
[  497.054823][   T27]  #0: ffff888053413918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  497.065565][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  497.075603][   T27] 1 lock held by syz.3.378/6361:
[  497.080557][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.089556][   T27] 1 lock held by syz-executor/6372:
[  497.095147][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.103864][   T27] 1 lock held by syz.1.384/6384:
[  497.108807][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.117305][   T27] 1 lock held by syz.1.384/6385:
[  497.122337][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.130904][   T27] 1 lock held by syz.1.384/6386:
[  497.136510][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.145033][   T27] 1 lock held by syz.1.384/6387:
[  497.149971][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.158446][   T27] 1 lock held by syz-executor/6394:
[  497.163680][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.172233][   T27] 1 lock held by syz-executor/6397:
[  497.177825][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.187264][   T27] 1 lock held by syz-executor/6398:
[  497.192614][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.201217][   T27] 1 lock held by syz-executor/6400:
[  497.206533][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.215348][   T27] 1 lock held by syz-executor/6402:
[  497.220560][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.229168][   T27] 1 lock held by syz-executor/6405:
[  497.234408][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.242985][   T27] 1 lock held by syz-executor/6406:
[  497.248195][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.256757][   T27] 1 lock held by syz-executor/6408:
[  497.261957][   T27]  #0: ffffffff8da7f368 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  497.270622][   T27] 
[  497.273015][   T27] =============================================
[  497.273015][   T27] 
[  497.281438][   T27] NMI backtrace for cpu 1
[  497.285771][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.109-syzkaller #0
[  497.293657][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  497.303717][   T27] Call Trace:
[  497.306987][   T27]  <TASK>
[  497.309909][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  497.314587][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  497.320036][   T27]  ? panic+0x764/0x764
[  497.324092][   T27]  ? vprintk_emit+0x622/0x740
[  497.328765][   T27]  ? printk_sprint+0x490/0x490
[  497.333535][   T27]  ? nmi_cpu_backtrace+0x252/0x560
[  497.338669][   T27]  nmi_cpu_backtrace+0x4e1/0x560
[  497.343620][   T27]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  497.349775][   T27]  ? _printk+0xd1/0x111
[  497.353933][   T27]  ? panic+0x764/0x764
[  497.357998][   T27]  ? __wake_up_klogd+0xcc/0x100
[  497.362838][   T27]  ? panic+0x764/0x764
[  497.366901][   T27]  ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0
[  497.372972][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  497.379041][   T27]  nmi_trigger_cpumask_backtrace+0x1ae/0x3f0
[  497.385026][   T27]  watchdog+0xf88/0xfd0
[  497.389183][   T27]  ? watchdog+0x1f8/0xfd0
[  497.393513][   T27]  kthread+0x28d/0x320
[  497.397573][   T27]  ? hungtask_pm_notify+0x50/0x50
[  497.402592][   T27]  ? kthread_blkcg+0xd0/0xd0
[  497.407187][   T27]  ret_from_fork+0x1f/0x30
[  497.411617][   T27]  </TASK>
[  497.414962][   T27] Sending NMI from CPU 1 to CPUs 0:
[  497.420292][    C0] NMI backtrace for cpu 0
[  497.420303][    C0] CPU: 0 PID: 3964 Comm: kworker/u4:14 Not tainted 6.1.109-syzkaller #0
[  497.420321][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  497.420331][    C0] Workqueue: events_unbound toggle_allocation_gate
[  497.420358][    C0] RIP: 0010:kasan_check_range+0x7b/0x290
[  497.420377][    C0] Code: 00 00 00 00 fc ff df 4f 8d 34 1a 4c 89 f5 4c 29 cd 48 83 fd 10 7f 26 48 85 ed 0f 84 3a 01 00 00 49 f7 d2 49 01 da 41 80 39 00 <0f> 85 c4 01 00 00 49 ff c1 49 ff c2 75 ee e9 1d 01 00 00 45 89 cf
[  497.420391][    C0] RSP: 0018:ffffc90005307b18 EFLAGS: 00000202
[  497.420405][    C0] RAX: 0000000000000001 RBX: 1ffffffff1a83738 RCX: ffffffff81e285c8
[  497.420417][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d41b9c0
[  497.420428][    C0] RBP: 0000000000000001 R08: dffffc0000000000 R09: fffffbfff1a83738
[  497.420440][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  497.420453][    C0] R13: 1ffff92000a60f68 R14: fffffbfff1a83739 R15: 0000000000001b58
[  497.420466][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  497.420480][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  497.420503][    C0] CR2: 00007f801c4660a9 CR3: 000000000d08e000 CR4: 00000000003506f0
[  497.420518][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  497.420527][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  497.420537][    C0] Call Trace:
[  497.420542][    C0]  <NMI>
[  497.420548][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  497.420574][    C0]  ? read_lock_is_recursive+0x10/0x10
[  497.420613][    C0]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  497.420638][    C0]  ? nmi_handle+0x25/0x440
[  497.420669][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  497.420693][    C0]  ? nmi_handle+0x12e/0x440
[  497.420717][    C0]  ? nmi_handle+0x25/0x440
[  497.420741][    C0]  ? kasan_check_range+0x7b/0x290
[  497.420755][    C0]  ? default_do_nmi+0x62/0x150
[  497.420772][    C0]  ? exc_nmi+0xa8/0x100
[  497.420785][    C0]  ? end_repeat_nmi+0x16/0x31
[  497.420812][    C0]  ? toggle_allocation_gate+0x128/0x480
[  497.420833][    C0]  ? kasan_check_range+0x7b/0x290
[  497.420849][    C0]  ? kasan_check_range+0x7b/0x290
[  497.420865][    C0]  ? kasan_check_range+0x7b/0x290
[  497.420880][    C0]  </NMI>
[  497.420884][    C0]  <TASK>
[  497.420890][    C0]  toggle_allocation_gate+0x128/0x480
[  497.420910][    C0]  ? show_object+0xa0/0xa0
[  497.420933][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  497.420958][    C0]  ? print_irqtrace_events+0x210/0x210
[  497.420980][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  497.421001][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  497.421019][    C0]  ? process_one_work+0x7a9/0x11d0
[  497.421037][    C0]  process_one_work+0x8a9/0x11d0
[  497.421063][    C0]  ? worker_detach_from_pool+0x260/0x260
[  497.421083][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  497.421101][    C0]  ? kthread_data+0x4e/0xc0
[  497.421126][    C0]  ? wq_worker_running+0x97/0x190
[  497.421152][    C0]  worker_thread+0xa47/0x1200
[  497.421174][    C0]  ? _raw_spin_unlock+0x40/0x40
[  497.421198][    C0]  kthread+0x28d/0x320
[  497.421210][    C0]  ? worker_clr_flags+0x190/0x190
[  497.421227][    C0]  ? kthread_blkcg+0xd0/0xd0
[  497.421241][    C0]  ret_from_fork+0x1f/0x30
[  497.421269][    C0]  </TASK>
[  497.421436][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  497.747607][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.1.109-syzkaller #0
[  497.755511][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  497.765574][   T27] Call Trace:
[  497.768872][   T27]  <TASK>
[  497.771809][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  497.776518][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  497.781991][   T27]  ? panic+0x764/0x764
[  497.786054][   T27]  ? llist_add_batch+0x160/0x1d0
[  497.791000][   T27]  ? vscnprintf+0x59/0x80
[  497.795329][   T27]  panic+0x318/0x764
[  497.799234][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  497.805397][   T27]  ? memcpy_page_flushcache+0xfc/0xfc
[  497.810756][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  497.816910][   T27]  ? nmi_trigger_cpumask_backtrace+0x338/0x3f0
[  497.823075][   T27]  ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0
[  497.829223][   T27]  watchdog+0xfc7/0xfd0
[  497.833400][   T27]  ? watchdog+0x1f8/0xfd0
[  497.837765][   T27]  kthread+0x28d/0x320
[  497.841848][   T27]  ? hungtask_pm_notify+0x50/0x50
[  497.846874][   T27]  ? kthread_blkcg+0xd0/0xd0
[  497.851479][   T27]  ret_from_fork+0x1f/0x30
[  497.855923][   T27]  </TASK>
[  497.859295][   T27] Kernel Offset: disabled
[  497.863622][   T27] Rebooting in 86400 seconds..