last executing test programs:

28.382011458s ago: executing program 1 (id=2037):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
getpeername(r0, 0x0, 0x0)

28.216548811s ago: executing program 1 (id=2039):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @remote}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0xd, &(0x7f00000000c0)={r1}, 0x8)

28.061530544s ago: executing program 1 (id=2040):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c00)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x3f})
mmap$IORING_OFF_SQ_RING(&(0x7f000048e000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)

27.830062913s ago: executing program 1 (id=2042):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_io_uring_setup(0xeec, &(0x7f0000000780), 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)

24.615923219s ago: executing program 1 (id=2057):
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f0000000440)={0x80})

24.331961382s ago: executing program 1 (id=2059):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e22, 0xffff, @remote, 0x80000001}}, 0xab6}, &(0x7f0000000140)=0x90)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000200))
capset(&(0x7f0000000240), 0x0)
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000040)={0x3}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f000000d380))
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x8142, 0x0)
r2 = dup(r1)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @rand_addr=0x64010101}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000080)=[{0x0}], 0x1)
fallocate(r2, 0x11, 0x0, 0x100000061200)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540000000206010800000000000000000000000005000500000000000900020073797a31000000000c0007800800064000000000050005000a00000005000100060000000d0003dd6b6973743a7365740000"], 0x54}}, 0x0)
r4 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e22, 0x8, @remote}, @in={0x2, 0x0, @private=0xa010101}, @in6={0xa, 0x4e20, 0x7, @local, 0x4}, @in6={0xa, 0x4e24, 0xda7, @mcast2, 0x80000001}, @in6={0xa, 0x4e20, 0x57fb, @local, 0x1}], 0x80)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(r6, 0xffffffffffffffff, 0x0, 0x8)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)

4.00811791s ago: executing program 3 (id=2145):
futex(&(0x7f0000004580)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x4022, &(0x7f00000045c0)="$eJzs0DEOAUEUBuB/N4LQqF1CoyZKR9HolBpXUTmGROMgLuAEmtnESpBVyvc1897kTf7MG99OqyTVbLdNnZbndlknVZJ56av8iWFTDL6Ovv75mizOSUZd8lo73tw/TE7e3O8Ppeh3yW30yrk+Ti+/vAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODBDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcyAAAAAML8rfNoPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEsBAAD//0xACYs=")
socket$unix(0x1, 0x0, 0x0)
r0 = eventfd(0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RSTATFS(r1, &(0x7f0000000080)={0x43}, 0x43)
write$FUSE_LK(r1, &(0x7f0000002340)={0x28, 0xfffffffffffffffe}, 0x28)

3.828681524s ago: executing program 2 (id=2147):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000780), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000100)=""/76, 0x4c)
getdents(r2, &(0x7f0000001fc0)=""/178, 0xb2)

3.76456396s ago: executing program 3 (id=2148):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000080), 0x4)

3.674424137s ago: executing program 2 (id=2149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.64026845s ago: executing program 3 (id=2150):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = eventfd(0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$FUSE_ATTR(r2, &(0x7f0000000240)={0x78, 0xfffffffffffffffe, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x78)
write$cgroup_devices(r2, &(0x7f0000000000)=ANY=[@ANYRESOCT], 0x8)
close(r2)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r3=>0xffffffffffffffff})
r4 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, 0x0)

3.6377419s ago: executing program 0 (id=2151):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180), 0x4)
pipe2(0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x4)
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
lseek(r0, 0x7ffffb, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0xa)
r1 = epoll_create1(0x0)
dup2(r1, r0)

3.364611323s ago: executing program 4 (id=2152):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x90)

3.364300093s ago: executing program 3 (id=2153):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000400)={0x0, 0x8, 0x1, 'h'}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x23, &(0x7f0000000000)={0x0, 0x8}, 0x8)

3.364006413s ago: executing program 2 (id=2154):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
write$sequencer(r2, &(0x7f00000001c0)=[@x={0x94, 0x9, "c3e023e70b38"}, @raw={0xfe, 0xc, "b177389b33ca"}], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56741, 0x1, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x21}}]}}]}, 0x48}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r4, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002900)={&(0x7f0000000240)={0x28, r3, 0x1, 0x0, 0x0, {{0xc}, {@val={0x8, 0x3, r5}, @void}}, [@key_params=[@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]]}, 0x28}}, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
r10 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip6_mr_cache\x00')
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x7ffffffffffffffe, 0x3ff})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r12, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x50, r11, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x50}}, 0x0)
preadv(r10, &(0x7f0000000040)=[{&(0x7f0000001280)=""/64, 0x40}], 0x1, 0x800000, 0x0)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r7], 0x40}}, 0x0)
r14 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r14, 0xc0d05605, &(0x7f0000000080)={0x9, @sdr})
sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r3, 0x2, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x20000001)

3.224482194s ago: executing program 0 (id=2155):
syz_emit_vhci(0x0, 0x17)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
r1 = open_tree(r0, &(0x7f00000000c0)='.\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640), 0x0, 0x0)
ioprio_get$uid(0x0, 0xffffffffffffffff)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000480)="ce153190ad2ef50ecd6791a90717cbd326404da89188518edeca49c337ba725e895aea60cdc8812da89bb921c5578493635af06f6b0f7f2480da419d801e801023865623a71179038587a0b25170ed34092ffd5f4cce639aa7d37526ffaddcf7c1f5463855f78ebadb13359d0be766c261c76c3c1fa93c2c7621247db50cb53b5eee5155f432029399e5c3989d35dfa48d3957850589e1bb3aba254e1f92ac1b6016158040f64d49d911d2838ba912dbacd1836e0f8cb89d1889b89e", 0xbc}, {&(0x7f0000000540)="29b43af6dbba745d5aefb47a18315f0a7d29dd9bae7b9a6cad40e5763fa094e9df33d2e0f6005dbbf0e9d220e3e5db4619de4edb48dffa40d89d6c3addca1842b39704532127ea6f58dc719f51aef6f6d51473ac833af3e4c808e645a931c3acbfe879a94a7cd7a831ff441dbeb4c06efe46f500ad16b4bf8890c73e22ca", 0x7e}, {&(0x7f0000000780)="0230233a762bdfc9c10e1d2c13e788bf8a0f5fe3b6fbeca3d0b4e033b8c70024f8b4ee87cb8820d07ab7ced6473faf37cbc46e7c3c94f981dcea25b12faa3a00e2776fb2aca2cf34baf0b7209792ab10f34d8e797261e7427eeed1b0efa02fc5dd746d922a47b9ff347356357d116ba9af39508922f4612023d8fa5efc0c", 0x7e}, {&(0x7f0000000f80)="46a417c6d0c520d8cf5ca637e335a986752a2a3ac91c88bea2aea5d8962a7eb557f84f4c7ef95a511175c499677ae7e607f00554255b4f1a90ec60afd026fe1a14085fa78c2892edc675f5ddd769279ca193974a78eabd8b79bcfdfb80b447a229bb2f69aa93d97265eb62a9c693b54bb586d4bdc547662ab66fceeaf08104952d596887a75113cd713b899a86731cd1a392dfd6dbcc026a46bd228aa4a356d5bc9f0d12ac09ba0b615de74a849b2665465d9e0f1c17ff9ac47b0590b99e3991b5243c44bdc1a21c950beb09b43e9e5bd2e7da", 0xd3}], 0x4}, 0x4000810)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000002ec0)=""/4096, 0x1000)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xd, 0x6b3, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvrNdbb6iC0yZthApYiVSQIhI7VgrhQkAI5VChqhw4W4nTWNkkleMit0LgAoITEof+AQXJN05I3IPCucdeLU6VkLhEHCIuRjM7a6+965c4tjeBzycaP8/M88wzv/nN2+461gb4v3X9QpoPU+T6hbeXy/m11dnO2ursS3VzJ0lZbyTNbpHiXlI8Sq6V7UXflL5ywCcLV9/9/PHaF925Zj1V/Ru7rTfEkL4r9ZSpJGN1OWh8v5vYMt6NJC8PdGntd6wtHcukna9LGLn1ASu79P7HyW0Lnua6BZ4zvadT0X1uDphMTiSZqF8HpL47NI4vwqOx210OAAAA/ld8dn/UEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCLp/7+/6KeGnWZqRS97/9v9ZbV9Rfaw1EHAAAAAAAAAACH4OtP8iTLOdmbXy+q3/mfq2ZO5z/ryZfyQR5kPou5mOXMZSlLWcxMksm+gVrLc0tLizMba5aGr3l56JqXj2uPAQAAAAAAAOAF1t6x5Ve5vvn7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeB4UyVi3yHqS0xsNK41md3Fa3QVTXxtZkAdTDFv48PjjAAAAgGcycYB1vvwkT7Kck7359aJ6z/9a9X55Ih/kXpaykKV0Mp+b9XvoVpLG2upsZ2119m45DY77/X89VRjViOl+9lBteePNem/LZ6se7dzKQrXkYm5UfW6mUa1ZOtuLZ3hcH5cxFd+rDcTQHBpZs05rubE/7PQpwqF42o8iJuuQexmZrmMrs3Gqm4EiWSkXbc/EnkenuX1LaWR8Y0szafQ+BcrpZ8r5cCfqstyf3x5pznexMmzhRiYaqTJxue/se233TCTf+Ouff3q7c+/O7VsPLoxklw5ibIfldSZ6Z1hm+zLx+gudieH3gZ1NV5k4szF/PT/KT3IhU3kni1nIzzKXpcxXn6eW5urzufw5uXumrm2Ze2evSFr1cekes/3ENJUfVrW5nKvWPZmFFLmfm5nPW9W/y5nJt3MlV3K17wif2THuat+qq76x/arvHem/DQ3+/DfrSjvJ7+pyIAe1lfWunc7Ow9K995d5PdWX1+6d8PFGr1N998bpviy90svO+NDBD3JvbH6lrpTb+HVdPh8m60yUF1DvKdGL7tVuJprVs2jwPP9jdW086Ny7s3h77v0dxt9+Q36zLsvTavWr+41y/BieJ+X58kom6jvJ1rOjbHu1PJBj29tmqrbTG3egxkDbmaqtKHpX6o93vFJb9Wu4wZEuV22vD22brdrO9rVteb2V++nk5hHnDoBDMJkTrfY/25+1P23/pn27/fbED176zktvtDL+9/HvNqfH3my8Ufwln+YXm+//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAg3vw4Ud35jqd+cXhlcbOTXtU9hp5W6Wov57nQNs6xEoryWGMM7F9nPFywbHvTnvP3Vn/ZXLsee59ieDwPr8vK83sZ8Bre/X5+EARNpKM9jw8vspYhp8AI74xAUfu0tLd9y89+PCjby3cnXtv/r35e+NXrlydvnrlrdlLtxY689Pdn6OOEjgKmw/9UUcCAAAAAAAAAAAA7NewPww49/Jh/A1My/8sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7F9QtpPkyRmemL0+X82upsp5x69c2ezSSNRlL8PCkeJdfSnTLZN1yRPz3K+pDtfLJw9d3PH699sTlWs9s/adTlM1ipp0wlGavLwxrvxjOPV/y7t4dlws73Egej9t8AAAD//7+F964=")
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1, 0x1b, &(0x7f0000000680)=ANY=[@ANYBLOB="18110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000182100", @ANYRES32=r1, @ANYBLOB="000000000100008018160000", @ANYRES32=r0, @ANYBLOB="00000000000000001857000001000000000000000000000018400000fcffffff000000000000000018310000010000000000000000000000180000000400000000000000d533000010490000feffffff000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600"], &(0x7f0000000280)='GPL\x00', 0x9c1, 0x58, &(0x7f00000003c0)=""/88, 0x41100, 0x27, '\x00', 0x0, 0x36, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0xfffffffc, 0x1, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000600)=[{0x1, 0x1, 0xc}, {0x3, 0x2, 0x8, 0xa}, {0x0, 0x1, 0x0, 0x8}, {0x0, 0x3, 0x8, 0x9}, {0x3, 0x3, 0x5, 0xc}, {0x5, 0x1, 0x2, 0x8}, {0x0, 0x5, 0x1, 0xb}], 0x10, 0x5}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, 0x0, &(0x7f0000000100)='.dead\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
memfd_create(0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_gettime(0x0, &(0x7f0000000040))

3.223244794s ago: executing program 4 (id=2156):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001740)='memory.events\x00', 0x275a, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)={0x70, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x51, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1}, {}, @device_a, @device_a, @random="a5fcc8639e98"}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @void, @val={0x4, 0x6}, @val={0x6, 0x2}, @void, @val={0x25, 0x3}, @void, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @void, @void}}]}, 0x70}}, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000140)={0x40000001})
syz_emit_ethernet(0x4db, &(0x7f00000001c0)={@dev, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x4a5, 0x3a, 0x0, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xe, "7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca58197441e0e9b3400d983b10420fa979a3"}, {0x0, 0x3, "1598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931f"}, {0x0, 0x1, "d429145c793e823829"}, {0x0, 0x7e, "130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9fe26ec3118d9fdcca129d1269b290f687cde5b4eaba737c806335ca0d1e43697d144c6df4dc0d31e84004bc22e87b6e2daab5674479c76a1be360d309e7e7e5fa089032b331a3ceea18d92124681c0b78a0f1665ffcba0bee11950f6b4912bb302b3e648fad7ff4862ccc823e720fdb20af8ab0a6a09dfcdacf69923d60a0efeacf81e1e7e17db9547a4962bdec794c013af7210e54d43f3fe7da2f88c674f4cfd818f6a7461368bf62f1d5f98fd9394eb74bf0559f1c6b1ebec57dba007f143108ca4be3fa330cc21a411b0b7af23ebd9282be17fb702a5ca61650b283eec78e0280e4f2713b42bd4e3615c48c55c1abe5827601038109736f9c6b7242e7c9c917309397b864eedf5ca71db1debb609b6381b54955706017731319e0cc41083f99bd11da748b47d8715080899eb15caf19df36632b73bb22596b8e16186a2e51e277f8c78df609ca44a83914e8f7a8b053210573941b560ff8b114326678c6851c74596300b1c2a1ddc0af5b4cb5f15fa61e42214341368152275070973f3063f35fded9eeb535a0837783921dc2b705e0a0ceacca1882ff23813bc9199a9be39559c9f82a7452ce6113780cd7d26f532b72603afbfe994f5baf7257c9a33b9ac1ecd0b69da263daa9ac7e6a8d4400341926ed1f0c0e9086009c7945c0b255716f5b0dac45a9af480dc1f17beba2a2cddeafed29ecc91ce704895e28d0c46e639591c667a7f34500ea98ef557801dccf733fa61f3cf6740e40418745a42a738440ba9fc2ec415ba0fbf34800e6987b902302d552cf869eb350a9a862cd946f8285b03f03067dc9bae653dc701d97c7e6f7c1f0767624ac9e48b041c51697968b1e1733921270e569ac0b1ac7c25d00936ad05f14d67d3225d6a8cecd9fb63205ab14131e2e742977860e4a38ec056cda185aa357a059d0180056816a7902bdc0951253005099039bd945a6a4e525123cd4fcb8c5b335626464707fc21e92039b9190020eb9ef84c61cddede466a4c3ea2572927153997c33433ce9de0a7d2ed0b5fb0dce9cc6630bd0635a66be0cb490689169618184e896233d49b8f0e0717ae5d557333d54887ed8d983ee01091326af86e76583131104c66753efd58c32e499be23a05249b98e505c4c0237e2e70506fed29a33169d02b74ba5cbefad267e1107f4468e1144ece9656d35b88e405405fbb1438510f0395752c61e57e760de178a58a8da65040946656220817732fa0cd36189027287597cc5ebe709ca9d9a507babd39f1e56a37657326c7ffb654c"}]}}}}}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000240), 0x3af4701e)
sendfile(r10, r2, 0x0, 0x10000a007)
ioctl$BTRFS_IOC_SNAP_CREATE(r1, 0x50009401, &(0x7f0000000340)={{r1}, "7d98fda4f5d891597fe1af4491a31813729403613108992a15d101a9aa5cebe3ac81f706480994bd8f46dc04afa8c2fb1c0c80d0bd31a3b2132babdb963acafc84379bd5ae776663b5fcb43155265eb40afae1a5089d59b64ef428a5eda427f2ad54cbbcee679a7d857342edaedefd72e7fbaded96a959a04e32eeb4ed934c73b8bd27ce7ce12967d16c0b2fe5c20a0e9dd652538f76e5d87e6f8bb77dce64d8890228f0b244ed947c1ac51ebce9aa3b9f6f68282e7d1d8b1d3bf6700922541cf3feac146628a3df3c1e62f932fd953721d298dcd92093e965057dc0bd40db77546125d1f4acc87509487f08b2687d1c39fea849c16f0696f524775484318b696e9d9716100f2249f89ea653c3765f26ebf676db97c5de2e649c034c82a875ad961587ef86907d0d5ef5eba0c5c317be7cd83b475eb9955eb152fa759ec4dd4cb15fe25bb658935e07f068f5e7d57b6648817ff543b430f6801cbcf1284f579ce818222a08d29002bc9bfa2d321f67c3ea896cd329316bab7bad9ec54babd4aea4c0a51062ca68497aa9bd066b28f50d076a3276b9be727f03bbae733480c77f855f2ae2c64380b3779cc1409bda3dd86ef29573a60801a339b3b0f4b39ac865eb06f5bd8496530436db16db1f2649a12ae4ccef9dce2b007593bf6cb980ecb4d28929ee65c44eff125cea22f70a3a3c447eb3d84e9a0b8c96458d6739eeed99dbe85037ffe2843e0d7758ee908c181b63ebb763ca2460addc66866d5777a9e218911c2cbbd8d7c895d90a805ddc0a6258789c19ca0681c0a42e164496590c4883539d4c69ce00a8e39ae9080b432033361e3918903182df46bfd9b929ce69f8ff452674cdd50eafd730604d944062c930eb7a5333a1fca5d4be44a58a1e031444e28fb5dcbeeefaf157b24d6e0da7f0bb24916241067d7b742685544036247a45a340e1ee2022277cb7ec04999235d2796704337f1ffacea79f42afe4c3cceb2c3aaf83da408586177ca05ed2b10db06199f48b66de37a136248f036f6c99015f52b249d0c736fc6d80c3a42ec38e8a8b24ddb9644a9dcd6f9e1468f15ce3c33f6d6e651d3b2e88a65b644a51e42a8d0943107eb51c6da27a03e76210e4a80c1910ff1e8c6e039dcc3f5fb86bedaecab4b16ef54d4fc23dcd1299c7c138545fc37d4991c5927b8a092337c9ac147646462b9c5ebb6f65f5cc5aee6e3997ac8ed1ce354a27b37b7b7eec139d2f88f554ef7520bd39ac03724cdb7ce2f60aedf9deb7db00e4b0ae5a9abf5e0968a1dc7fec8029ee6e711da04deccc51124b5a594f9d8047bbd564846cdd1b6d2abc9d6cfbc49883961e16a34338a91454f02e1dea9b920c050f22b669a2cd75ce4b86b774980dd9b545ec0134b641eb09a65fb17106aa5756ce27b24bf42bfb2c6579a16c91c96c0842473ab71cf3f725f54214e9b507a3fce4fe146a30deaf422e3452b6d4e0146e1fdf683b575017e51a491694fe0195150821a47d90df07885a86d3f1e6ff9cedb76f78308bab183958a18153de9fd3ba9b4ed59ab83590d2fb7599dd7656972bd11e11cf978b71b89aad512e96629c413fae726c25487ffa52b2107a8932006e876057e104596b15d96b0de60ba1dc951175984b565cd9bf006c46717bd1a60665715289b103f56274e960d28acc92bd6e1a003a36f4d894337f917788b611793eb4aa444696443b93b49cb221396658a4ceeed4a4863e55b7b95f0965efc5ad02b5f674ae475794d25fcb99044eea97a340de58e703aff9b1961bd60269ec5dd34a9cd8d0486b3251dfbf45ac72b78d2b6ac4f1a4208d8a5ac7bc7beee987c3f6b3a6b3ade0c2720f19618c6558bb55f4a6f7e4dbb522c8f2cbabaf898967734da957c80d944e73225ce526a430cf6424b3dcf9f430d9dbc8e22da63097031e5769bd73ae2027ecb5beb4074bdc73d35a59c56d33e1dc55e228b7953f1518b9aee1287654875963a35ecc2079a7be6e71242c9740bdc559c4a320be5401ef2b584e43abe51e1d12145f30c3bb0c963882ef7a76c17ab009d8ba2f8b6fe888022263e65a28a42e6f41c15160add3ddc4f4b9329758e3c6cd30e8a311d2de72135c171aca50877c4843b09817e565d3765b5d50b6d3b7b0f870514c4bc3f2bc5cb4448dca253916fb530ae6b9574924c1c257b679f43d7228cfbdda83de2f09d6a3ceaefc9ab9747db977b2580dfaee96e5ad1d498022ae0df8c68efa993e0d0141f5dbad25c7bfc928a43cb159e0e0369afff54bf409c0b3edc4c877ef103812ab5e6bf8eceb55cf1edccce2add494e81d6bd3ee515d625521087589e75f4a93b3c2941cbd4bc7f69ff8bdb596d42a20da525fb9565c0fb4ea774fb31f169475ddea55b84258f61dfa45f7fe5d27bc8a7a2de9fbe176f11887ae3ca71a5238685793bf110132334bb729e8c6ee0c29c8b095d00ca3a89f8022513bda92ad4165254c9a37f1c3f9a0393dceafb2ae748488f56371262a477db5892213e88b6c39e7aee601bac91a24e2d024d61856af2a76b47ec4bffdce497ae5826f6f69c362766d9cfc10397806dc6b70fbbd4488ada492a35282d80f2b3718801748d3a7f04bdc22cb91d8b6816dc35f924884d6b1411f4ec3b1d5c07060447b3e1b453eb38036d8c594603b1193ac0974eaa79d637d6f4f0f197a75af97da58bacc34978a9bc41f80ce13d0726f8394dae2a3b53e39aaa670d1e014b9c14aa8463ffd4777ca321b6d4da5cf3210d09df3e3ef7ab928bae449e81b34beff28eb2896614613f338a0971b0863a7d73cb588838e2692c11d00f2f3de8715746ebe28db06c6d8aad90b2493fd0b42dfef71b582501cb38a52e3daf4b61cbd4459fb22b1a2daccd3cba14890443c5bdde64ddd207fc4ee286224a77c6bd3f2de125c93bfa058d28e5d0fa769ed6d0f0acb452f424c2eb81ba804f4e0d707a8ee807c42da2f58e4c4bf5cf3daff2152dccf2f667d1b49034d9c92f68241d027d2b90f228404e08af5cfea73fcc7d0147b46fdd2883f06000b37b0cd0307880bcf6d30e7a3f37e41322b6ceac98df72e27493266b5bacb7d38b80d9fa27d21c838fd7e2e18efa4f7341457cc3790a93d5efefb01261f34e177bf7e10760d59bdf6d8478d041c01261794b3d1353eeb539bcc0a99fd2a49637fc726f1f57e5e85af4cc69de8ce21d9545639be3ebad5260e312455fc0527a02b09926180a3b1f6b92fa291cb17c5f99ee00a2533ebd317033b58594a6d2c54f9bcc682be825dc40a1a8d673059e71b82e77326daafb68b1cc7d84ba0e96909675f69b24f086e906146a6d7dd84b25304b6e0f5b8d97740e6bc302ff14eb3e0d92731831e217cd6dcffe318f1ea5531b1349d4cbf9c65b3f8f78f2878342f563f7494a971ca104bf9fdb66c3c4ba27d6da733c0067c0d65763f69ed2c2ca022d3d57eefc3d8b92f47a8617a395dab17595a849e7759fe8e8c988fc6b2eea1e51682d709a1f7010981d93c164764d3b51850851270b21fec6aff4c3134a2807e9666a4cc4baaee822df387d6ce94b5e5279e47f505c5f0ce084427a8409d0c5b83fbc70b9e53749770b6776452437df1d34777df0650d5c1c65723868146d0eeb48229f34167a9d33fef64eeba9080208c9953e28b22293401c0a211f556eca83983da670461c52af9dbefb35266c213e27283fcb05b4b4d7fd3fb2827f9373ca5e890d4acd497bb99e2dee1d1cc1b86ac7b70c2c75a7d59bd29dd0497b5d97d93d6dc19b7938f44c5548a4fc9d106beb34f1cfd97dfda1b173e2df9b96a03be25729c14970e25fbe5f382431d841065e230c958eee42b95ff760edf968360f9b3eb5106e04880d1489cbb14cb927997b500f6d4d0710c7c507eacc4564e65deecc81d8819f8bdee599be7f025b2e3b2aa03516d5a43d915cc605a3c919a11ed9e353eea73278e28cb86723f98e4944170dbc7fe9c4790d2956cb89e838725f5b15157eded600ecb9a0ee427a3826ce78267535e312cba45a04a88611804f400e8b38b4860eaa7d981c75d8ae0173040ff73411921da87d45b1e30ecb97907ed1c75d4049f6152057d2264c73fedf3d51cb00ec4bf7fec9af6f13b294efe20144273fe2f44241f87744b910d5d7ed15b6507fcb6c96e1eac0c9ea02b3832da6d1d1c026b06056f3b62bd160a7d6bbd0874066754ed0e4e0bb815237392d164ea8c14b4e77a6bbb0794e28f00c9ebb5122d513811a345fc78c8d7c43448fbe9b90b49aa689ee0bc057a06ebe80ff9cbd28620882404275d342dc289131cc5d5b78828f21445137220be2edb94993db16a4822d4b64372b61ac15b4d252e39caabc347e468f69d5111acd1830003563c3d453664c7a00c4c78cbe64019ca2301034e26349e091fafe839272157f6cee91b9e2fa8910e50b8b01da8709e28ec72b33cc67ee06c9671f88ad382832f376ada349454db557523185ca0a8e50d10dba85846a34f2b69532c895be0f6b9cf1fadae965589516e592147165c866449270bde406e00188f981787fc52f291fa45bde0a119b2c75153ee0e5ee63e04b4a863f005da142984c9e8ed96f7f440ad571165fcd77b42f7c5793071e626b6a26948e80a6befa4338ac1cd53278e054fb99c082846414779fcd344a700a45313b8f144223420322a224327b006a6982d2bb8e85281e1f971a97197cd0d7218fa3665569929b4ffc443feb77c7018b8a7d180acba1cb5da021aa1905995da4e6835290662bf7ec05dfaa514b3d765ccaed6ac069f938ee1e2357c499363b3f107bb8850dc191cb99c79843690e80883bc2ee28f03c51b27fc6907644371060b552c1c2c8c81423b6340bd2740c84b687af75e10aba5d47ce6aef37612bdf9fbadd007603adfb574f948dbe9a5a13c9e948a277e205990da9f63f436b8e80c6b98e86232b5a6b9131956d1107325252cf88ac514fec99a93151fc0da29c046f360c19a84632c1ca0627f39c4c27f44a588fece50e4c1345ec2df96606d7f5fc0e0bdd7b90a944d47b6b45e915bb27d10111b2df7ac76222e8135da594a249877fd18b7cd9c39fb4cb5783d5426cdd75ecd0c64b68eabcdf9fb3c0cd67cb0b914a160ddc95622bb95960894a87b42a5d31a3abb4a8f87c4a51e9228689dc6f42ba2665ed5f8b3d9a15403f3aa2427fdf0a37203ab24935d8e6fb63adf83b616424d68f12a746cbbb9790e15d8e743745d479372529054214e87dc0ca3675a926f6a7d4584444aaff42ccfe71a9869b3c7e5c96e3709cbed062ca966845944c9291048c6edfd00c5264c97eec8b83c1843d6731cf68790fb2e3632b271b958323607a0e20cb74ef504e641a81cba207915120e7031d9ed7d8afa83c7502148e48dcd93dd0fbee5d9c3f7da6793b25f1059059d9d78d3bc5b9e9ba5c2bc7799b732b9750b32d2c09fa7f86a2371503f6445cf0e7eb4a4187cf3122ea9af3b4d8379c716f46e217e4f0084bc0960fd0ab608cd3e680510986a34926a4d3ca82095b88b0b7fdd7eafbaeec762bad86f445f22565a4eb157daad4a4ac59ac0b8973ff72608c99dd4d99221d26e6eb6509c6ebd14cd14ac462946bed31a9e6f6ec192dc927199d4110e157f492df0bf7bcc2640451683e418d22c9229a8187a7e4b5abb826d1a4b502685897fb0dff76c62c78657f2d8cab21828c28f53fc3139bf476d70f29fa978c9cc5e6ff359f33905c1ad2d66b08eb18ccbdcb2d9b8bad9b41b27e51a6faa108f6176d3d56c6df15ee77818f411fd684e"})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000640)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "1111ce", 0x8, 0x0, 0x0, @local, @private2, {[@srh]}}}}}, 0x0)

3.197447576s ago: executing program 3 (id=2157):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x6a, &(0x7f0000000180)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @private1}}}}}}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f0000000b574e69392bf85edacab30000420008700a84a9c4d4ae001fde2f2ab5c199f31cc2a8d2df7790b4e3d087472e7671b70ea130860584c6080fa190b12c72b12f68d1270747343453001dedf1e33a743c0bc066318144274ed08aa2a24c4d475a4a9264a08905794c9d8f923388a23267a85be2889cc0edb6599de191b5a2875185"], 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000000140)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = epoll_create1(0x0)
epoll_wait(r3, &(0x7f000000affb)=[{}], 0x1, 0x7fff)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r3, 0x40047211, &(0x7f0000000080)=0x4)
mmap(&(0x7f000000b000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x20000007})
r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2)
ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x3)
ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0)
syz_emit_ethernet(0x0, 0x0, &(0x7f0000000040)={0x0, 0x2, [0x3b4, 0xb03, 0xbb6, 0x146]})

3.15838264s ago: executing program 2 (id=2158):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000780), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000100)=""/76, 0x4c)
getdents(r2, &(0x7f0000001fc0)=""/178, 0xb2)

2.896686932s ago: executing program 2 (id=2159):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
setresuid(0x0, r0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)

2.275162903s ago: executing program 0 (id=2160):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000080), 0x4)

2.233845886s ago: executing program 2 (id=2161):
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='timerslack_ns\x00')
write$cgroup_int(r0, &(0x7f0000000080), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x4}, 0x48)
r1 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b0001010000000904000012020a0000052406000005240000000d240f0100000000000000000009058202000200000009050302"], 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@private0, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@ipv6_getaddrlabel={0x1c, 0x1e, 0x1}, 0x1c}}, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f00000004c0)="fe522e2e3c9a2db437be20d892967dbed9da673848fe0eb33b643b4f30eafd97e9d1b32d0684ce1a8d420de8a51db6d8ff12889f08cfbc51661c7525af638ab8e397de88a5f4805b981dea7a2ae52bae8c90d88991400990ccaa", 0x5a)
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000240)={0x14, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

2.012588204s ago: executing program 4 (id=2162):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x41, &(0x7f0000000000), 0x4)

2.012174364s ago: executing program 0 (id=2163):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.94854221s ago: executing program 0 (id=2164):
socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
timer_create(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
write$P9_RSTATu(r1, &(0x7f0000000280)=ANY=[], 0x239)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001d80)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e6185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f659cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c61a137462c7f2539479f49d4eb2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc16e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c0977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6040099d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663dd472021d202eedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe3594d4a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed180d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35f267632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbd"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
r4 = dup(r2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_MPLS_PROTO={0x6, 0x4, 0x806}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
userfaultfd(0x80801)
mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2)

1.82168009s ago: executing program 4 (id=2165):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180), 0x4)
pipe2(0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x4)
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
lseek(r0, 0x7ffffb, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0xa)
r1 = epoll_create1(0x0)
dup2(r1, r0)

955.836442ms ago: executing program 4 (id=2166):
io_setup(0x6, &(0x7f00000000c0)=<r0=>0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x1a1081, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000001500)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000100)='9', 0x1}])

228.539932ms ago: executing program 0 (id=2167):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
write$sequencer(r2, &(0x7f00000001c0)=[@x={0x94, 0x9, "c3e023e70b38"}, @raw={0xfe, 0xc, "b177389b33ca"}], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56741, 0x1, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x21}}]}}]}, 0x48}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r4, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002900)={&(0x7f0000000240)={0x28, r3, 0x1, 0x0, 0x0, {{0xc}, {@val={0x8, 0x3, r5}, @void}}, [@key_params=[@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]]}, 0x28}}, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
r10 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip6_mr_cache\x00')
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x7ffffffffffffffe, 0x3ff})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r12, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x50, r11, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x50}}, 0x0)
preadv(r10, &(0x7f0000000040)=[{&(0x7f0000001280)=""/64, 0x40}], 0x1, 0x800000, 0x0)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r7], 0x40}}, 0x0)
r14 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r14, 0xc0d05605, &(0x7f0000000080)={0x9, @sdr})
sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r3, 0x2, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x20000001)

163.783527ms ago: executing program 4 (id=2168):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x7fff0000}]})
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00'}, 0x10)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e0a406020"], 0xd)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdir(0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc, 0x5, {0x81000000}}]}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[], 0xd)
socket$inet6_tcp(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000240)=[{0x1, 0x0, 0x3}, {0x8c, 0xff, 0x1}, {0x7, 0x0, 0x0, 0xffffffff}]})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240), 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

0s ago: executing program 3 (id=2169):
syz_emit_vhci(0x0, 0x17)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
r1 = open_tree(r0, &(0x7f00000000c0)='.\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640), 0x0, 0x0)
ioprio_get$uid(0x0, 0xffffffffffffffff)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000480)="ce153190ad2ef50ecd6791a90717cbd326404da89188518edeca49c337ba725e895aea60cdc8812da89bb921c5578493635af06f6b0f7f2480da419d801e801023865623a71179038587a0b25170ed34092ffd5f4cce639aa7d37526ffaddcf7c1f5463855f78ebadb13359d0be766c261c76c3c1fa93c2c7621247db50cb53b5eee5155f432029399e5c3989d35dfa48d3957850589e1bb3aba254e1f92ac1b6016158040f64d49d911d2838ba912dbacd1836e0f8cb89d1889b89e", 0xbc}, {&(0x7f0000000540)="29b43af6dbba745d5aefb47a18315f0a7d29dd9bae7b9a6cad40e5763fa094e9df33d2e0f6005dbbf0e9d220e3e5db4619de4edb48dffa40d89d6c3addca1842b39704532127ea6f58dc719f51aef6f6d51473ac833af3e4c808e645a931c3acbfe879a94a7cd7a831ff441dbeb4c06efe46f500ad16b4bf8890c73e22ca", 0x7e}, {&(0x7f0000000780)="0230233a762bdfc9c10e1d2c13e788bf8a0f5fe3b6fbeca3d0b4e033b8c70024f8b4ee87cb8820d07ab7ced6473faf37cbc46e7c3c94f981dcea25b12faa3a00e2776fb2aca2cf34baf0b7209792ab10f34d8e797261e7427eeed1b0efa02fc5dd746d922a47b9ff347356357d116ba9af39508922f4612023d8fa5efc0c", 0x7e}, {&(0x7f0000000f80)="46a417c6d0c520d8cf5ca637e335a986752a2a3ac91c88bea2aea5d8962a7eb557f84f4c7ef95a511175c499677ae7e607f00554255b4f1a90ec60afd026fe1a14085fa78c2892edc675f5ddd769279ca193974a78eabd8b79bcfdfb80b447a229bb2f69aa93d97265eb62a9c693b54bb586d4bdc547662ab66fceeaf08104952d596887a75113cd713b899a86731cd1a392dfd6dbcc026a46bd228aa4a356d5bc9f0d12ac09ba0b615de74a849b2665465d9e0f1c17ff9ac47b0590b99e3991b5243c44bdc1a21c950beb09b43e9e5bd2e7da", 0xd3}], 0x4}, 0x4000810)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000002ec0)=""/4096, 0x1000)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xd, 0x6b3, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvrNdbb6iC0yZthApYiVSQIhI7VgrhQkAI5VChqhw4W4nTWNkkleMit0LgAoITEof+AQXJN05I3IPCucdeLU6VkLhEHCIuRjM7a6+965c4tjeBzycaP8/M88wzv/nN2+461gb4v3X9QpoPU+T6hbeXy/m11dnO2ursS3VzJ0lZbyTNbpHiXlI8Sq6V7UXflL5ywCcLV9/9/PHaF925Zj1V/Ru7rTfEkL4r9ZSpJGN1OWh8v5vYMt6NJC8PdGntd6wtHcukna9LGLn1ASu79P7HyW0Lnua6BZ4zvadT0X1uDphMTiSZqF8HpL47NI4vwqOx210OAAAA/ld8dn/UEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCLp/7+/6KeGnWZqRS97/9v9ZbV9Rfaw1EHAAAAAAAAAACH4OtP8iTLOdmbXy+q3/mfq2ZO5z/ryZfyQR5kPou5mOXMZSlLWcxMksm+gVrLc0tLizMba5aGr3l56JqXj2uPAQAAAAAAAOAF1t6x5Ve5vvn7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeB4UyVi3yHqS0xsNK41md3Fa3QVTXxtZkAdTDFv48PjjAAAAgGcycYB1vvwkT7Kck7359aJ6z/9a9X55Ih/kXpaykKV0Mp+b9XvoVpLG2upsZ2119m45DY77/X89VRjViOl+9lBteePNem/LZ6se7dzKQrXkYm5UfW6mUa1ZOtuLZ3hcH5cxFd+rDcTQHBpZs05rubE/7PQpwqF42o8iJuuQexmZrmMrs3Gqm4EiWSkXbc/EnkenuX1LaWR8Y0szafQ+BcrpZ8r5cCfqstyf3x5pznexMmzhRiYaqTJxue/se233TCTf+Ouff3q7c+/O7VsPLoxklw5ibIfldSZ6Z1hm+zLx+gudieH3gZ1NV5k4szF/PT/KT3IhU3kni1nIzzKXpcxXn6eW5urzufw5uXumrm2Ze2evSFr1cekes/3ENJUfVrW5nKvWPZmFFLmfm5nPW9W/y5nJt3MlV3K17wif2THuat+qq76x/arvHem/DQ3+/DfrSjvJ7+pyIAe1lfWunc7Ow9K995d5PdWX1+6d8PFGr1N998bpviy90svO+NDBD3JvbH6lrpTb+HVdPh8m60yUF1DvKdGL7tVuJprVs2jwPP9jdW086Ny7s3h77v0dxt9+Q36zLsvTavWr+41y/BieJ+X58kom6jvJ1rOjbHu1PJBj29tmqrbTG3egxkDbmaqtKHpX6o93vFJb9Wu4wZEuV22vD22brdrO9rVteb2V++nk5hHnDoBDMJkTrfY/25+1P23/pn27/fbED176zktvtDL+9/HvNqfH3my8Ufwln+YXm+//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAg3vw4Ud35jqd+cXhlcbOTXtU9hp5W6Wov57nQNs6xEoryWGMM7F9nPFywbHvTnvP3Vn/ZXLsee59ieDwPr8vK83sZ8Bre/X5+EARNpKM9jw8vspYhp8AI74xAUfu0tLd9y89+PCjby3cnXtv/r35e+NXrlydvnrlrdlLtxY689Pdn6OOEjgKmw/9UUcCAAAAAAAAAAAA7NewPww49/Jh/A1My/8sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7F9QtpPkyRmemL0+X82upsp5x69c2ezSSNRlL8PCkeJdfSnTLZN1yRPz3K+pDtfLJw9d3PH699sTlWs9s/adTlM1ipp0wlGavLwxrvxjOPV/y7t4dlws73Egej9t8AAAD//7+F964=")
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1, 0x1b, &(0x7f0000000680)=ANY=[@ANYBLOB="18110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000182100", @ANYRES32=r1, @ANYBLOB="000000000100008018160000", @ANYRES32=r0, @ANYBLOB="00000000000000001857000001000000000000000000000018400000fcffffff000000000000000018310000010000000000000000000000180000000400000000000000d533000010490000feffffff000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600"], &(0x7f0000000280)='GPL\x00', 0x9c1, 0x58, &(0x7f00000003c0)=""/88, 0x41100, 0x27, '\x00', 0x0, 0x36, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0xfffffffc, 0x1, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000600)=[{0x1, 0x1, 0xc}, {0x3, 0x2, 0x8, 0xa}, {0x0, 0x1, 0x0, 0x8}, {0x0, 0x3, 0x8, 0x9}, {0x3, 0x3, 0x5, 0xc}, {0x5, 0x1, 0x2, 0x8}, {0x0, 0x5, 0x1, 0xb}], 0x10, 0x5}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, 0x0, &(0x7f0000000100)='.dead\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
memfd_create(0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_gettime(0x0, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

8636] vhci_hcd: connection closed
[  398.786477][   T42] vhci_hcd: stop threads
[  398.786497][   T42] vhci_hcd: release socket
[  398.789793][   T42] vhci_hcd: disconnect device
[  399.112107][ T8648] loop4: detected capacity change from 0 to 2048
[  399.167805][ T8648] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  399.173417][   T27] audit: type=1800 audit(1719948521.322:35): pid=8648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1416" name="bus" dev="loop4" ino=18 res=0 errno=0
[  399.290752][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  399.372051][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.372139][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.377081][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  399.519030][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.519122][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.523677][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  399.535760][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1419'.
[  400.642895][ T5577] usb 16-1: device descriptor read/8, error -110
[  400.724748][ T8675] binder: 8673:8675 ioctl c0306201 0 returned -14
[  400.763842][ T8682] loop2: detected capacity change from 0 to 512
[  400.800583][ T3628] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  401.064051][ T5577] usb usb16-port1: attempt power cycle
[  401.126700][ T7667] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  401.366488][ T7667] usb 3-1: Using ep0 maxpacket: 8
[  401.591907][ T8696] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  401.627209][ T7667] usb 3-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config
[  401.881228][ T5577] usb usb16-port1: unable to enumerate USB device
[  401.895372][ T7667] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  402.066516][ T7667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  402.074825][ T7667] usb 3-1: SerialNumber: syz
[  402.127181][ T7667] usb 3-1: config 0 descriptor??
[  402.165917][ T8701] loop0: detected capacity change from 0 to 2048
[  402.174970][ T8704] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1427'.
[  402.197490][ T8705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1430'.
[  402.271579][ T8701] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  402.406449][ T7667] usb 3-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  402.413461][   T27] audit: type=1800 audit(1719948524.562:36): pid=8701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1428" name="bus" dev="loop0" ino=18 res=0 errno=0
[  402.444014][ T7667] usb 3-1: No valid video chain found.
[  402.480686][ T8713] loop3: detected capacity change from 0 to 2048
[  402.487112][ T7667] usb 3-1: USB disconnect, device number 15
[  402.559792][ T8713] UDF-fs: bad mount option "uid=¥Sød
¾]O¡ôñЂÖD¢bœè18446744073709551615" or missing value
[  402.578964][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  402.599284][ T8718] loop4: detected capacity change from 0 to 64
[  402.853868][ T3555] Trying to free block not in datazone
[  404.104880][ T8738] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1436'.
[  404.167650][ T8739] binder: 8737:8739 ioctl c0306201 0 returned -14
[  404.245272][ T8738] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  404.251844][ T8738] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  404.315519][ T8738] vhci_hcd vhci_hcd.0: Device attached
[  404.410083][ T8752] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  404.717808][ T8742] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  404.726713][ T3705] vhci_hcd: stop threads
[  404.733662][ T3705] vhci_hcd: release socket
[  404.819060][ T5577] usb 14-1: SetAddress Request (11) to port 0
[  404.874203][ T3705] vhci_hcd: disconnect device
[  404.877203][ T8733] loop1: detected capacity change from 0 to 2048
[  404.914013][ T8733] ext4: Unknown parameter 'nouser_xattr'
[  404.936521][ T5577] usb 14-1: new SuperSpeed USB device number 11 using vhci_hcd
[  404.954197][ T8750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1441'.
[  404.966771][ T5577] usb 14-1: enqueue for inactive port 0
[  405.008188][ T3628] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  405.204319][ T8759] loop4: detected capacity change from 0 to 2048
[  405.316787][ T8759] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  405.345710][   T27] audit: type=1800 audit(1719948527.492:37): pid=8759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1442" name="bus" dev="loop4" ino=18 res=0 errno=0
[  405.387349][ T5577] usb usb14-port1: attempt power cycle
[  405.482937][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  405.601870][ T8775] loop4: detected capacity change from 0 to 64
[  405.742238][ T8778] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1443'.
[  405.906712][ T3555] Trying to free block not in datazone
[  406.027109][ T5577] usb usb14-port1: unable to enumerate USB device
[  406.187129][ T8799] binder: 8795:8799 ioctl c0306201 0 returned -14
[  406.193352][ T8798] loop1: detected capacity change from 0 to 512
[  406.197194][ T8800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1452'.
[  406.303856][ T8798] EXT4-fs (loop1): 1 orphan inode deleted
[  406.322270][ T8798] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  406.332272][ T8798] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038 (0x7fffffff)
[  406.410773][ T8810] loop3: detected capacity change from 0 to 2048
[  406.460544][ T8810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  406.497421][   T27] audit: type=1800 audit(1719948528.652:38): pid=8810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1455" name="bus" dev="loop3" ino=18 res=0 errno=0
[  406.548963][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  406.563101][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  406.711257][ T8819] loop0: detected capacity change from 0 to 64
[  406.740033][ T8823] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1457'.
[  406.789710][ T8823] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  406.796297][ T8823] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  406.833531][ T8823] vhci_hcd vhci_hcd.0: Device attached
[  406.840082][ T6768] Trying to free block not in datazone
[  407.136390][ T5577] usb 12-1: SetAddress Request (7) to port 0
[  407.142579][ T5577] usb 12-1: new SuperSpeed USB device number 7 using vhci_hcd
[  407.155255][ T8828] vhci_hcd: connection closed
[  407.155548][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1465'.
[  407.157709][   T11] vhci_hcd: stop threads
[  407.194771][   T11] vhci_hcd: release socket
[  407.208536][   T11] vhci_hcd: disconnect device
[  407.235327][ T8849] loop0: detected capacity change from 0 to 512
[  407.285743][ T8849] EXT4-fs (loop0): 1 orphan inode deleted
[  407.321711][ T8849] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  407.333618][ T8849] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038 (0x7fffffff)
[  407.361980][ T8851] binder: 8844:8851 ioctl 8912 20000540 returned -22
[  407.411894][ T8858] loop2: detected capacity change from 0 to 2048
[  407.449712][ T8851] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1466'.
[  407.494836][ T8858] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  407.529588][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  407.623757][  T102] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  407.716968][  T102] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4095 with max blocks 2 with error 28
[  407.783980][  T102] EXT4-fs (loop2): This should not happen!! Data will be lost
[  407.783980][  T102] 
[  407.805617][  T102] EXT4-fs (loop2): Total free blocks count 0
[  407.826050][  T102] EXT4-fs (loop2): Free/Dirty block details
[  407.836307][  T102] EXT4-fs (loop2): free_blocks=2415919104
[  407.845625][  T102] EXT4-fs (loop2): dirty_blocks=32
[  407.855923][  T102] EXT4-fs (loop2): Block reservation details
[  407.865816][  T102] EXT4-fs (loop2): i_reserved_data_blocks=2
[  407.893508][ T8353] EXT4-fs (loop2): unmounting filesystem.
[  407.910411][ T8878] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1470'.
[  408.010227][ T8882] loop2: detected capacity change from 0 to 64
[  408.160034][ T8353] Trying to free block not in datazone
[  408.874226][ T8895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1479'.
[  408.944169][ T8897] loop1: detected capacity change from 0 to 512
[  408.965358][ T8897] EXT4-fs (loop1): 1 orphan inode deleted
[  408.971593][ T8897] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  408.981484][ T8897] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038 (0x7fffffff)
[  409.021136][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  409.066455][ T3591] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  409.111361][ T8904] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1483'.
[  409.146659][ T8904] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  409.153248][ T8904] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  409.182669][ T8904] vhci_hcd vhci_hcd.0: Device attached
[  409.189545][ T8907] loop1: detected capacity change from 0 to 2048
[  409.257028][ T8914] binder: 8909:8914 ioctl 8912 20000540 returned -22
[  409.258813][ T8914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1484'.
[  409.275219][ T8915] loop4: detected capacity change from 0 to 64
[  409.282589][ T8907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  409.360842][ T8905] vhci_hcd: connection closed
[  409.361145][ T4711] vhci_hcd: stop threads
[  409.371151][ T4711] vhci_hcd: release socket
[  409.376867][ T4711] vhci_hcd: disconnect device
[  409.382556][ T4711] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  409.399151][ T4711] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4095 with max blocks 2 with error 28
[  409.399201][ T3555] Trying to free block not in datazone
[  409.411857][ T4711] EXT4-fs (loop1): This should not happen!! Data will be lost
[  409.411857][ T4711] 
[  409.411987][ T4711] EXT4-fs (loop1): Total free blocks count 0
[  409.412004][ T4711] EXT4-fs (loop1): Free/Dirty block details
[  409.437354][ T3591] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.442216][ T4711] EXT4-fs (loop1): free_blocks=2415919104
[  409.460208][ T3591] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  409.473832][ T3591] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  409.484683][ T3591] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.494410][ T4711] EXT4-fs (loop1): dirty_blocks=32
[  409.501539][ T3591] usb 4-1: config 0 descriptor??
[  409.509228][ T4711] EXT4-fs (loop1): Block reservation details
[  409.515439][ T4711] EXT4-fs (loop1): i_reserved_data_blocks=2
[  409.527826][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  409.988663][ T3591] plantronics 0003:047F:FFFF.0014: ignoring exceeding usage max
[  410.001668][ T3591] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  410.015384][ T3591] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  410.305207][ T8946] loop2: detected capacity change from 0 to 2048
[  410.343897][ T8946] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  410.386286][ T4711] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  410.405398][ T4711] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4095 with max blocks 2 with error 28
[  410.418640][ T4711] EXT4-fs (loop2): This should not happen!! Data will be lost
[  410.418640][ T4711] 
[  410.429813][ T4711] EXT4-fs (loop2): Total free blocks count 0
[  410.436977][ T4711] EXT4-fs (loop2): Free/Dirty block details
[  410.442951][ T4711] EXT4-fs (loop2): free_blocks=2415919104
[  410.449485][ T4711] EXT4-fs (loop2): dirty_blocks=32
[  410.454631][ T4711] EXT4-fs (loop2): Block reservation details
[  410.460715][ T4711] EXT4-fs (loop2): i_reserved_data_blocks=2
[  410.469008][ T8353] EXT4-fs (loop2): unmounting filesystem.
[  410.506461][ T3566] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  410.746266][ T3566] usb 1-1: Using ep0 maxpacket: 16
[  410.876518][ T3566] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.906638][ T3566] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.926620][ T3566] usb 1-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00
[  410.935830][ T3566] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.974320][ T3566] usb 1-1: config 0 descriptor??
[  410.991518][ T8965] binder: 8963:8965 ioctl 8912 20000540 returned -22
[  411.007787][  T154] usb 4-1: USB disconnect, device number 21
[  411.020491][ T8965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1503'.
[  411.240827][ T8971] device bridge0 entered promiscuous mode
[  411.267660][ T8971] device bridge0 left promiscuous mode
[  411.543060][ T8976] netlink: 'syz.4.1507': attribute type 1 has an invalid length.
[  412.133727][ T8995] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1513'.
[  412.246505][ T5577] usb 12-1: device descriptor read/8, error -110
[  412.292151][ T3566] usbhid 1-1:0.0: can't add hid device: -71
[  412.299408][ T3566] usbhid: probe of 1-1:0.0 failed with error -71
[  412.325718][ T3566] usb 1-1: USB disconnect, device number 12
[  412.677395][ T5577] usb usb12-port1: attempt power cycle
[  412.721294][ T9009] Driver unsupported XDP return value 0 on prog  (id 184) dev N/A, expect packet loss!
[  413.191480][ T9024] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1522'.
[  413.327155][ T5577] usb usb12-port1: unable to enumerate USB device
[  413.406116][ T9032] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  414.714331][ T3564] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  414.725571][ T3564] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  414.735230][ T3559] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  414.743701][ T3559] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  414.756847][ T3559] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  414.764370][ T3559] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  415.244844][ T9050] chnl_net:caif_netlink_parms(): no params data found
[  415.297517][   T14] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  415.362255][  T102] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.475406][ T9050] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.524085][ T9050] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.536368][   T14] usb 2-1: Using ep0 maxpacket: 16
[  415.548382][ T9050] device bridge_slave_0 entered promiscuous mode
[  415.604495][  T102] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.633893][ T9050] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.642038][ T9050] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.656738][   T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  415.659137][ T9050] device bridge_slave_1 entered promiscuous mode
[  415.678785][   T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  415.716338][   T14] usb 2-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00
[  415.729907][   T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.746627][  T102] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.765833][   T14] usb 2-1: config 0 descriptor??
[  415.809962][ T9050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  416.795114][  T102] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.806464][ T3559] Bluetooth: hci2: command tx timeout
[  416.847607][ T9050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  417.061194][ T9050] team0: Port device team_slave_0 added
[  417.121912][ T9050] team0: Port device team_slave_1 added
[  417.209105][ T9050] batman_adv: batadv0: Adding interface: batadv_slave_0
[  417.216530][   T14] usbhid 2-1:0.0: can't add hid device: -71
[  417.227268][   T14] usbhid: probe of 2-1:0.0 failed with error -71
[  417.237771][ T9050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.286610][   T14] usb 2-1: USB disconnect, device number 22
[  417.307671][ T9050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  417.363880][ T9050] batman_adv: batadv0: Adding interface: batadv_slave_1
[  417.374546][ T9050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.444141][ T9050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  417.535274][ T9050] device hsr_slave_0 entered promiscuous mode
[  417.550476][ T9050] device hsr_slave_1 entered promiscuous mode
[  417.561327][ T9050] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  417.572948][ T9050] Cannot create hsr debugfs directory
[  417.720341][ T3596] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  417.971852][ T3596] usb 1-1: Using ep0 maxpacket: 32
[  418.126751][ T3596] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  418.147093][ T3596] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  418.177818][ T3596] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  418.232447][ T3596] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  418.252646][ T3596] usb 1-1: config 0 interface 0 has no altsetting 0
[  418.276615][ T9122] loop1: detected capacity change from 0 to 1024
[  418.294977][ T9122] hfsplus: invalid catalog btree flag
[  418.300673][ T9122] hfsplus: failed to load catalog file
[  418.436474][ T3596] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  418.457379][ T3596] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  418.484620][ T3596] usb 1-1: Product: syz
[  418.512286][ T3596] usb 1-1: Manufacturer: syz
[  418.546250][ T3596] usb 1-1: SerialNumber: syz
[  418.563708][ T3596] usb 1-1: config 0 descriptor??
[  418.618065][ T3596] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  418.634200][ T3596] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  418.742268][  T154] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  418.894625][ T3559] Bluetooth: hci2: command tx timeout
[  419.123187][ T9144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1564'.
[  419.136892][  T154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.164741][  T154] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  419.186626][ T9149] binder: BINDER_SET_CONTEXT_MGR already set
[  419.192697][ T9149] binder: 9148:9149 ioctl 4018620d 20000040 returned -16
[  419.201234][  T154] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  419.217426][  T154] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.236774][  T154] usb 5-1: config 0 descriptor??
[  419.410284][ T9050] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  419.432503][ T9050] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  419.453510][ T9050] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  419.471635][ T9050] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  419.522364][  T102] device hsr_slave_0 left promiscuous mode
[  419.538577][  T102] device hsr_slave_1 left promiscuous mode
[  419.552590][  T102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  419.570605][  T102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  419.587426][  T102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  419.604044][  T102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  419.612859][  T102] device bridge_slave_1 left promiscuous mode
[  419.620148][  T102] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.639433][  T102] device bridge_slave_0 left promiscuous mode
[  419.649834][  T102] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.696965][  T102] device veth1_macvtap left promiscuous mode
[  419.703061][  T102] device veth0_macvtap left promiscuous mode
[  419.714469][  T102] device veth1_vlan left promiscuous mode
[  419.720992][  T102] device veth0_vlan left promiscuous mode
[  419.729523][  T154] plantronics 0003:047F:FFFF.0015: ignoring exceeding usage max
[  419.740676][  T154] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[  419.751485][  T154] plantronics 0003:047F:FFFF.0015: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  420.075869][ T9162] loop1: detected capacity change from 0 to 1024
[  420.100679][ T9162] hfsplus: invalid catalog btree flag
[  420.106620][ T9162] hfsplus: failed to load catalog file
[  420.150957][ T3628] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  420.649151][  T154] usb 1-1: USB disconnect, device number 13
[  421.123698][  T154] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  421.217538][ T3559] Bluetooth: hci2: command tx timeout
[  421.218767][ T9173] loop0: detected capacity change from 0 to 64
[  421.315902][ T6768] Trying to free block not in datazone
[  421.401024][ T9177] loop0: detected capacity change from 0 to 512
[  421.447602][ T9177] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1571: casefold flag without casefold feature
[  421.479934][ T9177] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.1571: missing EA_INODE flag
[  421.497769][  T102] team0 (unregistering): Port device team_slave_1 removed
[  421.507501][ T9177] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1571: error while reading EA inode 2 err=-117
[  421.526930][ T9177] EXT4-fs (loop0): 1 orphan inode deleted
[  421.536389][ T9177] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  421.591469][  T102] team0 (unregistering): Port device team_slave_0 removed
[  421.825564][  T102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.880311][  T102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  422.538679][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  422.593781][  T154] usb 5-1: USB disconnect, device number 17
[  422.624470][   T27] audit: type=1326 audit(1719948544.772:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9189 comm="syz.0.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5201175f19 code=0x7ffc0000
[  422.706292][   T27] audit: type=1326 audit(1719948544.822:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9189 comm="syz.0.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f5201175f19 code=0x7ffc0000
[  422.743330][   T27] audit: type=1326 audit(1719948544.822:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9189 comm="syz.0.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5201175f19 code=0x7ffc0000
[  423.376361][ T3559] Bluetooth: hci2: command tx timeout
[  423.882580][ T9206] loop4: detected capacity change from 0 to 1024
[  423.968404][ T9206] hfsplus: invalid catalog btree flag
[  423.973988][ T9206] hfsplus: failed to load catalog file
[  424.087908][  T102] bond0 (unregistering): Released all slaves
[  424.216470][ T3591] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  424.457300][ T3591] usb 1-1: Using ep0 maxpacket: 32
[  424.524373][ T9050] 8021q: adding VLAN 0 to HW filter on device bond0
[  424.586631][ T3591] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  424.595109][ T3591] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  424.615011][ T3566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  424.627167][ T3566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  424.656111][ T9050] 8021q: adding VLAN 0 to HW filter on device team0
[  424.666454][ T3591] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  424.702330][ T3566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  424.706291][ T3591] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  424.719500][ T3566] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  424.745208][ T9227] loop1: detected capacity change from 0 to 512
[  424.754288][ T3566] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.761541][ T3566] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.776226][ T3591] usb 1-1: config 0 interface 0 has no altsetting 0
[  424.852031][ T9227] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1583: casefold flag without casefold feature
[  424.867823][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  424.877843][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  424.887212][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  424.896046][ T3596] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.903444][ T3596] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.912964][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  424.936685][ T3591] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  424.936934][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  424.955952][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  424.962704][ T3591] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  424.965968][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  424.983107][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  424.983235][ T9227] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1583: missing EA_INODE flag
[  425.016824][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  425.021389][ T3591] usb 1-1: Product: syz
[  425.037248][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  425.044894][ T3591] usb 1-1: Manufacturer: syz
[  425.045894][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  425.064919][ T3591] usb 1-1: SerialNumber: syz
[  425.081945][ T9227] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1583: error while reading EA inode 2 err=-117
[  425.100397][ T9050] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  425.137185][ T3591] usb 1-1: config 0 descriptor??
[  425.153524][ T9050] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  425.168868][ T9227] EXT4-fs (loop1): 1 orphan inode deleted
[  425.177947][ T3591] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  425.190456][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  425.205206][ T9227] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  425.214016][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  425.214800][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  425.233258][ T3591] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  425.599587][ T9246] loop4: detected capacity change from 0 to 1024
[  426.382932][ T9246] hfsplus: invalid catalog btree flag
[  426.466541][ T9246] hfsplus: failed to load catalog file
[  427.452639][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  427.597057][ T3630] usb 1-1: USB disconnect, device number 14
[  427.627728][ T3630] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  427.730900][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  427.749046][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  427.806485][ T3591] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  427.816841][ T9050] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.884673][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  427.894623][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  427.990068][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  427.999506][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  428.021267][ T9050] device veth0_vlan entered promiscuous mode
[  428.036987][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  428.049600][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  428.056382][ T3591] usb 4-1: Using ep0 maxpacket: 16
[  428.095717][ T9050] device veth1_vlan entered promiscuous mode
[  428.171606][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  428.179976][ T3591] usb 4-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 17, changing to 8
[  428.181178][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  428.214835][ T3591] usb 4-1: config 1 interface 0 has no altsetting 0
[  428.228120][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  428.244891][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  428.280828][ T9050] device veth0_macvtap entered promiscuous mode
[  428.309269][ T9050] device veth1_macvtap entered promiscuous mode
[  428.365419][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.390103][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.396486][ T3591] usb 4-1: New USB device found, idVendor=04b3, idProduct=3105, bcdDevice= 0.40
[  428.413970][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.430155][ T3591] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.455052][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.466320][ T3591] usb 4-1: Product: syz
[  428.468030][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.476256][ T3591] usb 4-1: Manufacturer: syz
[  428.496308][ T3591] usb 4-1: SerialNumber: syz
[  428.512494][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.543131][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.564391][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.593504][ T9050] batman_adv: batadv0: Interface activated: batadv_slave_0
[  428.637442][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  428.652313][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  428.677172][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  428.696654][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  428.719685][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.764657][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.805750][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.832447][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.853930][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.870982][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.882498][ T9050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.902661][ T9050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.925857][ T9050] batman_adv: batadv0: Interface activated: batadv_slave_1
[  428.935597][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  428.953369][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  428.970047][ T9050] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  428.996372][ T3591] usbhid 4-1:1.0: can't add hid device: -71
[  428.999369][ T9050] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  429.002677][ T3591] usbhid: probe of 4-1:1.0 failed with error -71
[  429.016203][ T9050] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  429.026883][ T9050] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  429.083766][ T3591] usb 4-1: USB disconnect, device number 22
[  429.293483][ T4711] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.360966][ T4711] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.402450][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  429.442948][ T4711] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.497661][ T4711] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.567968][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  429.744315][ T9290] loop3: detected capacity change from 0 to 64
[  430.435208][ T6482] Trying to free block not in datazone
[  430.828276][ T9300] loop3: detected capacity change from 0 to 1024
[  430.836792][ T9300] hfsplus: invalid catalog btree flag
[  430.842388][ T9300] hfsplus: failed to load catalog file
[  430.883792][ T9302] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1602'.
[  431.279856][ T9311] loop3: detected capacity change from 0 to 8192
[  431.356751][ T3628] I/O error, dev loop3, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  431.376430][ T3630] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  431.433271][ T9317] loop2: detected capacity change from 0 to 1024
[  431.464161][ T9319] loop4: detected capacity change from 0 to 512
[  431.533083][ T9311] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  431.547333][ T9317] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  431.560730][ T9319] EXT4-fs (loop4): 1 orphan inode deleted
[  431.576290][ T9319] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  431.598338][ T9319] ext4 filesystem being mounted at /418/file0 supports timestamps until 2038 (0x7fffffff)
[  431.650673][ T3630] usb 1-1: Using ep0 maxpacket: 8
[  431.673549][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  431.729393][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  431.776744][ T3630] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  431.815107][ T3630] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  431.851133][ T3630] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  431.910079][ T9332] loop2: detected capacity change from 0 to 64
[  431.919655][ T3630] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  431.952326][ T3630] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  432.007670][ T3630] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.019810][ T9338] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1615'.
[  432.059054][ T9050] Trying to free block not in datazone
[  432.079169][ T3630] hub 1-1:1.0: bad descriptor, ignoring hub
[  432.106081][ T3630] hub: probe of 1-1:1.0 failed with error -5
[  432.113227][ T3630] cdc_wdm 1-1:1.0: skipping garbage
[  432.140665][ T3630] cdc_wdm 1-1:1.0: skipping garbage
[  432.169216][ T3630] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  432.179055][ T3630] cdc_wdm 1-1:1.0: Unknown control protocol
[  432.474640][ T9346] loop2: detected capacity change from 0 to 1024
[  432.531258][ T9346] hfsplus: invalid catalog btree flag
[  432.554869][ T9346] hfsplus: failed to load catalog file
[  432.718610][ T9309] usb 1-1: reset high-speed USB device number 15 using dummy_hcd
[  432.853872][ T9355] loop1: detected capacity change from 0 to 512
[  432.926688][ T9355] EXT4-fs (loop1): 1 orphan inode deleted
[  432.933400][ T9355] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  432.943750][ T9355] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038 (0x7fffffff)
[  433.029259][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  433.777655][  T154] usb 1-1: USB disconnect, device number 15
[  433.832495][ T9363] loop3: detected capacity change from 0 to 8192
[  433.964132][ T9363] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  434.107841][ T9370] loop1: detected capacity change from 0 to 64
[  434.265931][ T6571] Trying to free block not in datazone
[  434.313786][ T9375] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1628'.
[  434.354026][ T9375] device bridge_slave_1 left promiscuous mode
[  434.372370][ T9375] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.400057][ T9375] team0: Device bridge_slave_1 is up. Set it down before adding it as a team port
[  434.407714][ T9378] loop0: detected capacity change from 0 to 512
[  434.441313][ T9378] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1630: casefold flag without casefold feature
[  434.472837][ T9375] team0: Device veth1_to_bond is up. Set it down before adding it as a team port
[  434.502888][ T9378] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.1630: missing EA_INODE flag
[  434.570655][ T9378] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1630: error while reading EA inode 2 err=-117
[  434.634106][ T9378] EXT4-fs (loop0): 1 orphan inode deleted
[  434.659923][ T9378] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  435.611280][ T9393] loop1: detected capacity change from 0 to 512
[  435.741890][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  435.859024][ T9393] EXT4-fs (loop1): 1 orphan inode deleted
[  435.864827][ T9393] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  435.936444][ T9393] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038 (0x7fffffff)
[  436.022491][ T9403] loop0: detected capacity change from 0 to 2048
[  436.070344][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  436.100768][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  436.155204][ T9403] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  436.190148][   T27] audit: type=1800 audit(1719948558.332:42): pid=9403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1636" name="bus" dev="loop0" ino=18 res=0 errno=0
[  436.227170][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  436.379672][ T9409] loop2: detected capacity change from 0 to 1024
[  436.479463][ T9409] hfsplus: invalid catalog btree flag
[  436.520149][ T9409] hfsplus: failed to load catalog file
[  436.579244][ T9413] loop1: detected capacity change from 0 to 8192
[  436.653964][ T9418] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  436.765719][ T9422] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1642'.
[  436.993456][ T9413] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  437.273216][ T9436] loop3: detected capacity change from 0 to 64
[  437.469097][ T6482] Trying to free block not in datazone
[  437.640424][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1650'.
[  437.733688][ T9444] loop3: detected capacity change from 0 to 2048
[  437.785191][ T9444] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  437.840278][   T27] audit: type=1800 audit(1719948559.992:43): pid=9444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1651" name="bus" dev="loop3" ino=18 res=0 errno=0
[  437.942694][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  437.990344][ T9450] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1655'.
[  438.137014][ T9454] device pim6reg1 entered promiscuous mode
[  438.689417][ T9476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1664'.
[  438.705724][ T9473] loop1: detected capacity change from 0 to 2048
[  438.779384][ T9473] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  438.871757][   T27] audit: type=1800 audit(1719948561.022:44): pid=9473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1663" name="bus" dev="loop1" ino=18 res=0 errno=0
[  438.997617][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  439.184696][ T9487] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1667'.
[  439.310825][ T9494] loop2: detected capacity change from 0 to 512
[  439.376601][ T9494] EXT4-fs: Ignoring removed bh option
[  439.385486][ T9493] loop3: detected capacity change from 0 to 2048
[  439.426275][ T9494] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  439.451309][ T9498] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1671'.
[  439.504701][ T9494] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.1669: bad orphan inode 17
[  439.590786][ T9493] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  439.620335][ T9494] EXT4-fs (loop2): Remounting filesystem read-only
[  439.630660][ T9494] ext4_test_bit(bit=16, block=4) = 1
[  439.636037][ T9494] is_bad_inode(inode)=0
[  439.644947][ T9494] NEXT_ORPHAN(inode)=1048336
[  439.653973][ T9494] max_ino=32
[  439.660153][ T9494] i_nlink=0
[  439.665150][ T9494] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  439.745678][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  439.814513][ T9504] loop1: detected capacity change from 0 to 1024
[  439.913920][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  439.921034][ T9504] hfsplus: invalid catalog btree flag
[  439.921263][ T9504] hfsplus: failed to load catalog file
[  440.041382][ T9513] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1676'.
[  440.098131][ T9517] loop0: detected capacity change from 0 to 512
[  440.168100][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  440.180404][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  440.198440][ T9518] loop3: detected capacity change from 0 to 2048
[  440.238381][ T9517] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  440.256776][ T9517] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038 (0x7fffffff)
[  440.318924][ T9518] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  440.438799][   T27] audit: type=1800 audit(1719948562.592:45): pid=9518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1677" name="bus" dev="loop3" ino=18 res=0 errno=0
[  440.509588][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  440.517320][ T6768] EXT4-fs (loop0): unmounting filesystem.
[  440.648821][ T9531] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1682'.
[  440.729258][ T9534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1684'.
[  440.949394][   T27] audit: type=1326 audit(1719948563.102:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.1685" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a6db75f19 code=0x0
[  441.306257][   T14] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  441.358217][ T9546] loop4: detected capacity change from 0 to 512
[  441.417984][ T9546] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  441.482604][ T9546] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  441.528817][ T9546] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038 (0x7fffffff)
[  441.566281][   T14] usb 4-1: Using ep0 maxpacket: 8
[  441.686391][   T14] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  441.727279][   T14] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  441.774307][   T14] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  441.776821][ T9546] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  441.886260][   T14] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  441.924507][   T14] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  441.962454][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.972369][ T9553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1691'.
[  442.067512][   T14] hub 4-1:1.0: bad descriptor, ignoring hub
[  442.074763][   T14] hub: probe of 4-1:1.0 failed with error -5
[  442.097330][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  442.104502][   T14] cdc_wdm 4-1:1.0: skipping garbage
[  442.124322][   T14] cdc_wdm 4-1:1.0: skipping garbage
[  442.182056][   T14] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  442.215632][   T14] cdc_wdm 4-1:1.0: Unknown control protocol
[  442.279125][   T14] usb 4-1: USB disconnect, device number 23
[  442.433575][ T9559] loop1: detected capacity change from 0 to 2048
[  442.443168][ T3559] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  442.475669][ T3559] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  442.507334][ T3559] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  442.523447][ T3559] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  442.534598][ T3559] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  442.544300][ T3559] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  442.593116][ T9567] IPv4: Oversized IP packet from 172.20.20.24
[  442.601876][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  442.608934][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  442.649428][ T9559] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  442.742912][   T27] audit: type=1800 audit(1719948564.892:47): pid=9559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1693" name="bus" dev="loop1" ino=18 res=0 errno=0
[  442.805664][ T9571] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1695'.
[  442.838782][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  442.967661][ T3591] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  443.028086][ T9573] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  443.153051][ T9576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1696'.
[  443.200120][ T9581] team1: Mode changed to "activebackup"
[  443.216519][ T3591] usb 4-1: Using ep0 maxpacket: 8
[  443.336485][ T3591] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  443.362637][ T3591] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  443.379664][ T9587] loop1: detected capacity change from 0 to 128
[  443.393164][ T3591] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  443.405243][ T9562] chnl_net:caif_netlink_parms(): no params data found
[  443.428102][ T3591] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  443.453276][ T3591] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  443.492540][ T9587] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  443.513949][ T3591] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.556675][ T9589] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  443.565195][ T9587] ext4 filesystem being mounted at /188/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  443.617740][ T3591] hub 4-1:1.0: bad descriptor, ignoring hub
[  443.641191][ T3591] hub: probe of 4-1:1.0 failed with error -5
[  443.693576][ T3591] cdc_wdm 4-1:1.0: skipping garbage
[  443.722671][ T3591] cdc_wdm 4-1:1.0: skipping garbage
[  443.747375][   T27] audit: type=1800 audit(1719948565.902:48): pid=9587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1700" name="bus" dev="loop1" ino=12 res=0 errno=0
[  443.785077][ T3591] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  443.806590][ T3591] cdc_wdm 4-1:1.0: Unknown control protocol
[  444.280469][ T9599] loop2: detected capacity change from 0 to 1024
[  444.697172][ T3556] Bluetooth: hci4: command tx timeout
[  444.727638][ T3630] usb 4-1: USB disconnect, device number 24
[  445.215024][ T9599] hfsplus: invalid catalog btree flag
[  445.220956][ T9599] hfsplus: failed to load catalog file
[  445.245047][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  445.655905][ T9610] loop4: detected capacity change from 0 to 2048
[  445.675147][ T9562] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.694815][ T9562] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.722331][ T9562] device bridge_slave_0 entered promiscuous mode
[  445.731571][ T9562] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.737830][ T9610] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  445.747262][ T9562] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.748937][ T9562] device bridge_slave_1 entered promiscuous mode
[  445.801975][   T27] audit: type=1800 audit(1719948567.952:49): pid=9610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1705" name="bus" dev="loop4" ino=18 res=0 errno=0
[  445.903286][ T9562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.957138][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  445.961519][ T9562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.075131][ T9622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1709'.
[  446.134177][ T9562] team0: Port device team_slave_0 added
[  446.159213][ T9624] team1: Mode changed to "activebackup"
[  446.182224][ T9562] team0: Port device team_slave_1 added
[  446.206457][ T3593] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  446.269196][ T9562] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.289663][ T9562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.343466][ T9562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.376009][ T9562] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.400001][ T9562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.456301][ T9562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.471252][ T9628] loop4: detected capacity change from 0 to 8192
[  446.537256][ T9628]  loop4: p1 p4
[  446.537256][ T9628]  p1: <minix: p5 >
[  446.549618][ T9628] loop4: p4 start 50689 is beyond EOD, truncated
[  446.580065][ T9562] device hsr_slave_0 entered promiscuous mode
[  446.586597][ T3593] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  446.605902][ T3593] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  446.617968][ T9562] device hsr_slave_1 entered promiscuous mode
[  446.642434][ T9562] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  446.676323][ T9562] Cannot create hsr debugfs directory
[  446.684272][ T9633] loop1: detected capacity change from 0 to 128
[  446.706734][ T3593] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  446.726824][ T3556] Bluetooth: hci4: command tx timeout
[  446.732374][ T3593] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  446.748754][ T3634] udevd[3634]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  446.761995][ T9633] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  446.773060][ T3593] usb 3-1: SerialNumber: syz
[  446.790941][ T9633] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  446.806764][ T9618] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  447.246808][   T27] audit: type=1800 audit(1719948569.392:50): pid=9633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1713" name="bus" dev="loop1" ino=12 res=0 errno=0
[  447.362208][ T4711] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.437406][ T7805] udevd[7805]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  447.686424][ T3628] udevd[3628]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  447.708092][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  447.858128][ T9645] loop1: detected capacity change from 0 to 512
[  447.879942][ T4711] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.896745][ T9645] EXT4-fs: Ignoring removed mblk_io_submit option
[  447.913409][ T9645] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  448.196372][ T3593] cdc_ether: probe of 3-1:1.0 failed with error -71
[  448.356973][ T9645] EXT4-fs error (device loop1): __ext4_iget:5044: inode #11: block 1: comm syz.1.1716: invalid block
[  448.365196][ T3593] usb 3-1: USB disconnect, device number 16
[  448.375936][ T9645] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1716: couldn't read orphan inode 11 (err -117)
[  448.389559][ T9645] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  448.451230][ T9651] loop4: detected capacity change from 0 to 2048
[  448.451938][ T4711] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.649299][ T9651] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  448.658428][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  448.723370][   T27] audit: type=1800 audit(1719948570.872:51): pid=9651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1718" name="bus" dev="loop4" ino=18 res=0 errno=0
[  448.764103][ T4711] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.780615][ T9646] loop3: detected capacity change from 0 to 1024
[  448.816416][ T3556] Bluetooth: hci4: command tx timeout
[  448.848327][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  448.865269][ T9646] hfsplus: invalid catalog btree flag
[  448.870933][ T9646] hfsplus: failed to load catalog file
[  449.259523][ T9667] loop4: detected capacity change from 0 to 128
[  449.312575][ T9667] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  449.355840][ T9667] ext4 filesystem being mounted at /446/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  450.228836][   T27] audit: type=1800 audit(1719948572.382:52): pid=9667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1725" name="bus" dev="loop4" ino=12 res=0 errno=0
[  450.394075][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  450.471888][ T9681] loop2: detected capacity change from 0 to 2048
[  450.552217][ T9677] loop3: detected capacity change from 0 to 8192
[  450.555231][ T9681] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  450.593562][ T9677] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  450.640893][   T27] audit: type=1800 audit(1719948572.792:53): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1730" name="bus" dev="loop2" ino=18 res=0 errno=0
[  450.680442][ T3566] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  450.886324][ T3556] Bluetooth: hci4: command tx timeout
[  450.895501][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  451.227122][ T3566] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  451.273741][ T3566] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  451.457701][ T3566] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  451.484722][ T3566] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  451.596541][ T3566] usb 2-1: SerialNumber: syz
[  451.678456][ T9679] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  452.343014][ T9695] loop2: detected capacity change from 0 to 512
[  452.367160][ T9692] loop3: detected capacity change from 0 to 1024
[  452.376313][ T9692] hfsplus: invalid catalog btree flag
[  452.381870][ T9692] hfsplus: failed to load catalog file
[  452.466417][ T3566] cdc_ether: probe of 2-1:1.0 failed with error -71
[  452.498788][ T9695] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  452.516335][ T9695] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff)
[  452.537306][ T3566] usb 2-1: USB disconnect, device number 23
[  452.716890][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  452.744257][   T27] audit: type=1326 audit(1719948574.892:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  452.797239][   T27] audit: type=1326 audit(1719948574.922:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  454.001609][ T9716] loop1: detected capacity change from 0 to 128
[  454.026868][   T27] audit: type=1326 audit(1719948576.182:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  454.116372][ T9716] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  454.156246][   T27] audit: type=1326 audit(1719948576.182:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  454.179616][ T9716] ext4 filesystem being mounted at /197/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  454.238632][ T9562] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  454.262634][   T27] audit: type=1800 audit(1719948576.412:58): pid=9716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1740" name="bus" dev="loop1" ino=12 res=0 errno=0
[  454.319148][ T9562] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  454.354712][ T9562] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  454.363240][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  454.476784][ T9562] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  454.696848][ T9736] loop3: detected capacity change from 0 to 1024
[  454.789766][ T9736] hfsplus: invalid catalog btree flag
[  454.811415][ T9736] hfsplus: failed to load catalog file
[  455.055361][ T9728] loop4: detected capacity change from 0 to 8192
[  455.083900][ T9728] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  455.151544][   T27] audit: type=1326 audit(1719948577.302:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9739 comm="syz.3.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  455.222270][   T27] audit: type=1326 audit(1719948577.332:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9739 comm="syz.3.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  455.412826][   T27] audit: type=1326 audit(1719948577.332:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9739 comm="syz.3.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  455.534768][ T9750] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1746'.
[  455.643975][   T27] audit: type=1326 audit(1719948577.342:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9739 comm="syz.3.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f43775f19 code=0x7ffc0000
[  455.764928][ T9762] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1750'.
[  455.946378][ T3627] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  455.964000][ T9562] 8021q: adding VLAN 0 to HW filter on device bond0
[  456.014948][ T9766] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1751'.
[  456.110803][ T4711] device hsr_slave_0 left promiscuous mode
[  456.129953][ T4711] device hsr_slave_1 left promiscuous mode
[  456.145908][ T4711] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  456.169187][ T4711] batman_adv: batadv0: Removing interface: batadv_slave_0
[  456.182731][ T4711] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  456.196342][ T4711] batman_adv: batadv0: Removing interface: batadv_slave_1
[  456.211161][ T4711] device bridge_slave_1 left promiscuous mode
[  456.227099][ T4711] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.249033][ T4711] device bridge_slave_0 left promiscuous mode
[  456.263507][ T4711] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.337598][ T3627] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  456.348944][ T4711] device veth1_macvtap left promiscuous mode
[  456.363406][ T4711] device veth0_macvtap left promiscuous mode
[  456.374326][ T3627] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  456.377010][ T4711] device veth1_vlan left promiscuous mode
[  456.438459][ T4711] device veth0_vlan left promiscuous mode
[  456.486490][ T3627] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  456.495600][ T3627] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  456.544421][ T3627] usb 5-1: SerialNumber: syz
[  456.576625][ T9755] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  458.574858][ T4711] team0 (unregistering): Port device team_slave_1 removed
[  458.626010][ T4711] team0 (unregistering): Port device team_slave_0 removed
[  458.673053][ T4711] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.726096][ T4711] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  459.184293][ T4711] bond0 (unregistering): Released all slaves
[  459.254937][ T9562] 8021q: adding VLAN 0 to HW filter on device team0
[  459.265144][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  459.273482][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  459.340955][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  459.375126][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  459.402006][ T3325] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.409252][ T3325] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.466997][ T3627] cdc_ether: probe of 5-1:1.0 failed with error -71
[  459.473329][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  459.530261][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  459.552305][ T3627] usb 5-1: USB disconnect, device number 18
[  459.631747][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  459.656578][ T9796] loop2: detected capacity change from 0 to 1024
[  459.705539][ T5577] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.712973][ T5577] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.733809][ T9796] hfsplus: invalid catalog btree flag
[  459.739826][ T9796] hfsplus: failed to load catalog file
[  459.758908][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  459.850454][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  459.900463][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  459.993031][ T7803] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  460.855118][   T27] audit: type=1326 audit(1719948583.002:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.4.1761" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc45ed75f19 code=0x0
[  460.911706][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  460.921169][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  460.930272][ T3325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  460.976199][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  460.984461][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  461.006865][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  461.015562][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  461.027083][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  461.038462][ T9562] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  461.241190][ T9819] loop2: detected capacity change from 0 to 1024
[  461.263988][ T9819] EXT4-fs: Ignoring removed orlov option
[  461.306008][ T9819] EXT4-fs (loop2): Test dummy encryption mode enabled
[  461.747839][ T9819] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  462.546394][ T3630] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  462.616410][ T3593] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  462.662873][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  462.673327][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  462.712834][ T9562] 8021q: adding VLAN 0 to HW filter on device batadv0
[  462.923066][ T9848] loop1: detected capacity change from 0 to 1024
[  462.962846][ T9848] hfsplus: invalid catalog btree flag
[  462.993754][ T9848] hfsplus: failed to load catalog file
[  463.000186][ T3593] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  463.028764][ T3593] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  463.137671][ T3630] usb 3-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  463.148055][ T3630] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.163814][ T9562] device veth0_vlan entered promiscuous mode
[  463.536655][ T3630] usb 3-1: config 0 descriptor??
[  463.845949][ T9562] device veth1_vlan entered promiscuous mode
[  463.964008][ T9562] device veth0_macvtap entered promiscuous mode
[  463.996499][ T3630] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  464.018399][ T9562] device veth1_macvtap entered promiscuous mode
[  464.055511][ T3630] asix: probe of 3-1:0.0 failed with error -71
[  464.067602][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  464.077054][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  464.086617][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  464.095826][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  464.107017][ T3593] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  464.116957][ T3630] usb 3-1: USB disconnect, device number 17
[  464.143643][ T3593] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  464.161532][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  464.170266][ T3593] usb 4-1: SerialNumber: syz
[  464.182127][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  464.193576][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  464.204819][ T9835] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  464.217076][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  464.226580][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  464.238724][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  464.255044][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  464.264352][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  464.285397][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.319429][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.339659][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.376202][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.392696][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.404084][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.420531][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.432926][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.477614][ T9562] batman_adv: batadv0: Interface activated: batadv_slave_0
[  464.541552][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  464.554115][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  464.571659][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.598976][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.959606][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.069944][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.154432][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.240856][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.320916][ T9562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.431124][ T9562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.492918][ T9562] batman_adv: batadv0: Interface activated: batadv_slave_1
[  465.497668][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  465.506452][ T3593] cdc_ether: probe of 4-1:1.0 failed with error -71
[  465.543535][ T3593] usb 4-1: USB disconnect, device number 25
[  465.576960][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  465.586051][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  465.676800][ T9562] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  465.691555][ T9562] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  465.722052][ T9562] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  465.750735][ T9562] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  466.044509][ T4123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.070418][ T4123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.385362][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  466.511355][  T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.532466][  T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.608041][ T5577] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  467.474985][ T9882] loop1: detected capacity change from 0 to 1024
[  467.771798][ T9890] loop2: detected capacity change from 0 to 8192
[  467.804978][ T9890] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  468.727505][ T9882] hfsplus: invalid catalog btree flag
[  468.791576][ T9882] hfsplus: failed to load catalog file
[  468.924927][ T3634] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  469.377748][ T5577] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  469.437975][ T9928] loop4: detected capacity change from 0 to 2048
[  469.524837][ T9928] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  470.168058][   T27] audit: type=1800 audit(1719948592.322:64): pid=9928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1801" name="bus" dev="loop4" ino=18 res=0 errno=0
[  470.424210][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  470.536470][ T5577] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  470.555599][ T5577] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  470.706816][ T5577] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  470.863082][ T5577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  471.068838][ T5577] usb 4-1: SerialNumber: syz
[  471.236712][ T9914] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  471.259537][ T9953] loop1: detected capacity change from 0 to 1024
[  471.291433][ T9953] hfsplus: invalid catalog btree flag
[  471.300939][ T9953] hfsplus: failed to load catalog file
[  471.486315][ T5577] cdc_ether: probe of 4-1:1.0 failed with error -71
[  471.555666][ T5577] usb 4-1: USB disconnect, device number 26
[  471.954502][ T9981] netlink: 'syz.4.1819': attribute type 10 has an invalid length.
[  472.018150][ T9981] device macvlan0 entered promiscuous mode
[  472.089363][ T9981] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  472.925523][ T3627] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  473.309780][ T3627] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  473.352682][ T3627] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  473.435575][T10057] xt_CT: You must specify a L4 protocol and not use inversions on it
[  473.468996][ T3627] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  473.485521][ T3627] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  473.510998][ T3627] usb 5-1: SerialNumber: syz
[  473.564068][T10013] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  473.691499][T10068] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  473.704288][T10068] TCP: tcp_parse_options: Illegal window scaling value 255 > 14 received
[  473.816457][ T3627] cdc_ether: probe of 5-1:1.0 failed with error -71
[  473.846745][ T3627] usb 5-1: USB disconnect, device number 19
[  475.145629][T10127] device bridge_slave_1 left promiscuous mode
[  475.175590][T10127] bridge0: port 2(bridge_slave_1) entered disabled state
[  475.199584][T10132] loop4: detected capacity change from 0 to 512
[  475.271646][T10132] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1885: invalid indirect mapped block 256 (level 2)
[  475.307454][T10132] EXT4-fs (loop4): 2 truncates cleaned up
[  475.313663][T10132] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  475.351739][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  475.376343][   T26] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  475.756403][   T26] usb 3-1: config 1 interface 0 altsetting 253 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  475.780867][   T26] usb 3-1: config 1 interface 0 has no altsetting 0
[  475.892584][   T26] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  475.911305][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  475.928721][   T26] usb 3-1: SerialNumber: syz
[  477.177552][T10179] loop0: detected capacity change from 0 to 512
[  477.226959][T10179] EXT4-fs (loop0): Test dummy encryption mode enabled
[  477.324453][T10179] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.1904: inline data xattr refers to an external xattr inode
[  477.352803][T10128] loop2: detected capacity change from 0 to 16
[  477.413118][T10179] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1904: couldn't read orphan inode 12 (err -117)
[  477.414721][T10128] erofs: (device loop2): mounted with root inode @ nid 36.
[  477.425280][   T26] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[  477.478761][T10179] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  477.595520][T10192] loop3: detected capacity change from 0 to 512
[  477.633517][T10192] EXT4-fs (loop3): Test dummy encryption mode enabled
[  477.684486][T10192] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.1908: inline data xattr refers to an external xattr inode
[  477.818269][T10192] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1908: couldn't read orphan inode 12 (err -117)
[  477.835910][ T7667] usb 3-1: USB disconnect, device number 18
[  477.854948][ T7667] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device
[  477.900877][T10192] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  478.116420][   T14] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  478.129625][ T9562] EXT4-fs (loop0): unmounting filesystem.
[  478.366378][   T14] usb 2-1: Using ep0 maxpacket: 16
[  478.486534][   T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  478.513322][   T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  478.559195][   T14] usb 2-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00
[  478.604711][   T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.649524][   T14] usb 2-1: config 0 descriptor??
[  478.987961][T10236] loop2: detected capacity change from 0 to 128
[  479.046405][   T14] usbhid 2-1:0.0: can't add hid device: -71
[  479.055722][   T14] usbhid: probe of 2-1:0.0 failed with error -71
[  479.108169][   T14] usb 2-1: USB disconnect, device number 24
[  479.114418][T10236] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  479.224291][T10236] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038 (0x7fffffff)
[  479.339936][T10236] EXT4-fs (loop2): resizing filesystem from 64 to 2 blocks
[  479.360805][T10236] EXT4-fs warning (device loop2): ext4_resize_fs:2051: can't shrink FS - resize aborted
[  479.547657][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  480.445609][T10272] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  480.999098][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  481.059643][T10281] loop2: detected capacity change from 0 to 128
[  481.129304][T10281] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  481.167207][T10281] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038 (0x7fffffff)
[  481.337910][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  481.884183][T10305] loop2: detected capacity change from 0 to 8192
[  481.992111][T10319] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  482.045926][T10305] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  482.679493][T10333] loop1: detected capacity change from 0 to 128
[  482.733312][T10333] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  482.827171][T10333] ext4 filesystem being mounted at /241/mnt supports timestamps until 2038 (0x7fffffff)
[  482.995149][ T6571] EXT4-fs (loop1): unmounting filesystem.
[  484.968744][T10366] loop4: detected capacity change from 0 to 8192
[  485.013042][T10366] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  486.086605][   T14] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  486.342519][T10390] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  486.507015][   T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.731355][   T14] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  486.796540][   T14] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  486.834394][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.883997][   T14] usb 4-1: config 0 descriptor??
[  487.062716][T10394] loop1: detected capacity change from 0 to 8192
[  487.127184][T10394] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  487.198865][T10406] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1977'.
[  487.398533][   T14] plantronics 0003:047F:FFFF.0016: ignoring exceeding usage max
[  487.423983][   T14] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  487.467058][   T14] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  487.856029][T10422] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  488.360438][T10426] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.1983'.
[  488.872822][T10444] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1990'.
[  488.942390][T10442] loop1: detected capacity change from 0 to 8192
[  488.973588][T10442] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  489.311213][T10456] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.1996'.
[  489.780279][   T14] usb 4-1: USB disconnect, device number 27
[  489.873348][T10471] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2002'.
[  490.121136][T10473] loop0: detected capacity change from 0 to 8192
[  490.162645][T10473] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  490.369150][T10481] netlink: 14601 bytes leftover after parsing attributes in process `syz.1.2008'.
[  490.823303][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  490.954047][T10503] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2014'.
[  491.267069][T10508] loop3: detected capacity change from 0 to 8192
[  491.295225][T10508] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  491.632504][T10516] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.2020'.
[  491.894908][T10520] loop3: detected capacity change from 0 to 4096
[  491.934187][T10520] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  491.965458][T10531] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2026'.
[  491.976382][T10531] device bridge_slave_1 left promiscuous mode
[  491.982789][T10531] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.216583][T10520] loop3: detected capacity change from 4096 to 0
[  492.287871][T10523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  492.314994][ T6482] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /224/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=4096 fake=0
[  492.679013][ T6482] EXT4-fs (loop3): unmounting filesystem.
[  493.025175][T10545] loop0: detected capacity change from 0 to 1024
[  493.097424][T10545] hfsplus: invalid catalog btree flag
[  493.103199][T10545] hfsplus: failed to load catalog file
[  493.429296][ T3609] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.651607][ T3609] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.787691][T10563] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2038'.
[  493.881189][ T3609] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.065273][ T3609] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.149967][ T3559] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  494.165149][ T3559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  494.174728][ T3559] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  494.201487][ T3559] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  494.211956][ T3559] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  494.219866][ T3559] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  494.310936][ T3609] tipc: Left network mode
[  494.555289][ T3630] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  494.806685][ T3630] usb 2-1: Using ep0 maxpacket: 32
[  494.956849][ T3630] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  494.972730][ T3630] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  494.986350][ T3630] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  494.998368][ T3630] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  495.011907][ T3630] usb 2-1: config 0 interface 0 has no altsetting 0
[  495.061867][T10585] loop0: detected capacity change from 0 to 1024
[  495.071182][T10585] hfsplus: invalid catalog btree flag
[  495.099316][T10585] hfsplus: failed to load catalog file
[  495.157118][ T3628] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  495.200381][ T3630] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  495.220321][ T3630] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  495.263107][ T3630] usb 2-1: Product: syz
[  495.291924][ T3630] usb 2-1: Manufacturer: syz
[  495.315599][ T3630] usb 2-1: SerialNumber: syz
[  495.330559][T10592] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  495.337144][T10592] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  495.361025][ T3630] usb 2-1: config 0 descriptor??
[  495.381093][T10592] vhci_hcd vhci_hcd.0: Device attached
[  495.417973][ T3630] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  495.443199][T10593] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  495.444686][ T3630] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  495.459430][  T102] vhci_hcd: stop threads
[  495.459446][  T102] vhci_hcd: release socket
[  495.459466][  T102] vhci_hcd: disconnect device
[  495.793472][T10608] sp0: Synchronizing with TNC
[  495.895133][T10613] kernel read not supported for file / 
 (pid: 10613 comm: syz.2.2049)
[  495.915999][   T27] audit: type=1800 audit(1719948618.062:65): pid=10613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2049" name=2001 dev="mqueue" ino=63533 res=0 errno=0
[  495.958621][T10577] chnl_net:caif_netlink_parms(): no params data found
[  496.078919][T10617] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2050'.
[  496.246692][ T3559] Bluetooth: hci0: command tx timeout
[  496.336943][T10577] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.344107][T10577] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.362813][T10577] device bridge_slave_0 entered promiscuous mode
[  496.388227][T10577] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.432017][T10577] bridge0: port 2(bridge_slave_1) entered disabled state
[  496.487882][T10577] device bridge_slave_1 entered promiscuous mode
[  497.326802][  T154] usb 2-1: USB disconnect, device number 25
[  497.347675][  T154] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  497.466977][T10577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  497.520127][T10625] delete_channel: no stack
[  497.667895][T10577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  498.136421][ T3609] device hsr_slave_0 left promiscuous mode
[  498.150370][T10648] loop2: detected capacity change from 0 to 1024
[  498.384320][ T3559] Bluetooth: hci0: command tx timeout
[  498.392638][ T3609] device hsr_slave_1 left promiscuous mode
[  498.402185][ T3609] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  499.093238][T10648] hfsplus: invalid catalog btree flag
[  499.100169][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_0
[  499.116727][T10648] hfsplus: failed to load catalog file
[  499.133510][ T3609] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  499.182520][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_1
[  499.227136][ T3609] device bridge_slave_0 left promiscuous mode
[  499.236704][ T3609] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.307783][ T3609] device veth1_macvtap left promiscuous mode
[  499.313902][ T3609] device veth0_macvtap left promiscuous mode
[  499.320843][ T3609] device veth1_vlan left promiscuous mode
[  499.329445][ T3609] device veth0_vlan left promiscuous mode
[  500.398848][ T3609] team0 (unregistering): Port device team_slave_1 removed
[  500.416318][ T3559] Bluetooth: hci0: command tx timeout
[  500.499544][ T3609] team0 (unregistering): Port device team_slave_0 removed
[  500.612919][ T3609] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  500.622429][T10669] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  500.628983][T10669] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  500.637698][T10669] vhci_hcd vhci_hcd.0: Device attached
[  500.649476][T10670] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  500.649868][  T102] vhci_hcd: stop threads
[  500.649879][  T102] vhci_hcd: release socket
[  500.649898][  T102] vhci_hcd: disconnect device
[  500.740274][ T3609] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  501.274416][ T3609] bond0 (unregistering): Released all slaves
[  501.387930][T10675] loop0: detected capacity change from 0 to 512
[  501.409056][T10675] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  501.451401][T10675] EXT4-fs (loop0): 1 orphan inode deleted
[  501.458117][T10675] EXT4-fs (loop0): 1 truncate cleaned up
[  501.464323][T10675] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  501.499714][ T9562] EXT4-fs (loop0): unmounting filesystem.
[  501.722475][T10577] team0: Port device team_slave_0 added
[  501.738473][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  501.761268][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  501.800323][T10662] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2062'.
[  501.944773][T10577] team0: Port device team_slave_1 added
[  502.046375][ T3566] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  502.336441][ T3566] usb 5-1: Using ep0 maxpacket: 32
[  502.461186][T10577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  502.486240][ T3559] Bluetooth: hci0: command tx timeout
[  502.496719][ T3566] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  502.511128][T10577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.548115][ T3566] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  502.613975][T10577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  502.649175][T10691] loop2: detected capacity change from 0 to 128
[  502.662534][T10577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  502.670039][ T3566] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  502.670982][T10577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.708415][T10577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  502.720321][T10691] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  502.730570][T10691] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038 (0x7fffffff)
[  502.738828][ T3566] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  502.864846][ T3566] usb 5-1: config 0 interface 0 has no altsetting 0
[  502.920877][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  502.963615][T10577] device hsr_slave_0 entered promiscuous mode
[  503.028441][T10577] device hsr_slave_1 entered promiscuous mode
[  503.057226][ T3566] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  503.142291][ T3566] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  503.223493][ T3566] usb 5-1: Product: syz
[  503.241203][ T3566] usb 5-1: Manufacturer: syz
[  503.256281][ T3566] usb 5-1: SerialNumber: syz
[  503.273250][ T3566] usb 5-1: config 0 descriptor??
[  503.287955][T10577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  503.296228][T10577] Cannot create hsr debugfs directory
[  503.337463][ T3566] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  503.364080][ T3566] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  503.729510][T10704] loop2: detected capacity change from 0 to 1024
[  503.759863][T10704] hfsplus: invalid catalog btree flag
[  503.776385][T10704] hfsplus: failed to load catalog file
[  503.899989][T10709] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  503.907108][T10709] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  504.017018][T10709] vhci_hcd vhci_hcd.0: Device attached
[  504.163335][T10718] loop2: detected capacity change from 0 to 512
[  504.192999][T10718] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  504.223874][T10718] EXT4-fs (loop2): 1 orphan inode deleted
[  504.223902][T10718] EXT4-fs (loop2): 1 truncate cleaned up
[  504.223924][T10718] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  504.308871][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  504.324015][T10710] vhci_hcd: connection closed
[  504.324265][ T4711] vhci_hcd: stop threads
[  504.334105][   T26] usb 10-1: SetAddress Request (8) to port 0
[  504.355560][   T26] usb 10-1: new SuperSpeed USB device number 8 using vhci_hcd
[  504.384837][ T4711] vhci_hcd: release socket
[  504.410218][ T4711] vhci_hcd: disconnect device
[  504.902992][ T3566] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  504.909644][ T3591] usb 5-1: USB disconnect, device number 20
[  504.990215][ T3591] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  505.296709][ T3566] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.376582][ T3566] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  505.650404][ T3566] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  505.872810][ T3566] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.111115][T10577] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  506.151878][ T3566] usb 3-1: config 0 descriptor??
[  506.241114][T10577] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  506.329646][T10577] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  506.355066][T10577] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  506.748153][ T3566] plantronics 0003:047F:FFFF.0017: ignoring exceeding usage max
[  506.879740][ T3566] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[  506.936294][ T3566] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  507.122652][T10758] loop0: detected capacity change from 0 to 1024
[  507.162276][T10758] hfsplus: invalid catalog btree flag
[  507.170071][T10758] hfsplus: failed to load catalog file
[  507.230865][T10577] 8021q: adding VLAN 0 to HW filter on device bond0
[  507.258125][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  507.267655][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  507.288126][T10577] 8021q: adding VLAN 0 to HW filter on device team0
[  507.303069][ T3634] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  507.338234][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  507.347283][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  507.375158][ T3627] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.382413][ T3627] bridge0: port 1(bridge_slave_0) entered forwarding state
[  507.470079][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  507.503664][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  507.517319][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  507.526212][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  507.533394][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  507.568883][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  507.580589][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  507.600655][T10767] loop4: detected capacity change from 0 to 512
[  507.638391][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  507.662272][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  507.677378][T10767] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  507.697431][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  507.707316][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  507.728122][T10577] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  507.742274][T10577] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  507.755250][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  507.765079][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  507.774267][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  507.784018][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  507.792850][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  507.807572][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  507.822628][T10767] EXT4-fs (loop4): 1 orphan inode deleted
[  507.885651][T10767] EXT4-fs (loop4): 1 truncate cleaned up
[  507.936547][T10767] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  508.041014][T10778] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  508.047624][T10778] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  508.075388][T10778] vhci_hcd vhci_hcd.0: Device attached
[  508.112455][T10779] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 2
[  508.140074][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  508.157741][ T4711] vhci_hcd: stop threads
[  508.157755][ T4711] vhci_hcd: release socket
[  508.157788][ T4711] vhci_hcd: disconnect device
[  508.490376][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  508.505012][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  508.540532][T10577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  508.609433][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  508.622350][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  508.675623][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  508.688110][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  508.709356][T10577] device veth0_vlan entered promiscuous mode
[  508.720667][ T3556] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  508.724102][ T3591] usb 3-1: USB disconnect, device number 19
[  508.762567][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  508.781235][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  508.791251][ T3564] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  508.817643][ T3564] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  508.828363][ T3556] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  508.840135][ T3564] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  508.847685][ T3556] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  508.953804][T10577] device veth1_vlan entered promiscuous mode
[  509.563037][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  509.638141][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  509.770379][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  509.772858][   T26] usb 10-1: device descriptor read/8, error -110
[  509.844259][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  509.908008][T10805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2093'.
[  509.942882][T10577] device veth0_macvtap entered promiscuous mode
[  510.003973][T10577] device veth1_macvtap entered promiscuous mode
[  510.129512][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.210520][   T26] usb usb10-port1: attempt power cycle
[  510.301197][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.460981][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.473827][T10816] loop2: detected capacity change from 0 to 512
[  510.510699][T10816] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  510.867602][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.878421][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.879186][T10816] EXT4-fs (loop2): 1 orphan inode deleted
[  510.889379][ T3564] Bluetooth: hci5: command tx timeout
[  510.896544][   T26] usb usb10-port1: unable to enumerate USB device
[  510.903249][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.917626][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.930169][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.945914][T10577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  510.963819][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  510.974755][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  510.983296][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  510.993307][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  511.002525][T10816] EXT4-fs (loop2): 1 truncate cleaned up
[  511.038355][T10816] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  511.056582][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  511.074545][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  511.103686][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  511.152325][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  511.164528][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  511.179465][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  511.194285][T10577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  511.213962][T10577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  511.231661][T10577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  511.241656][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  511.279747][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  511.303883][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  511.363300][T10577] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  511.405690][T10831] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  511.412381][T10831] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  511.433566][T10577] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  511.446387][T10831] vhci_hcd vhci_hcd.0: Device attached
[  511.497856][T10577] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  511.497902][T10577] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  511.755001][T10833] vhci_hcd: connection closed
[  511.756208][ T5577] usb 18-1: SetAddress Request (12) to port 0
[  511.774789][   T11] vhci_hcd: stop threads
[  511.807354][   T11] vhci_hcd: release socket
[  511.844349][   T11] vhci_hcd: disconnect device
[  511.849754][ T5577] usb 18-1: new SuperSpeed USB device number 12 using vhci_hcd
[  511.916208][ T5577] usb 18-1: enqueue for inactive port 0
[  511.981312][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  512.009729][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  512.047738][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  512.102627][T10794] chnl_net:caif_netlink_parms(): no params data found
[  512.156432][ T4711] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  512.215614][ T4711] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  512.339413][ T5577] usb usb18-port1: attempt power cycle
[  512.377928][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  512.757174][T10794] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.764807][T10794] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.789906][T10794] device bridge_slave_0 entered promiscuous mode
[  512.825286][T10794] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.841248][T10794] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.857505][T10794] device bridge_slave_1 entered promiscuous mode
[  512.879027][T10869] loop4: detected capacity change from 0 to 512
[  512.928816][T10869] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  512.977772][ T3564] Bluetooth: hci5: command tx timeout
[  513.922203][ T5577] usb usb18-port1: unable to enumerate USB device
[  513.929668][T10880] tty tty21: ldisc open failed (-12), clearing slot 20
[  514.006562][T10876] loop2: detected capacity change from 0 to 1024
[  514.071753][T10794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.092785][T10794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.093830][T10869] EXT4-fs (loop4): 1 orphan inode deleted
[  514.137334][T10876] hfsplus: invalid catalog btree flag
[  514.182255][T10876] hfsplus: failed to load catalog file
[  514.202912][T10869] EXT4-fs (loop4): 1 truncate cleaned up
[  514.227368][T10869] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  514.322946][T10794] team0: Port device team_slave_0 added
[  514.392625][T10889] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  514.399231][T10889] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  514.408015][T10889] vhci_hcd vhci_hcd.0: Device attached
[  514.416511][T10890] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  514.430359][T10794] team0: Port device team_slave_1 added
[  514.442298][ T4123] vhci_hcd: stop threads
[  514.467717][ T4123] vhci_hcd: release socket
[  514.467744][ T4123] vhci_hcd: disconnect device
[  514.518608][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  514.636200][T10794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  514.643209][T10794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.719317][T10794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  514.734485][T10794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  514.742296][T10794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.838280][T10794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  514.892381][T10905] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2120'.
[  515.046888][ T3564] Bluetooth: hci5: command tx timeout
[  515.061331][T10794] device hsr_slave_0 entered promiscuous mode
[  515.083405][T10794] device hsr_slave_1 entered promiscuous mode
[  515.092812][T10794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  515.100751][T10794] Cannot create hsr debugfs directory
[  515.323372][T10915] loop3: detected capacity change from 0 to 512
[  515.397668][T10915] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  515.825412][T10915] EXT4-fs (loop3): 1 orphan inode deleted
[  515.912074][T10916] loop4: detected capacity change from 0 to 1024
[  515.918832][T10915] EXT4-fs (loop3): 1 truncate cleaned up
[  515.924509][T10915] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  516.016518][T10923] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2127'.
[  516.040203][T10577] EXT4-fs (loop3): unmounting filesystem.
[  516.060659][T10916] hfsplus: invalid catalog btree flag
[  516.073785][T10916] hfsplus: failed to load catalog file
[  516.111276][T10923] bridge1: port 1(veth1_to_bond) entered blocking state
[  516.145795][T10923] bridge1: port 1(veth1_to_bond) entered disabled state
[  516.154349][T10923] device veth1_to_bond entered promiscuous mode
[  516.163157][T10923] bridge1: port 1(veth1_to_bond) entered blocking state
[  516.170484][T10923] bridge1: port 1(veth1_to_bond) entered forwarding state
[  516.464421][T10794] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.490687][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2133'.
[  516.691446][T10794] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.861084][T10954] loop2: detected capacity change from 0 to 512
[  516.874140][T10794] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.902353][T10954] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  516.959406][T10954] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.2139: casefold flag without casefold feature
[  516.979660][T10954] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.2139: missing EA_INODE flag
[  517.004803][T10954] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2139: error while reading EA inode 12 err=-117
[  517.018095][T10954] EXT4-fs (loop2): 1 orphan inode deleted
[  517.024106][T10954] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  517.101121][T10794] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.119154][ T9050] EXT4-fs (loop2): unmounting filesystem.
[  517.127002][ T3564] Bluetooth: hci5: command tx timeout
[  517.898445][T10967] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2142'.
[  517.995989][T10967] bridge1: port 1(veth1_to_bond) entered blocking state
[  518.023554][T10967] bridge1: port 1(veth1_to_bond) entered disabled state
[  518.059913][T10967] device veth1_to_bond entered promiscuous mode
[  518.075199][T10967] bridge1: port 1(veth1_to_bond) entered blocking state
[  518.082556][T10967] bridge1: port 1(veth1_to_bond) entered forwarding state
[  518.279226][T10794] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  518.336667][T10794] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  518.359076][T10794] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  518.388024][T10794] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  518.777647][T10794] 8021q: adding VLAN 0 to HW filter on device bond0
[  518.851831][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  518.869912][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  518.915754][T10794] 8021q: adding VLAN 0 to HW filter on device team0
[  519.209920][ T5577] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  519.539662][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  519.564825][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  519.584322][ T7667] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.591590][ T7667] bridge0: port 1(bridge_slave_0) entered forwarding state
[  519.603414][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  519.615389][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  519.624883][ T7667] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.632089][ T7667] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.641906][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  519.657150][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  519.668986][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  519.695592][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  519.714550][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  519.722839][ T5577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.769943][ T5577] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  519.785118][T10794] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  519.796031][T10794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  519.807978][ T5577] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  519.817164][ T5577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.828209][ T5577] usb 4-1: config 0 descriptor??
[  519.848918][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  519.864112][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  519.877861][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  519.886985][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  519.896082][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  519.905447][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  519.915530][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  519.924579][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  520.216298][ T3566] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  520.298404][ T5577] plantronics 0003:047F:FFFF.0018: ignoring exceeding usage max
[  520.334188][ T5577] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  520.360660][T11022] loop4: detected capacity change from 0 to 2048
[  520.380559][ T5577] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  520.459467][T11022] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  520.531869][   T27] audit: type=1800 audit(1719948642.682:66): pid=11022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2165" name="bus" dev="loop4" ino=18 res=0 errno=0
[  520.561291][T11022] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  520.562805][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  520.610882][T11022] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 4095 with max blocks 2 with error 28
[  520.626366][T11022] EXT4-fs (loop4): This should not happen!! Data will be lost
[  520.626366][T11022] 
[  520.646701][ T3566] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  520.666533][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  520.666861][ T3566] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  520.691058][T11022] EXT4-fs (loop4): Total free blocks count 0
[  520.696061][T10794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.724837][T11022] EXT4-fs (loop4): Free/Dirty block details
[  520.758939][T11022] EXT4-fs (loop4): free_blocks=2415919104
[  520.772946][T11022] EXT4-fs (loop4): dirty_blocks=32
[  520.782178][T11022] EXT4-fs (loop4): Block reservation details
[  520.793281][T11022] EXT4-fs (loop4): i_reserved_data_blocks=2
[  520.826426][ T3566] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  520.859203][ T3566] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  520.882011][ T3566] usb 3-1: SerialNumber: syz
[  520.902446][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  520.912740][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  520.922479][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  520.931524][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  520.948730][T10794] device veth0_vlan entered promiscuous mode
[  520.958687][T11009] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  520.969553][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  520.979578][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  520.992768][T10794] device veth1_vlan entered promiscuous mode
[  521.037580][ T3555] EXT4-fs (loop4): unmounting filesystem.
[  521.043438][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  521.054428][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  521.067087][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  521.077015][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  521.092610][T10794] device veth0_macvtap entered promiscuous mode
[  521.109458][T10794] device veth1_macvtap entered promiscuous mode
[  521.182713][T11009] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  521.216770][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.235978][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.252743][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.264195][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.283133][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.297628][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.309124][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.321125][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.332563][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.349411][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.392840][ T5577] usb 4-1: USB disconnect, device number 28
[  521.433589][T10794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  521.467325][T11030] kernel profiling enabled (shift: 9)
[  521.483640][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  521.515021][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  521.534037][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  521.545492][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  521.564419][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.575438][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.608662][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.619832][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.630589][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.641949][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.652902][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.664358][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.676229][T10794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.688379][T10794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.700764][T10794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  521.721485][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  521.730547][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  521.769440][ T3566] cdc_ether: probe of 3-1:1.0 failed with error -71
[  521.775534][T10794] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  521.785159][ T3566] usb 3-1: USB disconnect, device number 20
[  521.832352][T10794] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  521.845151][T10794] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  521.855636][T10794] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  521.867354][ T3564] Bluetooth: hci3: unexpected event for opcode 0x2060
[  522.006146][    C0] ==================================================================
[  522.014267][    C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[  522.021404][    C0] Read of size 8 at addr ffffc900001071a0 by task kworker/u4:1/11
[  522.029216][    C0] 
[  522.031545][    C0] CPU: 0 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.96-syzkaller #0
[  522.039520][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  522.049571][    C0] Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker
[  522.056523][    C0] Call Trace:
[  522.059802][    C0]  <IRQ>
[  522.062646][    C0]  dump_stack_lvl+0x1e3/0x2cb
[  522.067357][    C0]  ? nf_tcp_handle_invalid+0x642/0x642
[  522.072889][    C0]  ? panic+0x764/0x764
[  522.076994][    C0]  ? _printk+0xd1/0x111
[  522.081180][    C0]  print_report+0x15f/0x4f0
[  522.085685][    C0]  ? __virt_addr_valid+0xb9/0x520
[  522.090726][    C0]  ? profile_pc+0xa4/0xe0
[  522.095378][    C0]  kasan_report+0x136/0x160
[  522.099906][    C0]  ? profile_pc+0xa4/0xe0
[  522.104257][    C0]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[  522.110162][    C0]  profile_pc+0xa4/0xe0
[  522.114346][    C0]  profile_tick+0xee/0x170
[  522.118778][    C0]  tick_sched_timer+0x390/0x550
[  522.123651][    C0]  ? tick_setup_sched_timer+0x2f0/0x2f0
[  522.129211][    C0]  __hrtimer_run_queues+0x5a7/0xe50
[  522.134465][    C0]  ? hrtimer_interrupt+0x980/0x980
[  522.139602][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  522.145706][    C0]  hrtimer_interrupt+0x392/0x980
[  522.150657][    C0]  __sysvec_apic_timer_interrupt+0x156/0x580
[  522.156644][    C0]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  522.162277][    C0]  </IRQ>
[  522.165197][    C0]  <TASK>
[  522.168123][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  522.174109][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[  522.180617][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 c2 b8 4c f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 67 06 c9 f6 65 8b 05 08 13 6d 75 85 c0 74 3f 48 c7 04 24 0e 36
[  522.200225][    C0] RSP: 0018:ffffc900001071a0 EFLAGS: 00000206
[  522.206298][    C0] RAX: 3fbaf6e86be80700 RBX: 1ffff92000020e38 RCX: ffffffff816ad45a
[  522.214268][    C0] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: 0000000000000001
[  522.222256][    C0] RBP: ffffc90000107230 R08: dffffc0000000000 R09: fffffbfff2093861
[  522.230229][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  522.238196][    C0] R13: 1ffff92000020e34 R14: ffffc900001071c0 R15: 0000000000000246
[  522.246200][    C0]  ? mark_lock+0x9a/0x340
[  522.250533][    C0]  ? _raw_spin_unlock+0x40/0x40
[  522.255379][    C0]  ? __stack_depot_save+0x36/0x470
[  522.260517][    C0]  ref_tracker_alloc+0x2b5/0x470
[  522.265476][    C0]  ? ref_tracker_dir_print+0x150/0x150
[  522.270950][    C0]  ? dst_init+0xee/0x440
[  522.275199][    C0]  ? dst_alloc+0x155/0x190
[  522.279613][    C0]  ? ip6_pol_route+0xbeb/0x14e0
[  522.284520][    C0]  ? fib6_rule_lookup+0x265/0x620
[  522.289566][    C0]  ? ip6_route_output_flags+0xe1/0x350
[  522.295131][    C0]  ? ip6_dst_lookup_tail+0x196/0x11f0
[  522.300619][    C0]  ? ip6_dst_lookup_flow+0xb5/0x170
[  522.305848][    C0]  ? send6+0x5b0/0xac0
[  522.309932][    C0]  ? wg_socket_send_skb_to_peer+0x111/0x1d0
[  522.315840][    C0]  ? wg_packet_handshake_send_worker+0x1d9/0x310
[  522.322180][    C0]  ? process_one_work+0x8a9/0x11d0
[  522.327472][    C0]  ? worker_thread+0xa47/0x1200
[  522.332417][    C0]  ? kthread+0x28d/0x320
[  522.336667][    C0]  ? ret_from_fork+0x1f/0x30
[  522.341280][    C0]  ? slab_post_alloc_hook+0x71/0x3a0
[  522.346640][    C0]  dst_init+0xee/0x440
[  522.350721][    C0]  ? ipv6_sysctl_rtcache_flush+0xf0/0xf0
[  522.356370][    C0]  dst_alloc+0x155/0x190
[  522.360630][    C0]  ip6_pol_route+0xbeb/0x14e0
[  522.365318][    C0]  ? ip6_pol_route+0x156/0x14e0
[  522.370175][    C0]  ? trace_fib6_table_lookup+0x270/0x270
[  522.375820][    C0]  fib6_rule_lookup+0x265/0x620
[  522.380769][    C0]  ? ip6_route_output_flags_noref+0x3a0/0x3a0
[  522.386865][    C0]  ? fib6_lookup+0x400/0x400
[  522.391479][    C0]  ? arch_stack_walk+0x10d/0x140
[  522.396453][    C0]  ? __ipv6_addr_type+0x234/0x2e0
[  522.401496][    C0]  ? ip6_route_output_flags_noref+0x23b/0x3a0
[  522.407580][    C0]  ? ip6_route_output_flags+0x28/0x350
[  522.413082][    C0]  ip6_route_output_flags+0xe1/0x350
[  522.418534][    C0]  ip6_dst_lookup_tail+0x196/0x11f0
[  522.423748][    C0]  ? ip6_dst_lookup+0x60/0x60
[  522.428785][    C0]  ? wg_socket_send_buffer_to_peer+0x34/0x170
[  522.434854][    C0]  ? wg_packet_handshake_send_worker+0x1d9/0x310
[  522.441188][    C0]  ? read_lock_is_recursive+0x10/0x10
[  522.446573][    C0]  ip6_dst_lookup_flow+0xb5/0x170
[  522.451601][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  522.457064][    C0]  ? dst_cache_get_ip6+0xb7/0xe0
[  522.462008][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  522.467480][    C0]  send6+0x5b0/0xac0
[  522.471386][    C0]  ? send6+0x29f/0xac0
[  522.475477][    C0]  ? send4+0xf80/0xf80
[  522.479658][    C0]  ? wg_socket_send_skb_to_peer+0x56/0x1d0
[  522.485506][    C0]  wg_socket_send_skb_to_peer+0x111/0x1d0
[  522.491326][    C0]  wg_packet_handshake_send_worker+0x1d9/0x310
[  522.497517][    C0]  ? wg_prev_queue_dequeue+0x210/0x210
[  522.503056][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  522.509087][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  522.514297][    C0]  ? process_one_work+0x7a9/0x11d0
[  522.519433][    C0]  process_one_work+0x8a9/0x11d0
[  522.524386][    C0]  ? worker_detach_from_pool+0x260/0x260
[  522.530146][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  522.536271][    C0]  ? kthread_data+0x4e/0xc0
[  522.540820][    C0]  ? wq_worker_running+0x97/0x190
[  522.545859][    C0]  worker_thread+0xa47/0x1200
[  522.550557][    C0]  kthread+0x28d/0x320
[  522.554642][    C0]  ? worker_clr_flags+0x190/0x190
[  522.559672][    C0]  ? kthread_blkcg+0xd0/0xd0
[  522.564277][    C0]  ret_from_fork+0x1f/0x30
[  522.568737][    C0]  </TASK>
[  522.571888][    C0] 
[  522.574256][    C0] The buggy address belongs to stack of task kworker/u4:1/11
[  522.581723][    C0]  and is located at offset 0 in frame:
[  522.587276][    C0]  _raw_spin_unlock_irqrestore+0x0/0x130
[  522.592951][    C0] 
[  522.595269][    C0] This frame has 1 object:
[  522.599674][    C0]  [32, 40) 'flags.i.i.i.i'
[  522.599686][    C0] 
[  522.606679][    C0] The buggy address belongs to the virtual mapping at
[  522.606679][    C0]  [ffffc90000100000, ffffc90000109000) created by:
[  522.606679][    C0]  copy_process+0x637/0x4060
[  522.624498][    C0] 
[  522.626823][    C0] The buggy address belongs to the physical page:
[  522.633689][    C0] page:ffffea0004ffb680 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13feda
[  522.644120][    C0] flags: 0x17ff00000000000(node=0|zone=2|lastcpupid=0x7ff)
[  522.651337][    C0] raw: 017ff00000000000 0000000000000000 dead000000000122 0000000000000000
[  522.659924][    C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  522.668631][    C0] page dumped because: kasan: bad access detected
[  522.675193][    C0] page_owner tracks the page as allocated
[  522.680915][    C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(), pid 1, tgid 1 (swapper/0), ts 2514533560, free_ts 0
[  522.693989][    C0]  register_early_stack+0x86/0xe0
[  522.699013][    C0]  init_page_owner+0x3a/0x7db
[  522.703705][    C0]  page_ext_init+0x727/0x782
[  522.708308][    C0]  kernel_init_freeable+0x450/0x60f
[  522.713511][    C0] page_owner free stack trace missing
[  522.718894][    C0] 
[  522.721213][    C0] Memory state around the buggy address:
[  522.726850][    C0]  ffffc90000107080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.734922][    C0]  ffffc90000107100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.743020][    C0] >ffffc90000107180: 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00
[  522.751081][    C0]                                ^
[  522.756176][    C0]  ffffc90000107200: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[  522.764231][    C0]  ffffc90000107280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.772299][    C0] ==================================================================
[  522.780362][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  522.787642][    C0] CPU: 0 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.96-syzkaller #0
[  522.795748][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  522.806526][    C0] Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker
[  522.813477][    C0] Call Trace:
[  522.816784][    C0]  <IRQ>
[  522.819621][    C0]  dump_stack_lvl+0x1e3/0x2cb
[  522.824308][    C0]  ? nf_tcp_handle_invalid+0x642/0x642
[  522.829788][    C0]  ? panic+0x764/0x764
[  522.833971][    C0]  ? rcu_is_watching+0x11/0xb0
[  522.838931][    C0]  ? lock_release+0xd6/0xa20
[  522.843625][    C0]  ? vscnprintf+0x59/0x80
[  522.848000][    C0]  panic+0x318/0x764
[  522.851902][    C0]  ? __wake_up_klogd+0xcc/0x100
[  522.856757][    C0]  ? check_panic_on_warn+0x1d/0xa0
[  522.861871][    C0]  ? memcpy_page_flushcache+0xfc/0xfc
[  522.867246][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  522.872444][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  522.878339][    C0]  ? _raw_spin_unlock+0x40/0x40
[  522.883202][    C0]  check_panic_on_warn+0x7e/0xa0
[  522.888144][    C0]  ? profile_pc+0xa4/0xe0
[  522.892471][    C0]  end_report+0x66/0x110
[  522.896747][    C0]  kasan_report+0x143/0x160
[  522.901263][    C0]  ? profile_pc+0xa4/0xe0
[  522.905607][    C0]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[  522.911592][    C0]  profile_pc+0xa4/0xe0
[  522.915766][    C0]  profile_tick+0xee/0x170
[  522.920218][    C0]  tick_sched_timer+0x390/0x550
[  522.925074][    C0]  ? tick_setup_sched_timer+0x2f0/0x2f0
[  522.930675][    C0]  __hrtimer_run_queues+0x5a7/0xe50
[  522.935914][    C0]  ? hrtimer_interrupt+0x980/0x980
[  522.941074][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  522.947480][    C0]  hrtimer_interrupt+0x392/0x980
[  522.952558][    C0]  __sysvec_apic_timer_interrupt+0x156/0x580
[  522.958546][    C0]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  522.964184][    C0]  </IRQ>
[  522.967113][    C0]  <TASK>
[  522.970039][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  522.976024][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[  522.982530][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 c2 b8 4c f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 67 06 c9 f6 65 8b 05 08 13 6d 75 85 c0 74 3f 48 c7 04 24 0e 36
[  523.002162][    C0] RSP: 0018:ffffc900001071a0 EFLAGS: 00000206
[  523.008265][    C0] RAX: 3fbaf6e86be80700 RBX: 1ffff92000020e38 RCX: ffffffff816ad45a
[  523.016334][    C0] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: 0000000000000001
[  523.024313][    C0] RBP: ffffc90000107230 R08: dffffc0000000000 R09: fffffbfff2093861
[  523.032376][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  523.040361][    C0] R13: 1ffff92000020e34 R14: ffffc900001071c0 R15: 0000000000000246
[  523.048341][    C0]  ? mark_lock+0x9a/0x340
[  523.052679][    C0]  ? _raw_spin_unlock+0x40/0x40
[  523.057560][    C0]  ? __stack_depot_save+0x36/0x470
[  523.062674][    C0]  ref_tracker_alloc+0x2b5/0x470
[  523.067614][    C0]  ? ref_tracker_dir_print+0x150/0x150
[  523.073088][    C0]  ? dst_init+0xee/0x440
[  523.077358][    C0]  ? dst_alloc+0x155/0x190
[  523.081774][    C0]  ? ip6_pol_route+0xbeb/0x14e0
[  523.086626][    C0]  ? fib6_rule_lookup+0x265/0x620
[  523.091670][    C0]  ? ip6_route_output_flags+0xe1/0x350
[  523.097149][    C0]  ? ip6_dst_lookup_tail+0x196/0x11f0
[  523.102556][    C0]  ? ip6_dst_lookup_flow+0xb5/0x170
[  523.107768][    C0]  ? send6+0x5b0/0xac0
[  523.111830][    C0]  ? wg_socket_send_skb_to_peer+0x111/0x1d0
[  523.117730][    C0]  ? wg_packet_handshake_send_worker+0x1d9/0x310
[  523.124059][    C0]  ? process_one_work+0x8a9/0x11d0
[  523.129174][    C0]  ? worker_thread+0xa47/0x1200
[  523.134022][    C0]  ? kthread+0x28d/0x320
[  523.138257][    C0]  ? ret_from_fork+0x1f/0x30
[  523.142854][    C0]  ? slab_post_alloc_hook+0x71/0x3a0
[  523.148149][    C0]  dst_init+0xee/0x440
[  523.152230][    C0]  ? ipv6_sysctl_rtcache_flush+0xf0/0xf0
[  523.157885][    C0]  dst_alloc+0x155/0x190
[  523.162140][    C0]  ip6_pol_route+0xbeb/0x14e0
[  523.166917][    C0]  ? ip6_pol_route+0x156/0x14e0
[  523.171804][    C0]  ? trace_fib6_table_lookup+0x270/0x270
[  523.177460][    C0]  fib6_rule_lookup+0x265/0x620
[  523.182316][    C0]  ? ip6_route_output_flags_noref+0x3a0/0x3a0
[  523.188387][    C0]  ? fib6_lookup+0x400/0x400
[  523.192993][    C0]  ? arch_stack_walk+0x10d/0x140
[  523.197951][    C0]  ? __ipv6_addr_type+0x234/0x2e0
[  523.202999][    C0]  ? ip6_route_output_flags_noref+0x23b/0x3a0
[  523.209093][    C0]  ? ip6_route_output_flags+0x28/0x350
[  523.214571][    C0]  ip6_route_output_flags+0xe1/0x350
[  523.219968][    C0]  ip6_dst_lookup_tail+0x196/0x11f0
[  523.225230][    C0]  ? ip6_dst_lookup+0x60/0x60
[  523.229934][    C0]  ? wg_socket_send_buffer_to_peer+0x34/0x170
[  523.236065][    C0]  ? wg_packet_handshake_send_worker+0x1d9/0x310
[  523.242535][    C0]  ? read_lock_is_recursive+0x10/0x10
[  523.247950][    C0]  ip6_dst_lookup_flow+0xb5/0x170
[  523.252977][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  523.258455][    C0]  ? dst_cache_get_ip6+0xb7/0xe0
[  523.263424][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  523.268996][    C0]  send6+0x5b0/0xac0
[  523.272937][    C0]  ? send6+0x29f/0xac0
[  523.277007][    C0]  ? send4+0xf80/0xf80
[  523.281077][    C0]  ? wg_socket_send_skb_to_peer+0x56/0x1d0
[  523.287235][    C0]  wg_socket_send_skb_to_peer+0x111/0x1d0
[  523.292972][    C0]  wg_packet_handshake_send_worker+0x1d9/0x310
[  523.299138][    C0]  ? wg_prev_queue_dequeue+0x210/0x210
[  523.304647][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  523.310573][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  523.315783][    C0]  ? process_one_work+0x7a9/0x11d0
[  523.320943][    C0]  process_one_work+0x8a9/0x11d0
[  523.325917][    C0]  ? worker_detach_from_pool+0x260/0x260
[  523.331571][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  523.337131][    C0]  ? kthread_data+0x4e/0xc0
[  523.341659][    C0]  ? wq_worker_running+0x97/0x190
[  523.346705][    C0]  worker_thread+0xa47/0x1200
[  523.351388][    C0]  kthread+0x28d/0x320
[  523.355449][    C0]  ? worker_clr_flags+0x190/0x190
[  523.360468][    C0]  ? kthread_blkcg+0xd0/0xd0
[  523.365060][    C0]  ret_from_fork+0x1f/0x30
[  523.369489][    C0]  </TASK>
[  523.372826][    C0] Kernel Offset: disabled
[  523.377183][    C0] Rebooting in 86400 seconds..