last executing test programs:

43.381808375s ago: executing program 0 (id=1715):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000940)={[{@user_xattr}]}, 0x0, 0x57c, &(0x7f0000000380)="$eJzs3d9rW1UcAPDvTdOtW6frYAz1QQp7sDKXrq0/JghOEEF0OND3GdqsjKbLaNKx1sG2B/fiiwxBxIH4B/ju4/Af8K8Y6GDIKPrgS+QmN11sk/5aa+ry+cDdzrn3Zud8c+45OfeehAXQt0bTP3IRL0bE10nE0bZj+cgOjjbPW3l8YzrdkqjXP/0jiSTb1zo/yf4ezjIvRMQvX0acyq0vt7q0PFcsl0sLWX68Nn91vLq0fPryfHG2NFu6Mjk1dfaNqcm333pz12J99cJf331y/8OzX51c+fanh8fuJnEujmTH2uNY5/3hrRZxqz0zGqPZezIY59acOLGtmu9/Sa8rwI4MZP18MNIx4GgMRF5TQp+4GRF1oE8l+j/0qdY8oHVvv+F98DPo0XvNG6D18eebz0ZiqHFvdHglyZ6HNKU3SSO7UH5axs+/37ubbrHJc4ibu1AeQMut2xFxJp9fP/4l2fi3c2caD483traMfvv8gV66n85/Xus0/8mtzn+iw/xnuEPf3YnN+3/u4S4U01U6/3un4/x3degaGchyzzXmfIPJpcvl0pmIeD4ixmLwYJrfaD3n7MqDerdj7fO/dEvLb80Fs3o8zB/892tmirXi08Tc7tHtiJc6zn+T1fZPOrR/+n5c2GIZJ0r3Xu52bPP491b9x4hXOrb/k2WQZO36ZHboVnN9crxxPYy3ror1/rxz4tdu5Y990Nv40/Y/vHH8I0n7em11+2X8MPR3qduxnV7/B5LPGukD2b7rxVptYSLiQPLx+v2TT17byrfOT+MfO7nx+Nfp+j8UEZ9vMf47x+90PbXX138a/8y22n/7iQcfffF9t/K31v6vN1Jj2Z5O4199zarlViv41G8gAAAAAAAA7CO5iDgSSa6wms7lCoXm9zuOx+FcuVKtnbpUWbwyE43fyo7EYK610n207fsQE9n3YVv5yTX5qYg4FhHfDBxq5AvTlfJMr4MHAAAAAAAAAAAAAAAAAACAfWK4y+//U78N9Lp2wJ7L97oCQM9s2v934396AvYln//Qv/R/6F/6P/Qv/R/6l/4P/Uv/h/6l/0P/avT/oV7XAgAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4ZF86fT7f6yuMb02l+5trS4lzl2umZUnWuML84XZiuLFwtzFYqs+VSYboyv9m/V65Urk5MxuL18VqpWhuvLi1fnK8sXqldvDxfnC1dLA3+J1EBAAAAAAAAAAAAAAAAAADA/0t1aXmuWC6XFiS6Jt6NfVGNvQywaUcvz++XKCS6JoZ20Lg9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM0/AQAA//956jNb")
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = syz_open_dev$video(&(0x7f0000000180), 0x800, 0x0)
ioctl$VIDIOC_STREAMOFF(r3, 0x40045613, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r6, &(0x7f0000000080)='x', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC])
syz_open_dev$media(&(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x43)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000001680)=0x7e)
r7 = fspick(r1, &(0x7f00000000c0)='./file0\x00', 0x0)
fsmount(r7, 0x0, 0x2)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000a80)=0xff)

41.425718585s ago: executing program 0 (id=1716):
creat(&(0x7f0000001180)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x0, 0x0, 0x0)
mq_getsetattr(r0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa03e, 0x0, &(0x7f0000006680))
r1 = syz_open_dev$radio(&(0x7f0000000400), 0x2, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f0000000080)={0x8000, 0x1})
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000340)={0x3, &(0x7f0000000180)=[{0x0, 0x2, 0x9}, {0xfff9, 0x0, 0x1, 0x42}, {0x6, 0x80, 0x4, 0x2}]}, 0x10)
socket(0x1, 0x3, 0x57)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f0000003180)=@nullb, 0x0, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r2, &(0x7f0000000100)={{0x3, @default}, [@null={0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x6, 0x6}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f0000000dc0)={0x2})
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c00", @ANYRES16=r3, @ANYBLOB="470d00000000000700000a0000000400018004000588"], 0x1c}, 0x1, 0x0, 0x0, 0x24000888}, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e06006220"], 0x9)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYRESHEX], 0x102)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
creat(0x0, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
shutdown(0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x4d)
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x8, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='gfs2\x00', 0x0, 0x0)

39.533269284s ago: executing program 0 (id=1718):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000004c0))
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff2e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'rose0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x3)
r6 = getpgrp(r1)
write$cgroup_pid(r4, &(0x7f0000000100)=r6, 0x12)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x101c802, &(0x7f00000008c0)=ANY=[@ANYBLOB="63727566742c626c6f636b3d307830303030303030303030303030383030006e6f726f2c636865636b3d7074726963742c6e6f726f636b48636865636b497265b06bdd5558f56ca081cf97c3832b61786564416d6f64653dc282d2e0e8fb3d3078729830303030303030303030303000000000000000006b2c646d6f64653d3099532f6f666666666666666666666666372c6d61703d6f66662c6e6f636f6d70326573732c6673757569643d62353632356230662d506635612d393061622d316334372d39393837636537382c00bc6a9551090d90200babc4f59b2f3828441fa9e0d3d3848d5265d406fb6a4376e8f2aeb0308341d2c19e3291d57e6e42ded55f6f9819fc8b42ef0a0196dbb3cac1cbd601ea9647883209b39b09f032b3a35d6f080416d377b98fafddac4cbe0cf71878c3"], 0x5, 0x66f, &(0x7f0000000240)="$eJzs3VtrG+kdx/HfyLKteEtY2hJCyCZPki44NFVG8sZBpNBVRyN7WkkjZuRiQ2FJN/YSImfbJIXGN4tveoDtG+jd3vSiL6LQ676L3rWwtHeF3qjMSQfrZG0cZw/fj9nVaOY/z/OfGWX+jK15RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZTs+2SpYbX2tk10zm1wG/OWJ60tqzbycTtuf1KVvSfCgVdTmZd/u5g8aXofzd1NXl3VYXopaCjty69/eA7+Vy2/oyEvggt2uDzl0dPHna7+89OEbukhZt/k5Q7RdCW2/JC32tWt1zjhb6pbG7ad7froal7DTfcCztu0ziBm+v4gVl3bptSpbJh3OKev9PaqlUbbjbz/g/Ktr1pfrKaHGhJxdDZ9hoNr7UVx0SLo5j75tOfJwFutWnMwePu/sa8JKOg0mmCyvOCyna5XCqVy6XNe5V79207PzbDjlh2n8YizvxDi6+Yszt5A68oF9X/f1hSQwW1tKNdmYk/jmoK5Ks5ZXkqq//v3nUHneTH+x2u/1mVvyz9KF18RXH9v5a8uzat/k/JxcjEK0xaYk2Zv9jPctrKc73UkZ7oobrqal/PzqBtI3P9TFo5h58tuWrJUyhfnpqqxnNMOseook1tytYH2lZdoYzq8tSQq1B7CtWRG3+iHAVyVVVHvgIZrcvRbRmVVFFFGzJyVdSefO2opS3VVNV/e73egR7H+31jRo7KgkpTAlaHg8ozWppW/3/xSfI5Teu/Tf3/pko+B6vpWWxWDPAl0Euv/xd0/fVkAwAAAAAAXgcr/u27Ff/t/h1JPdW9hmu/6bQAAAAAAMAZstRb1VVZir/Spndkcf0PAAAAAMDXjRXfY2dJWou/1G8N7oQ6zS8Bls4hRQAAAAAA8IriO/+vrUi9eNCK67IWuv4HAAAAAABfAb8fGmM/n42x28v+rJ+TFLZXrb/+e1XBsnXc3v2edViNllQP05ixbwB06lesi+lAvfHLiqT4neP2g9NBMPvjDn5+MG+sfys4kcDK0nADUxKwop438+k7faobySo3VpLYR0c5xUuSXtbqXsMtOn7jQUnV6sVcx93t/Prp499IQT/1g8fd/eKHH3cfxbkcR7OOD6NGPxlJJzd5ZwxyeRGPtxDfczFpiy+onnX5h1ZzzYr7tbPtX1L1MDfc0awDMOjzt7qZHLOba0ns2lF/xP1oFxSi7S8V40M2svXBsjXIonRyyycdiClZFOIsbiUxt9ZvJS9ZflE7Oavw/SWpXBw/BiNZlIezmL8vrP+M7YtZWaT7YiPK4m9RQ1Oy2Fgsi7EjAgBvysGgCsWDmI/V3aw8ZCe1L1R35lf390er+4s/9XrxCktSPv3bxMxeCorO6OtWXIdWkicO5K9MOKPbaV0paMoZ3X6F6hb19ZfBM5DStMey+F+v13tQivv944mq+lm0wmdT+w0b5aVoF959cfjLeAD8yEf7H+0/LZc3Nu33bPteWcvxZqQvS6L2AADGzH/GztwI6z3dSCJuPPrXu8nUSMX7dv8rBUV9qI/V1SPdyR4hcH1yq2tDX0O4k1y1auiq1Vx6+8EF6WRsSXemXtXFtXQottyPXVa2ymilHsRuvOajAADA+bo5pw5Prv+Fkfp/R+tJxPqVidfdo7X85BOCp8WW5if//lnvDQAAvhnc4HNrrfM7Kwi89gelSqVU7Wy7JvCdn5rAq225xmt13MDZrra2XNMO/I7v+A3TDrTq1dzQhDvtth90TN0PTNsPvd34ye8mffR76DarrY7nhO2GWw1d4/itTtXpmJoXOqa98+OGF267Qbxy2HYdr+451Y7nt0zo7wSOWzQmdN2hQK/mtjpe3YsmW6YdeM1qsGd+5jd2mq6puaETeO2OnzSY9eW16n7QjJstqrfwgw4BAPg6ev7y6MnDbnf/2YyJY82PSSdWJjTIGEEAAHzJDMr1AisVXmNCAAAAAAAAAAAAAAAAAAAAAABgzGnu/1toYnnSzYJSf86vLp6qHUtnndgiE7lF18puiTh68vcZwRf6c7LdPxxzfG4b+M9vSW/Fc5TMyZ99XxfivXF+B+6HB8kenRoTLZy4aLV/LPJz/jlko0csmOHTP09Z1Ov1erNXXx3ta2XWBo5O5CU9W3mFQ3DOJyIA5+7/AQAA//+tXje4")
r7 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r7, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ipv6_route\x00')
pread64(r8, &(0x7f0000000240)=""/206, 0xce, 0x80000000)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x7fffdf004000})

38.529014007s ago: executing program 0 (id=1719):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x802, &(0x7f0000000040), 0x1, 0x510, &(0x7f0000000f40)="$eJzs3V1rXGkdAPD/mWRi2mZNVr1YC9td3JV00c4kG3c3eLFbQfRqQa33NSaTEDLJhMykbUIpKX4AQUQLXnnljeAHEKTgFxChoPfiK760eiGiHjlnZtomncmkNpNpJ78fnJznvMz5/5/J5OR5znk4E8Cp9XpEXI6IkYh4KyImW+sLrenuhYjYa+734P7NxWxKIk2v/DWJpLWufaykNT/XfEmMR8TXvhzxzeTJuPWd3bWFarWy1VouN9Y3y/Wd3Uur6wsrlZXKxtzc7Lvz782/Mz/TOfFbf/nX+aeoZ1av97/4++99+0dfev9nn73+m6t/ungrS2uitf3xehynZtWL+XvRNhoRW/0INgAjrfoUB50IAABHkrXxPxYRn8rb/5MxkrfmAAAAgGGSfjAR/04i0jRNb6f7/KG9CwAAAPBiK+RjYJNCqTUWYCIKhVKpOYb3E3G2UK3VG59Zrm1vLDXHyk5FsbC8Wq3MtMbUTkUxyZZn8/Kj5bcPLM9FxMsR8d3JM/lyabFWXRrwtQ8AAAA4Lc4d6P//Y7LZ/wcAAACGzNSgEwAAAAD6Tv8fAAAAhp/+PwAAAAy1r3z4YTal7e+/Xrq2s71Wu3ZpqVJfK61vL5YWa1ubpZVabSV/Zt96r+NVa7XNz8XG9o1yo1JvlOs7u1fXa9sbjaur+74CGwAAADhBL79299dJROx9/kw+ZcZa25KDO4+ddHZAPxWeZuff9S8P4OSNDDoBYGBGB50AMDDFQScADNwT1/oO6Dp45xfHnwsAANAf05/sfv/ftQEYbk91/x8YKu7/w+nl/j+cXkUtADj1Ptpj+7Pf/0/TnscCAAD6aiKfkkKpdS9wIgqFUinipfxrAYrJ8mq1MtPqH/xqsviRbHk2f2XSc8wwAAAAAAAAAAAAAAAAAAAAAAAAANCUpkmkAAAAwFCLKPwxyZ/mHzE9+ebEwesDY8k/J1vF5PoPrnz/xkKjsTWbrf9bvn4sIhp3WuvfPvHLFwAAAMBDew9L7X56ux8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMfpwf2bi+2px66vHWfcP38hIqY6xR+N8Xw+HsWIOPv3JEYfe10SESPHEH/vdkS80il+ElMjWWrNLDrFP9Pv+PlbM/5qmqZPxM/qfu4Y4sNpdjc7/1zu9PdXiNfzeee//9HW9Ky6n/8KD89/I13OPy8dMcb5ez8pd41/O+L8aOfzTzt+0iX+G0eM/42v7+5225b+MGK64/+fZF+scmN9s1zf2b20ur6wUlmpbMzNzb47/978O/Mz5eXVaiX7eTlmOsb4zqs//e9h9T/b5f/fVI/6v5kVir3r/597N+5/vFksHjhEHv/iG51//68cEj/7THw636t5oOl2eS8v78vqwo9/eeGw+i91ef97/f4v9qr4B83ZW1/91m977QoAnJz6zu7aQrVa2ep74U6aps9ynHZ78ARSPY7C2IuT6uOF9ufiecnneStkbeznII0T/CQAAADD4lGjf9CZAAAAAAAAAAAAAAAAAAAAwOl15OeB/fz/f5zYwZh7g6kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCh/hcAAP//cnXL5A==")
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000005c0)=[@in={0x2, 0x0, @private=0xa010101}, @in6={0xa, 0x4e23, 0x9, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0xfffffff7}]}, &(0x7f0000000100)=0x6f)
getpeername$packet(r3, &(0x7f00000001c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000240)={'syztnl0\x00', <r5=>0x0, 0x2f, 0x3e, 0x40, 0x2, 0x10, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00', 0x40, 0x20, 0x7fff, 0x7f16}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'bond0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x2}]}}}]}, 0x3c}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)=@RTM_DELMDB={0x98, 0x55, 0x4, 0x70bd26, 0x25dfdbfd, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r5, 0x1, 0x2, 0x2, {@in6_addr=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x6, 0x1, {@ip4=@broadcast, 0x1800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@ip4=@empty, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x1, 0x3, {@in6_addr=@private2, 0x436e}}}]}, 0x98}, 0x1, 0x0, 0x0, 0x40845}, 0x100010e0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r2}, 0x8)
getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000700)=""/239, &(0x7f0000000540)=0xef)
r10 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, &(0x7f0000000840)={0x0, 0x3, 0x7f, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x8, 0x3, 0x2)
r11 = fsmount(0xffffffffffffffff, 0x1, 0x5)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
r13 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r13, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r14=>0x0}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r12, 0x84, 0x6d, &(0x7f00000000c0)={r14, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r11, 0x84, 0x6f, &(0x7f0000000580)={r14, 0x84, &(0x7f0000000600)=[@in={0x2, 0x4e24, @local}, @in6={0xa, 0x4e23, 0xffffffff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, @in6={0xa, 0x4e24, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7fffffff}, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e21, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb9}, @in={0x2, 0x4e22, @local}]}, &(0x7f0000000800)=0x10)
socket$inet(0x2, 0x80001, 0x84)

36.964344889s ago: executing program 0 (id=1722):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, 0x43, &(0x7f0000000180), 0x0, 0x0, 0x0, &(0x7f0000000240), 0x8, 0x7a, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x4b, [0x0, 0x0, 0x0, 0x2b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8fca], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0xa90d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a04020000000000000000020000090900010073797a30000000003c0000000e0a0101000000000000000003000008080004400000000108000440000000010900020073797a31000000000900020073797a300000000014000000000000000af35dd03e3009da38de7d463ae9bc5fb4de3746904a41f65de686bed36900d008f69c73462851202590693528af1c204569cf090a783c99c5cc6124243e393a29295f99d88a2e659214dcb768d5d0c01870c137398a0210e7e4c38007788d7da8dac1a49f03d6bd51caff067a52b170b36d952fc0b3ad4cd2258ac06b07e526bfcda00356533252ab330ac4b5d5e47bc06796fea6878abac92147b3c5bac2a466f36e5ffb28b37a9f3aea73716004ff1c8be2a481d3515a2f43f7b04afbcd34de99a350980bc7912b0e0fd356fac273af30af9e9b815524052dcaaa89456fc83b6ae04113b3dd318374e28730005efa039da073fe53b3f9944339ecccf08d000000000000000000000083377f06680ddcebda3eb2650450e78a0a277de74dbd67af5684350706e5ee34df550442597265d2ab2874d0716c4a0827c8e4f8067a4010d3a5f568ca724d1268c0fb11d91838379d7e6ee70680bc44a47bb6a28f5f23cecb3d38807c71f56ac92ad155b0ed8430da29e4a08c1a20be3d91fcb030c10e92392aae7612e1e507a6c2dcd3bb67b8b3abcdd0b2be64daffe0a89fc2ea7502e29afc255bbbb930bce1c40a9af0c377372f29c525b31e90eb4db79eb3ca72afc5824809273087bc5c666c385a88"], 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x20000040)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x1, 0x0)
syz_io_uring_setup(0x360b, &(0x7f0000001040), 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r4, &(0x7f0000001400)=[{{&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000001c00)='{', 0x1}], 0x1}}], 0x1, 0x0)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
r6 = dup(r5)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r6, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
socket$inet(0x2, 0x80001, 0x84)

32.133996796s ago: executing program 0 (id=1727):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000a80)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000e00)=ANY=[@ANYBLOB="000000004c9002000c0000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
clock_getres(0x2, 0x0)
ioctl(r1, 0x8b2c, &(0x7f0000000040))
r3 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r7 = syz_open_pts(r6, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0x110, r3, 0x4f840000)
ioctl$TCSETAW(r7, 0x5407, &(0x7f0000000a40)={0x7bfe, 0x7fff, 0x4, 0x1000, 0x10, "00000000f7627c7f"})
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000500))
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x0)
ioctl$KDFONTOP_SET_DEF(r6, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0xc, 0x1d, 0x1bc, 0x0})
ioctl$TIOCSBRK(r7, 0x5427)
epoll_create1(0x80000)

29.383135681s ago: executing program 1 (id=1731):
r0 = socket$alg(0x26, 0x5, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
io_cancel(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket(0x1, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0x0)
preadv(r3, 0x0, 0x0, 0xf1a, 0x3)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="300000007100010000000000000000000700", @ANYRES32, @ANYBLOB="0c00018008000100000004000c0002"], 0x30}}, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r5 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000002ec0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10041, 0x0)

19.113136603s ago: executing program 1 (id=1743):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x5}, [@printk={@lld}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
r4 = eventfd2(0x0, 0x0)
write$eventfd(r4, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000400)={0x2020}, 0x2020)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x10, &(0x7f0000001080)=[{0x0}], 0x1}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r6, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1eaa00000000000279101000000000009500003a97b7c2e7"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0xa0021, &(0x7f00000025c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="80cebf7792536fbff94a68", @ANYRESHEX, @ANYRESDEC, @ANYRES16, @ANYRESHEX=r6, @ANYRES8=r9, @ANYRESDEC, @ANYRES16=r10], 0x1, 0x1e3, &(0x7f00000001c0)="$eJzslc1qE1EUx3935qZpNIuuXVUtthttMwXxDewD+ACGdKzFxI9OQBMKRjduXIgvUfApXAi6dyEiuKkLBV1UXFVk5M49c71Di2NBLYH7h3DO+Z97vmYy517P7mRN4Mfedo85CijavFMKDSwqy+3PWPlVZC74qK3dEf6ZyA8is9H49WOrjm90+/10KxvVKEpB3ZmKcpDShxSTRutTv3pYZRR/2Md/V4axHemg60mFaR52RmI59il+p8wf4X9jJ7XKtzb4rk9/u7EG/3p2cMz3dv1revvUvs6CyfPqmVjCW1Qfy/Qp0ZGiMmR9ZZcfRHwpjDd72z2jXJUtZrh1+ys/ieKMMV54Z05pmICKyV0eXWxLWASWh4Pby9lofH5z0N1IN9KbSbJ6ceXlSflE8/uw2U9XlNdGZJRyLwHmO215/gbw/pd/ggfltWZwApTsXJeyXM5LZ73AFkRerJ/D5n3u6jeFixlwhXPMAncnah4S7NNawGTTXDOjraGIxehor0/YJ2K2cFzo3eqvnz5jHBK2g3Y5Ors0nJGIYQqlq5fc+I9ELohcE7kjcldkeXeVd5IuMnwWa2kCM9zrDodbxeVlNccljkvmXOVIqpa3oSo7aRIQEBAQEBAQMCX4GQAA//91GUkz")
bind$vsock_stream(r11, &(0x7f0000000000)={0x10}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r12, @ANYBLOB="5e2d2ad8fae0afc95be34a9005b88904ecd5aee0505fe1a135ff606c5370980e8f733c45ec28dc167a2f1a0208cee35c37b5eab8dc25aed2e3a857d9d1296b69e66f95aeb2a6354923427cf35d65555a18278db3196b12eb4db2cb45faef863e81b05c3ad5a683997578617693183d558af2f55538559f054786c267f69ac411030fba5cd01904a82173423040931d7d663d441cf79ef5ee6ef5d2ea02a23743cb343043ab9d59f04adfe7216d8a421b7a307af7afe9e69eff8cd45b656f93696076254a7bac6431fa7579612680f99a2bec8cf0d373a5ebe2bf"], 0x1c}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r3, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

14.279255786s ago: executing program 4 (id=1749):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
process_mrelease(0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="3801000010000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e0000001000000000000000000000000000000006c00000020010000000000000000deffffffff0100000000000000006d85000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000a0002006700000000000000480003006465666c61746500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000197462456c2a39bc93a704b538faf53bbf0a878be6658fc9ef7df6d37b1876b1b402d014b0b9dcc1f1c848e1c6a0438180b76466137a49c9a76e0f6ef1a23a5d45096798ff7d16c3228d636da644bc8e63b982223e572847f404c3a28450059c6ecc09bb5d692a61977935ddefada392880bb4e226322e5e77fef5fd1a96c0d167dc038c24961090dba6a32487f6b460a5b2a69d39367a83dbae162bfb355d1eba6463e03d66c62e49e7275d1e6470faff2098f43b0de5d9206e146d13d14f53436e866f883f78f798025c72ca7f0beea210798b9e29c8f0af0032891e5e827febc92fe2d3"], 0x138}}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
keyctl$restrict_keyring(0x10, 0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
syz_emit_ethernet(0xcc, &(0x7f00000009c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004aff00be0065000003019078ac1e0001e00000018620000000020609124e33b4932a250011ce06537c25f9909823d08d8d752cdd44247361ffffffff00000001ac1414bbfffff8007f00000100000008e000000100000003440edc1fb953d2518e9112b4a1a600000c0090780003000043ce7b610067000a3f320003ffffffff0a01010244281e10000000020000234f000000070000000400000040000007ff00000007000074df00000001890f1e7f000001ac1e01010000000000d57e"], &(0x7f0000000ac0)={0x1, 0x2, [0x1a, 0x115, 0xad, 0x286]})
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f00000005c0)="96a67b36bd06304a08a67f14f6c3881ca6167592ce060670a396f8ab05ace2caca6b2a9ecf3471d2", 0x28}, {&(0x7f0000000500)="fc484e55021886bb", 0x7fffefd8}], 0x2}}], 0x1, 0x0)
sendto$inet(r3, &(0x7f0000000000)='o', 0x1, 0x0, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fspick(r4, &(0x7f0000000980)='./file0\x00', 0x0)
socket$inet(0x2, 0x802, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r5, 0x402c5639, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0xbc, 0xf2, 0xea, 0x40, 0xe41, 0x534d, 0x7ba3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x6b, 0x92, 0xce}}]}}]}}, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f00000000c0))
socket$inet6(0xa, 0x80002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000050000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000020766c616e30000000000000004000000076657468305f746f5f7465616d000000aaaaaaf991bb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba316000000000000000000080000000000000208000000892f0700636f6e6e6c6162656c000000000000000000e5ffffff00000000000020000000080000000000000000000000000000004e465154455545000000000000000000000000000000000000000000000000000800000000000000000800000000000400000000000000000000000080000000000000000000000001fcffffffffffff0000000001000000ffffffff000000000000000000000000000400000000efff000000000000000000000000000000000000000001000000feffffff010000000b00006b90088754ea234d6f6e6430000000000000000000000074489c4c2c0000000000000000000000626f6e64300000ff000000000000000076657468315f744d8abdc76964676500aaaaaaaaaabb0000000000e7feffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d3c964de64039918d16289341524b0000000020827903000000000000000000000000000804000000"]}, 0x2a8)

14.214153116s ago: executing program 1 (id=1750):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pause()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000, {0x0, 0x2000000}}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x2, [{}, {}, {}, {}]}]}}, 0xffffffffffffffff, 0x3e, 0xb1, 0x2, 0x0, 0x0, @void, @value}, 0x1b)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0xf, 0x1, 0x0, "27110000000000000010002200"})
syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x1c80, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000055090100ffffffb09500000000000000b70200001fffffff739af0ff00000000b509000000000000c3aa04fef1000000bf8600000000000007080000f8ffffffbf9400000000000007040000f0ffffffa70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

14.126152496s ago: executing program 3 (id=1751):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x200500, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES16=0x0, @ANYBLOB="0000000000000000000017000000080001007063690004000200303030303a30303a31302e3000000000080003000000000008000b000000000006001600000000000500120000000000"], 0x50}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x7fff, 0xffffffff, 0x807ff, 0x0, r1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0xc, @void, @value, @void, @value}, 0x48)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
syz_io_uring_setup(0x3d17, &(0x7f0000000880)={0x0, 0x0, 0x2000, 0x0, 0x80}, &(0x7f0000000080), &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x40, 0xfffff010}, {0x20}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000008340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x31, &(0x7f0000000140)=0x1008008, 0x4)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r6, &(0x7f0000000700)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/166, 0xa6}}], 0x1, 0x0, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000104000000000000090000001846000008000000000000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=0x1, @ANYBLOB="0000000000010000b70500000800000085000000a500000095000000000000f9"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x2, 0x10, 0x0, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xe439, @void, @value}, 0x90)
ppoll(&(0x7f0000000600)=[{r3, 0x117}, {0xffffffffffffffff, 0x9381}, {r5, 0x10}, {0xffffffffffffffff, 0x8444}, {0xffffffffffffffff, 0x10}, {r3, 0x8093}, {r2, 0x4023}, {r7, 0x30d3}], 0x8, &(0x7f0000000280), &(0x7f0000000840)={[0x603]}, 0x8)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'rose0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000002eeed88696", @ANYRES32=r9], 0x20}}, 0x0)
connect$inet6(r2, 0x0, 0x0)

11.579286137s ago: executing program 1 (id=1753):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x17)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c9", 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x2, &(0x7f0000000180)=@raw=[@call={0x85, 0x0, 0x0, 0xc4}, @tail_call={{0x6}}], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000002540)=[{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000002ac0)="ee", 0x1}], 0x1}], 0x1, 0x0)
r3 = mq_open(&(0x7f00000002c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\a\x01\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x8a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x02-\xc1\x86\x00\xc0\xa5u\xb3\xc4C\xc1\f\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\x857\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xb2\x8a\x117\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe9:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6W.\x859\x1b\xbf\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\x00\x02\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xab\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\x93\xf0\xa2]\x9a\xd5\x82\x1f#o\fo\x9a\xd3$2\xcc\x1f\x85\xe2\xc1rnAK\xfa\x00\x95\xe7\x1e\xc1\xac\x17^\x11\f\x87\x01~\x8b\xc6\x06\xf0\xb4\xff\xfag\xdd\xd8lu\x83\x1d\xa0$\'\xf1\xd4\x1a\r\x14Y\x92;`N\xaf\xa3\xd7\xc1\xc1>dt\x9c\x92(D4\x1c\xc6\xa8\x82G\x91\xa5Y\xe7\xb2\xcf\xbfx\xa5\xbc|\xa8\xfeo\xc6N\"\xb6@a\xb1\xe75\xc7\xd2zL\xee\xb5lg\x96K\xe5!U\xa6\t\xfdA\xc9\xe5\xb0T\xf2\xb4\xc6+\x00'/1031, 0x42, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x90)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000800)={&(0x7f0000000700)=ANY=[@ANYBLOB="d4000000", @ANYRES16=r4, @ANYBLOB="00002cbd7000fedbdf25170000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b0001000000060016000800000005001200000000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000200000008000b0003000003000000000200000005001200010000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b00ff07000006001600010000000500120001000000"], 0xd4}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"})
syz_open_pts(r5, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fd/3\x00')
pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sync()
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x18, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x2, [0x0, 0x0]}}]}]}, 0x74}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)

11.575688237s ago: executing program 2 (id=1754):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYRES64=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_setup(0x4a55, &(0x7f0000000280), &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300))
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r3, 0xb41, 0x0, 0x0, 0x0, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x10003, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @mcast2}, r7}}, 0x48)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x4006}, @map_fd={0x18, 0x0, 0x1, 0x0, r9}, @generic={0xf, 0x8}, @initr0, @ringbuf_query]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='tlb_flush\x00', r10}, 0x10)
r11 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x13, r11, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r12 = userfaultfd(0x1)
ioctl$UFFDIO_API(r12, 0xc018aa3f, &(0x7f00000004c0))
ioctl$UFFDIO_REGISTER(r12, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r12, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)
close_range(r8, 0xffffffffffffffff, 0x0)

11.245968378s ago: executing program 3 (id=1755):
syz_open_dev$swradio(&(0x7f0000000280), 0x0, 0x2)
r0 = syz_open_dev$swradio(&(0x7f0000000380), 0x0, 0x2)
r1 = openat$dsp(0xffffff9c, &(0x7f00000002c0), 0x640100, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x20}}]}, &(0x7f0000000340)=0x47)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @loopback}}}}, &(0x7f0000000140)=0xb0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000300)=0x6)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, &(0x7f0000000480)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x0, 0x6}, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
r6 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000240)={0x80000008})
openat$rdma_cm(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000005c0)={<r8=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000640)={0x13, 0x0, 0x7, {0x0, r8, 0x2}}, 0x18)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f041})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0xc)
io_uring_setup(0x1b52, &(0x7f00000001c0)={0x0, 0x61e7, 0x4, 0x1, 0xef})
clock_gettime(0xfffffff2, &(0x7f0000000500))
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket(0x1e, 0x4, 0x0)
r10 = socket(0x9, 0x80c, 0x0)
setsockopt$packet_tx_ring(r10, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, &(0x7f0000000180)=@req3={0x10001, 0xa6fa, 0x5, 0x5, 0x7, 0x3, 0x100000}, 0x1c)

10.522481493s ago: executing program 4 (id=1756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=@ipv4_getaddr={0x18, 0x16, 0x8aa22dd2bfcd8fb9}, 0x18}}, 0x0)
recvfrom(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
r3 = socket$packet(0x11, 0x2, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$packet(r3, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmmsg$inet(r3, &(0x7f0000000380)=[{{0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x6000}}], 0x300, 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00')
open(&(0x7f0000000000)='./file0\x00', 0x800, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
mlockall(0x3)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bda000/0x4000)=nil, 0xfffffffffffffea3, &(0x7f00000000c0)='\x00#\x0f\x01bK\xd1\xd8\xc8\xe3Z(\x03\xa1\x8b\x19#\x8fZ\x10Gk\x01\xd5\xc6r\x88\x97\xbb\xd9\xca=\xffa\xeb\b\xb2\x90\x1a\x03;\xae\xddc\nI\xcd\xf59>\xc4ZE\xac\xd3\x1f\xe7\xc5\xe5(\xed\xbb+\xfd\xe3\xb2\xf8\x9d\xf1\b\xff9\".Be\xf6\xb0\x0e\x86\xa3\x1c\x10\x88\xf4\xa2\xa0\x81\vN2N\xf1\xa5\x96\x94\x91\xa2S\x96@\xf1\x15\x9a{\xb9O{\x01*\xe98\xea\xcd\xcd\x04Y\x03\xf5>\x93\xb8')
bpf$PROG_LOAD(0x5, 0x0, 0x0)

10.476832155s ago: executing program 2 (id=1757):
read$FUSE(0xffffffffffffffff, &(0x7f00000020c0)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
open(0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x7)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000001e000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="05000004"], 0x1c}}, 0x0)
sendmmsg$alg(r5, &(0x7f0000001180)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000040)=[@op={0x10, 0x29, 0x5}], 0x18}], 0x1, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800008, &(0x7f00000011c0)=ANY=[@ANYRES8=r5, @ANYBLOB="a80521d537cd276030957971e577992cd1a77e3ddf1b94d755003f1b59849840ff4c8fc55e97a7ce01e7ee0fcd167608d7a6027f2b804b3ec87c47203214fb38b3e58c9b0b78320ae2fbc3ead3576e011198311e39f01eef39cdcaa853ba2bf4ab95c7f650f3efe41af85a16bbc976e610a4ded1bf5c7962ac2c6dbdab15f8fc375e428d5258aaf83682248a7cedd33982b0579e68e4b1c1f364fb03b1ebfc89a74e4142253811bae74b3347e2015f867f0b1faf8fa853dbdf489ab4dbbbb2a8480e3ce7bd1d74c82dfc", @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030332c63726561746f723d85f194712c626972306965722c63726561746f723d65fe04c22c756d6173850e30303030303030303030303030303030303030303231372c6465636f6d706f73652c666f7263652c7569643d662926495d3c06e71539f0c1ed419239a7735fd5b6c468c53792d79ab4018b9bb658efc70261", @ANYRES16, @ANYRESHEX=r0], 0x1, 0x6fd, &(0x7f0000000780)="$eJzs3U1oHNcdAPD/rFYrrQOOnPgjLYEsMaSlorZk4bQuhbqlFB1CCe2hZ2HLsdBaDpJSZFMapR/3HnrqKT3oFnIo6d3QnhsCpVcdA4VcetJNZWZnRrOr0a5kS7Lq/n5i5r15X/Pmzc7XLmIC+L81Px3NJ5HE/PQ7G+ny9tZcd2xrbiLP7kZEKyIaEc1eEMlKpLljZRNfSxPzeFK/lqLw9pe9sJlPWfnGwfVqtfYnbeZTdPKVdfrzJ3vB+AEtfja4+r727mThUXo4KCm38HZEXM3DiD89Q5twDHb32SzzPvlnNh9W/VmOCuCMSKpX9IqpiHP5BTS7J8jPDo3T7d3x23zeHQAAAICjah+9yss7sRMbcf4kugMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvqr73/29m7/dP0qkTSfH+/1aeFnn8DBr9IsQvJnrhk5PvDAAAAAAAAACcuDd2Yic24nyxvJtkv/m/WfmN/6X4INZiMVbjWmzEQqzHeqzGbERMVRpqbSysr6/OZjUjLg6peSM+r6l54+A+3j7mbQYAAAAAAACAM25yRP7y+P6038T83u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwFiQRY70gmy4W8aloNCNiMiJaabnNiM+L+P+IpC7xyen3AwAAAJ7JZP9iMnmIOi9/GDuxEeeL5d0ke+a/nD0vT8YHsRLrsRTr0Y3FuJs/Q6dP/Y3trbnu9tbcg3Ta3+4PvzpS17MWo/fdQ/2aX8tKtONeLGUp1+JOJLGbaeStvLa9NZeGD6r92nvs/yjtU/KD3JDejFXid9PZlc+y+B/6v0VoHmkTn1LjwJypLHe8HJGZvG9pjQvFCNTvoZF7pzl0TbPRKL/5uTh8TfVj/tHwtZ8bKFX7zc1zMTgSN6JR7qHLw0ci4ht//eQX97sry/fvrU2fnU2q9eHIEoMjMVcZiSsv0EiMNpONxKVyeT5+Ej+P6fhq4t1YjaX4ZSzEeix2ivyF/POczqeGj9QX56pL747qSXpMdsrzV12fOtHXp+jEj7PYQryZ7dPzsRRJPIyIxXg7+7sRs+XZYG8PX6rvd3FSyI76xiHOtBVXv5kF5TBF++Cynx6uyeOSbtaFyrhWz7lTWV6espmm7I3SK7WjVFzrDn89qmh+PY+kLfx26PXhtPWNRH6VKHr36kGf896Q/nk3na91V5ZX7y+8f8j1vZWH6XH0+zN1lUj38CsxmW/chWyeZMfUTJb3anmF7R+vVv6LS09jX96lsl7vSP1pPIy7fUfqd+JmeRt4OSs9vu+KlbZ0pWyp/xye5qV3Ws3yh53q/dbD6PbuhwA4O+puBM5961yr/e/2P9oft3/Xvt9+Z/JHE9+deL0V438f/15zZuytxuvJX+Lj+PXe8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD01h49Xl7odhdX6yON+qxkeK2F7m7xIrH6MrEvJclflTOiP2kkWXv0eHdEmcFIDKRM5N07ZPWTjBSv7RlduHOC3Ug2B/fX5Oh9Ubx6IkuZe2nYJyrZN+Bp5afuc7HmvZTxM7ArByOd42uw+MBWD6Ijf3rb1f316PFy+b7L2kNmuLFnOesAZ8H19QfvX1979PjbSw8W3lt8b3Fl/ObNWzO3br49d/3eUndxpjevVDiVl98Cp6F6O1FqRcQbo+sOeVErAAAAAAAAAAAAcIJO9F8gvv/p8948AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AUwPx3NJ5HE7My1mYk8bXtrrlsNe5oR0YiI5FcRyd8ibkdviqlKc8lB6/nj0q2f/es/21/utdUsyjciNg+sdzib+RSdiBjLw9LWwRWnDtHencH29mvtRSdqspNyZNIBu1oMHDxv/w0AAP//Dljf3w==")
r7 = socket(0x10, 0x80002, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="1802000004000000000000000000", @ANYRES32=r8], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d0000be7ba9bd"], 0x1c}}, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)

10.151408176s ago: executing program 3 (id=1758):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r2=>0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x64}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYRES32=r0], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket(0xa, 0x3, 0x3a)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01ee00000000000000003b00000008000300", @ANYRES32=r8, @ANYBLOB="2e003300d000000008021100000108021100000050505050505000"], 0x4c}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8})
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10)
r12 = add_key(&(0x7f00000011c0)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000002b40)='n', 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r12, &(0x7f0000001b40)=""/4096, 0x1000)
keyctl$update(0x2, r12, &(0x7f0000000000)='p', 0x1)
r13 = io_uring_setup(0xad5, &(0x7f0000000100)={0x0, 0xfffffffc, 0x1cc8, 0xfffffffe, 0xdf})
close(r13)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x3, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000240)={0x48, 0x1, r2})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000040)={0x48, 0x2, r2})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2})
close_range(r0, 0xffffffffffffffff, 0x0)

9.148580979s ago: executing program 2 (id=1759):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
io_uring_enter(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000080)=0xfffffffa, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x100201, @dev, 0x4}, 0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r5, 0x80089419, &(0x7f0000000000))

8.121400746s ago: executing program 1 (id=1760):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x10, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffb}, 0x10)
write(r1, &(0x7f0000000180)="1d04000012005f0214f9f4070000fbe40a000000", 0x14)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000180)={0x2c, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x8, 0x1}, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000000c0)={0x44, 0x0, &(0x7f0000000240)={0x0, 0xa, 0xffffffffffffff9a}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f00000001c0)="0022040000ffffebfffffffeffffff0706000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e38", 0x117)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5c0600000000000000f14eee6863e0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x400}, 0x10, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
request_key(&(0x7f00000005c0)='rxrpc_s\x00', &(0x7f0000000600)={'syz', 0x1}, &(0x7f0000000640)='$\x00', 0xfffffffffffffffe)

7.968690906s ago: executing program 2 (id=1761):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT, 0x4)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r1, &(0x7f00000002c0), 0x191)
close(r1)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000007c0))
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0)
pipe2(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8, 0x2}, [@l2cap_conf_req={{0x4, 0x0, 0x4}}]}}, 0x11)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xfffff000}], 0x2)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x74, 0x93, 0x1d, 0x40, 0xc45, 0x614a, 0xe6af, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9c, 0x80, 0xf4}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x100000d, 0x80010, r3, 0x0)
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000300)={0x14, &(0x7f0000000680)=ANY=[@ANYBLOB="000b580000005830da2c26b034eb01477ff43ec5c9c331eba9a4224d0b884dfb278595c0e4b117f7e2f0c854cdb0fefdaffbaf3e4acc60dcc88aa2c84006a042e71dbc985f479a5d9e375c40f2a016e8adf28539be1e9482a4445d6a4e75d7fa0be0d986b6e5a0630cb5635fa88511c0400fb33a51f7a112"], &(0x7f0000000280)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000480)={0x1c, &(0x7f0000000500)={0x20, 0xe, 0xed, "77104f62a1c9ab3fc6ac42c576cd3a28437ed4b94ec5973939b5b1abc7f3c1e08123bd74401486ccbbe32628e4d0eb803355a95aa492759ed76ddc46a0e6709f464a27ca5981d4b65e89414f405a6a0fc5e11fee1214a33c8b94e4c82954490d963931bf4bc9d81299fdc93494f2c84266c54c4a0e070394b0240b223edbec6a7a488feb81f41689a19a852a15fff1993a40bb3981513a4ea1cbb70298cdf832aa0e0fb9bb47cd51516bb6424de84e4fae59423582a188bc4dc679addfa04f4b5bc5fa383b025700c00f53e66717fc13117cc5dd22c1730eef5e7da0c58793dbd6a2fea6d8ef584318df6d8a9a"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x8}})

7.859406455s ago: executing program 3 (id=1762):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000380), 0x4000000000001c2, 0x8000)
unshare(0x400)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_END_FF_ERASE(r4, 0x4004556a, &(0x7f00000000c0))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ec0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "ef"}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xcc}}, 0x0)
symlinkat(&(0x7f0000000140)='./file2\x00', r0, &(0x7f00000003c0)='./file0\x00')
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./bus\x00')
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r7, 0x5432, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)

7.623022125s ago: executing program 4 (id=1763):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_open_procfs(0x0, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x1, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c"})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x522500, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000440)={0x80, "421ae375378525f149154c9422ad0644f47d3bd7aaa45d6bb4823ab4c98100"})
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = dup(r6)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r8, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000200)={0x1, 0x0, 0x0, &(0x7f0000000140)=""/41, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000580)={0x1, 0x0, [{0x7000, 0x96, &(0x7f00000004c0)=""/150}]})
r9 = dup(r7)
ioctl$VHOST_NET_SET_BACKEND(r8, 0x4008af30, &(0x7f0000000000)={0x1, r9})
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r8, 0x4008af30, &(0x7f00000003c0)={0x1, r7})
close_range(r0, 0xffffffffffffffff, 0x0)

6.044657074s ago: executing program 4 (id=1764):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f00000008c0)='./file1\x00', 0x2000000, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESOCT=0x0, @ANYRES8], 0x3, 0x7e5, &(0x7f0000000e00)="$eJzs3U9oHOfZAPBnFNmWFT4Tvu/DNcZxJnYKNjjKSk4URA7JZjWSJ1ntit1VsCklMbUcjOUk2A3UPtTxpaWlpfTUY5pDL+2p9NJSaG9tT4X2WughEOghaWmhh5bQLTOzsiXrr23ZDuH3E9G8O/PMvM+82syzY2lmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpDFdq40n0cxbC6fTjTWmO+25TZYvb+/Xqyab9BuRFP/FyEgcqGYd+P9bi/cX347EoerVoRgpJiNx7dH9j73wf8NDy+tvktBOG15v5pWr1y6eXVpavPwAE7kPvv3LVS9/NBrbHNnZrJV32/lcfTZL8247nZqcrD1zaqabzuTNrHum28vm0kYnq/fanfRY43g6PjV1Ms3GzrQXWrPT9WaWDlczn396olabTF8Zm8/qnW679cwrY93GqbzZzFuz5YrF4iLm+eKN+GreS3tZfS5Nz19YWjy5OqW9a5IsgsZXzfm0v/LVoace++jdD/9xYXFiq92dqE1MjI9PTIxPPjf13PO12vCaGbXbxJqIB/qm5TNoh4/gcPeGBvU/mpFHKxbidKTrfjViOjrRjrkNlg8s1/8vPvPX32/W78r6X1X5oUMHbi0+GGX9P1y9OrxR/a/63r1ng5zu11dpb9H7lbga1+JinI2lWIrFuHxf+ku2iji07W0N7Wxms5FFK/LoRjvymIt6OScdzEljKiZjMmrxepyKmehGGjORRzOy6MaZ6EYvsvId1YhOZFGPXrSjE2kci0YcjzTGYyqm4mSkkcVYnIl2LEQrZmM66uVWzseFctxP3pbX/q+/8Ys3//DR++VPazlofLMhfi+iDPr7JkHqP/dux4/hcLf6y/UfAAAA+NxKyn99L87/d8XjZWsmb2Zf2mKt4eLbew8mQwAAAOBelb/5P1RMdhWt3esG/WTXA84KAAAA2ElJeY1dEhGj8UTVWr5cqvawcwMAAAB2Rvn7/8PFZDTiejnD+T8AAAB8zrz2s0Gjusf+yM177H64fI/d7vye5Fd/i05nV3Jj/vRTyaV6EV6/9Ei13mDSL+2JiN7MwSQGNxQstzU5fO3R4vVwIzuULN/98tM91fST8vvB4ZsJrb7X/0t7q7lJkmyRwC1FAvsGe1FMhiKiehXfiSermCfPVdNzg7jBHYlHZ/JmNtZoN18Yj3p931AvO917960LX4ty97/VmtuXxPkLS4tjX3l76VyZy41iKzcuDfZ3zX0Ub8+lHIyqx/5gBOLx9e9uvKvIpTbod7Tqt7Zy/4eu7CsaQ3fQ5zfiSBVzZLSajq7e/5Giz/GxjfZ+tNq/8TV7Prz2jbVpFkejvNbk6LGycfTYOllMbJZFMRYTK7MYDMKdjcXRKmZ1FvFYRLz/5PXT//xNO8lObpXFyXvMAuBhOR+PV8erVVXo31U57xf1v9PZtTtW1Z1qze0e5ZKyly2e5LP96v6v/iZH9GNVzLHq88TwwXXqSm2dI/o7F9757eCI/uyPf/DDLx/+3U/vuq6PLIfsLddLBmNVZrF3kMW1QUhnV/Ldm5WkqqofFPM/2LDfbnMiKYbwka9eeif2X7l67ekLl86+ufjm4lsTEycna8/Was8lyeCH1y8/Mag9AKzjSByuCvmGz9jZ4Ck85QeAqnY/u9lZ9SOR/O/NPykoauLbsRTn4kR5tUFEPLF+v6Mr/gzhxBZnraMrnvByYv2zupuxuyMGsRO3Yv8c68aOrni8zC1f+P79/HkAwINwZIs6vGH9X3HufmKL8+7Vtfx4FXt8OYONazkAcH9knU+S0d43k04nn399fGpqvN47laWdduPVtJNPz2Zp3uplnRiut2azdL7T7rUb7WbReC2fzrppd2F+vt3ppTPtTjrf7uanyye/p4NHv3ezuXqrlze6882s3s3SRrvVqzd66XTebaTzCy838+6prFOu3J3PGvlM3qj38nYr7bYXOo1sLE27WbYiMJ/OWr18Ji+arXS+k8/VOzciorkwl6XTWbfRyed77WqDy33lrZl2Z67c7F/2PezRBoDPhitXr108u7S0eLlo9Pv9/uVVc7Zq/Gk7wRv3PuLGwgDwENyq0h//z+3LXnw4KQEAAAAAAAAAAAAAALe5o6v9ttPYu1nMf/r9/p1tcGSzmP71iLWLkju7inFvbBGzezBUOzxQD6RxY0e2MxTrjfO9N57Yoe0kGy9648UXL260+svXD5zaXhdb/J9yvXwAwuBS1/c+3v3z71WLXrqr3Rm687X+GBF30Vc/2SQm+g/3yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa/03AAD///H/cVg=")
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000020000001d"], 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x100010e, &(0x7f0000000200), 0x1, 0x444, &(0x7f0000000780)="$eJzs28tvG0UYAPBv101LXySU8ugDCBRExCNp0gI9cAGBxAEkJC7lGJK0KnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKBcKJ6O1d2PHsdMkdbIF/37S1jO7s535PDv27E4cQN8azv5JIvZFxG8RMdjIriww3Hi5ubQw9ffSwlQStdpbfyb1cn8tLUwVRYvz9uaZkTQi/TSJIx3qnbt85fxktTpzKc+PzV94b2zu8pVnz12YPDtzdubixKlTJ0+Mv/D8xHM9ifOerK2HP5w9eui1t6+9MXX62js/fZMU8bfF0SPDax18olbrcXXl2t+STnaU2BA2pBIRWXcN1Mf/YFSi2XmD8eonXU9Mt6mBwJap5bocXqwB/2NJlN0CoBzFF312/1ts2zf7KN+Nlxo3QFncN/MtFqO+s7jFGWi7v+2l4Yg4vfjPl9kWW/McAgBghe+y+c8zneZ/adzfUu7ufG1oKF9LORAR99Z2xcGIuC+iXvaBiHhwg/W3L5Ksnv+k1zcV2Dpl878X87Wt5flfo96iyFAlz+2vxz+QnDlXnTmevycjMbAry4+vUcf3r/z6ebdjrfO/bMvqL+aCeTuu79i18pzpyfnJ24m51Y2PIw7v6BR/srwSkETEoYg4vMk6zj319dFux24d/xp6sM5U+yriyUb/L0Zb/IVk7fXJsbuiOnN8rLgqVvv5l6tvdqv/tuLvgaz/93S8/pfjH0pa12vnNl7H1d8/63pPM7qp67+5Y2f++sHk/Pyl8YidyeuNRrfun2ieW+SL8ln8I8c6j/8D0XwnjkREdhE/FBEPR8Qjed89GhGPRcSxNeL/8eXH3+127E7o/+m2/h9aWaSt/5uJndG+p3Oicv6Hb1f+j83k+j7/TtZTI/me9Xz+raddm7uaAQAA4L8njYh9kaSjy+k0HR1t/A3/wdiTVmfn5p8+M/v+xenGbwSGYiAtnnQNtjwPHc9v64v8RFv+RP7c+IvK7np+dGq2Ol128NDn9nYZ/5k/KmW3Dthyfq8F/cv4h/5l/EP/Mv6hf3UY/7vLaAew/Tp9/39UQjuA7dc2/i37QR9x/w/9y/iH/tU6/pMS2wFsq7ndcesfyUtIrEpEekc0ozeJZItHwb6yA9x4ouxPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN74NwAA//+HM+n4")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x1, 0x10000, 0x4, 0x2430, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x0, 0xd, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000ff0000000000000018150000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000085000000230000009500000000000000"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x7)
syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=@getneigh={0x14, 0x1e, 0x400, 0x70bd27, 0x25dfdbff, {}, ["", "", ""]}, 0x14}}, 0x0)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x1}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x4d3, 0x33}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x7}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0xffd8)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$tun(r7, &(0x7f0000000280)=ANY=[], 0x15)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x14, 0x1, 0x53, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000380)="3080", 0x2, r1)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000100)={r0, 0x58, 0x1000}, &(0x7f0000000140)={'enc=', 'raw', ' hash=', {'hmac(crc32c-generic)\x00'}}, &(0x7f00000001c0)="747b206340a2855f9c6bd7d89c30f643de8a7d1e92289281c814b49fcf0157a1825adac9f06b3c075e025cbb76b3fee695975f7c59f64eb3751a625373d272ed23c44949b3506a46cceb58cb0acb4b20a61276e4d4d5d725", &(0x7f0000000480)=""/4096)

6.002793046s ago: executing program 3 (id=1765):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000001080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000028000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9b7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f1e715a899c71e4e05b3d340292075ac4f13d51664febfc2748d0db"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={0x38, r5, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)
r6 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r7, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x10200, 0x1, 0x10000, 0x2000, &(0x7f000024d000/0x2000)=nil})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r8, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
renameat2(r6, &(0x7f0000000040)='mnt\x00', r8, &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

4.362548442s ago: executing program 2 (id=1766):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x110, 0xffffffffffffffff, 0xf5598000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
ftruncate(0xffffffffffffffff, 0x10000)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x2c}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x104}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x56, &(0x7f0000000240), &(0x7f0000000280)=0x10)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000440)='cgroup.threads\x00', 0x2, 0x0)
read(r8, &(0x7f0000000180)=""/144, 0x90)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x104002, &(0x7f0000000080), 0x1, 0x5a8, &(0x7f0000000d80)="$eJzs3U9sHFcZAPBvx392nTh1Cj0UBDSUQkBR17GTRlUvDRcEVFWRCqceUsveWJHX2Si7LrXxwTlx4IpEr3DhwqmHSkVC9IS4coMbl3JAKigC1UgIDZrxrL272Y3XjZ2N7d9Pmuybmef3vTfKvNl9uzMvgFPrQkRsRcRkRLwdETNRyreXiiWu7yxZvk/vby5u399cLEWavvnP8aKEzcXs36c7yjwbET/tE6vckW6ub6ws1Ou1u8X6bGv1zmxzfePFW6sLy7Xl2u35+Wtz1y6/fOWl+UNr63Or73/ynVuv/eh3H3754z9tfesnWfteLfZlbevIWkrT9NEDvlocw5iI6XbBEZEdudcevfQnwljRnsneHVOjqQ8Hk0TE5yLi+SK9qzK6OgEARytNZyKd6Vzfk3StpWmpTx4A4PjJPvNPRympRkzupJOkWs3H8CrPxJmk3mi2Lt1srN1einwM63xMJDdv1WuX87HCiHJMlLL1uXxfvj9fn+9Zv1KMEf68PJWvVxcb9aVRvekBgFPu7N71Px///3c5u/6Xh/nTSsT05m+vHn0dAYAj4Lt+ADh9Oq7/WzsvE/2y9d0IABxPPv8DwOnTcf0f6pt/AOD4q/Tc+9/X7u1/AMBJ0Hf8/61ze+lndx8HBgCcEL7/B4BT5Qevv54t6XZayp9/vfTO+tpK450Xl2rNlerq2mJ1sXH3TnW50VjOn9mz2qeIe50r9UbjztzVWHt3tlVrtmab6xs3Vhtrt1s38ud636i5hwAARu/p5z76Sykitl6Zypdoz+Ww/w8CgGPOaQ6n19ioKwCMzPioKwCMjPF44MEf93bP6Nr3J0JTEfHe4DJNAQtPtotfGDD+3/veoHug8H+HMDs2MGLFaW0YAE6hRxv/N3oAx9nDL/xuDIKTLE1L5vMHgFNmiE/wfiIIJ9x+D/cyEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPms6XUlIt5gKfjiSpViPORcT5mCjdvFWvXY6IpyLiz+WJcrY+N+pKAwCPKPl7qZj/6+LMC9O9eydL/ynnrxHx4+vxi3cXWu2pA3e3t957M9veujvfN0D56NsAAHQY793Qvk7nr3Pf3d3+6f3NxfbyOCv4ybd3JhfN4m7f31zcm494vKj8TD5H8Zl/lboaUzqkiYm37kXEs73tT3b3ny9mPu2Nn8U+d2TxI2/hdFf87rdRSb5v5zU7Fp+fGjLeIdQZToqPsv7ner/zL4kL+Wtx/o13d6aV+NmDnetn0O7/ttOd/m+7I35W/hvnKnlf06//uzBsjKt/+N7AfffG0i+OR7Rjb3f0Pzsqeapf/BeGjP/XL33l+UEHK/1lxMV4WPyd1Gxr9c5sc33jN9//4I/LteXa7fn5a3PXLr985aX52XyMerY9Uv2gf7xy6anB7Y84MyB+ZZ/2f33I9v/qv2+/9dWHxP/m1/rFT+KZh8TPronfGDL+wpkPBk7fncVfGtD+8a74k11/l2271FvYgP+QH/9tY2nIqgIAj0FzfWNloV6v3R0mkcTGykL7g+bgzO+/8fvyoHKmhow1FgepWJGIg2TeP/Hhfnkmug5C5XCj7yXODtj16wMXOPFZjuoTkLh3gMzl0VR1LOrt8ah9Mxf5tkZ2VC8MkWdEHRLw2Oyd9KOuCQAAAAAAAAAAAAAAMEjzh8Uj/w75TqPOm+FG3UYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOrv8HAAD//wfAyFU=")
newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0), 0x0)
sendfile(r8, r8, &(0x7f00000000c0)=0x7ff, 0x1)

1.917690134s ago: executing program 4 (id=1767):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r5, 0x0, 0x0, 0x24048081, 0x0, 0x0)
connect$inet(r5, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
chdir(0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x2, 0x0, 0x3, 0x11, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb}, @sadb_x_sa2={0x2, 0x9}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_x_nat_t_type={0x1}]}, 0x88}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0xf87, &(0x7f0000001180)={@local, @random="e130aeaaba30", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @mcast2, {[@routing={0x84}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93}, 0xe)
sendto$inet6(r7, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r7, 0x1)

1.393355729s ago: executing program 1 (id=1768):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x60, 0x0, 0x2, 0x5, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_TUPLE={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}]}, 0x60}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@user_xattr}]}, 0x9, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD")
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100))
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f350768090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000080)=0xc)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x44680)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f0000000040)={0x0, 0x8, 0x80000000})
chown(&(0x7f00000000c0)='./file0\x00', 0x0, r6)
pipe(&(0x7f0000000440))
r8 = fanotify_init(0x0, 0x0)
r9 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x00\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f\xf9\xf20a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0)
r10 = dup(r9)
fanotify_mark(r8, 0x20, 0x800103b, r10, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x10, 0x2, 0x490, 0x2d0, 0xf0, 0xffffffff, 0x0, 0x2d0, 0x3c0, 0x3c0, 0xffffffff, 0x3c0, 0x3c0, 0x5, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv4, @gre_key, @gre_key}}}, {{@ipv6={@loopback, @mcast2, [], [], 'geneve1\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@dev, @ipv4=@local, @gre_key}}}, {{@ipv6={@private1, @empty, [], [], 'tunl0\x00', 'ipvlan1\x00'}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@broadcast, @ipv4, @port, @gre_key}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@remote}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r12)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000006c0)={0x4, &(0x7f0000000100)=[{0x25}, {}, {}, {0x6}]})
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r13}, &(0x7f0000000000), &(0x7f0000000080)=r12}, 0x20)

1.213907902s ago: executing program 3 (id=1769):
shmget(0x1, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
r0 = syz_open_dev$sndctrl(&(0x7f0000000640), 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r6 = accept$alg(r5, 0x0, 0x0)
r7 = dup(r6)
r8 = open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r8, 0x200004)
read$FUSE(r7, &(0x7f00000023c0)={0x2020}, 0xfffffe9f)
sendfile(r7, r8, 0x0, 0x80001d00c0d1)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private}})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r9, 0x0, 0x2c, &(0x7f0000000680)={0x401, {{0x2, 0x2, @private}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x2, 0x0}}}}, 0x108)
setsockopt$inet_group_source_req(r9, 0x0, 0x2e, &(0x7f0000000480)={0x3, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast2}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r9, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="060000000000000002000000e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000087544c82c6a413946a53d34685c25fa6c1cf848f9ec88add"], 0x90)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000008003416c77847ff51f536978400000008000000000000"])
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000000)=""/27)
semget(0x3, 0x0, 0x46)

893.291356ms ago: executing program 2 (id=1770):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003100), r5)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, r6, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x3, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
socket$inet(0x2, 0x3, 0x2)
r8 = syz_open_dev$swradio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/rt6_stats\x00')
socket$vsock_stream(0x28, 0x1, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
readv(r8, &(0x7f0000000140), 0x0)

0s ago: executing program 4 (id=1771):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000480), 0x802, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f00000004c0)=0x1cd159fa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SIOCGIFHWADDR(r3, 0x5452, &(0x7f0000000240)={'geneve1\x00'})
r4 = dup3(r2, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='ext4_es_lookup_extent_enter\x00', r1}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$netlink(0x10, 0x3, 0x0)
socket(0x200000100000011, 0x3, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000001040)='net/packet\x00')
pread64(r7, &(0x7f0000000000)=""/232, 0xe8, 0x40)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a00)=@newtaction={0x850, 0x31, 0x1, 0x0, 0x0, {}, [{0x83c, 0x1, [@m_police={0x838, 0x0, 0x0, 0x0, {{0xb}, {0x80c, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_RATE={0x404}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x850}}, 0x0)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r5}, 0x10)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x80}, [@FRA_TUN_ID={0xc}]}, 0x28}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0xf, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {0x85, 0x0, 0x0, 0xba}}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r12 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r8, &(0x7f00000002c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000300)=0x14)
sendmsg$nl_route_sched(r12, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=@delchain={0x44, 0x65, 0x2, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r13, {0x5, 0xb}, {0xf, 0xfff2}, {0x4, 0x4}}, [@TCA_RATE={0x6, 0x5, {0x4a}}, @TCA_RATE={0x6, 0x5, {0x9, 0x9}}, @TCA_CHAIN={0x8, 0xb, 0x3}, @TCA_RATE={0x6, 0x5, {0x9}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000081}, 0xc800)
r14 = eventfd2(0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001740)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, r14}])
io_submit(0x0, 0x4, &(0x7f0000000980)=[&(0x7f0000000600)={0x0, 0x0, 0x0, 0x3, 0xf000, r8, &(0x7f0000000500)="434c993a4563a438e9ef63d0b19629c8d36553e0917b13040687021fc84a1403f64478e74e24865f4399a0224696fa80f3b7a787116c2c6599f5f593709d353913fc119bdae978163c668537c937b5bec822178b0f4006910fd9507b2978166e6ed50aeb0429caff9ad9d5fa166f059d471449a5f9e82579ea83c83b72a6e028747f9d19b0ea6116973f076ade6361f58814529496890f9158f1bb8884dbee189fa144b1068a10b27d3684eb97c5f9b036756eda56917652ad35acd62456fd18794399768ad6faec19543d0076de602e2ecce50b86c0efa14eade6c97f6bd62b07", 0xe1, 0x8001, 0x0, 0x2, r3}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f0000000640)="51a4d850b9a8434405f212b3b9a5509dd347607422f7bb0ec53977042472c7511528573f6baeedbf9d1633c3cf688f4ee2bc73263ebd34c3534540c5c1a7ffdf5aba6a3c76902e2608ce74e98932f273d432b46f23e3037149041a944364bf5a5eef0de47562056eb32d5b9e40264a1d7a77e5e04281bb325871dfdc6c6e9ecc013ca7d3f05a538cb658071314d44e4c856998206bffb72e0153869fdbdd8d9a1629b40fc5f5dd", 0xa7, 0x1000, 0x0, 0x1}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x8, 0x2, r11, &(0x7f0000000740)="691adfc3475d7979217b99875e277975d24339b400b6696cd18474e4a4d8f1bebdbd5d1ffbb6ae5f266c2a2aaa68b89100140e0db65e5cd56d0ffa2d61fa38e88cb6f1e3636f553adf9b8b1b31f6a0211ffc088e8489a9aee3d81a60c5d2376a32dc091e0b", 0x65, 0x3, 0x0, 0x2, r4}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x1, 0x80, r9, &(0x7f0000000880)="332d90d193b1d347f66a19aa9bbe476a63b4e2a43cdada5e3f4d159694f6e28e6a08a923ef0fdd5b8430778881ba2bf9d16ebef617a6a4245d94235432e33161e59b8fa8823d8deabdba5b74842494cab7c8db2980b64ae22be22a725a09ae1a57ca2dd70f6bcf23fcca681ca80419a04e36e9e2ab0c36aee5f0aed4427d04d8c6b6a420f19fbab260fd1bbdd382249811a5aff9bedbfeadb1ecdfdaacda055af686266a", 0xa4, 0x8000000000000001}])

kernel console output (not intermixed with test programs):

_hcd
[  891.694529][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  891.707464][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  891.719834][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  891.779292][T11447] usb 4-1: Using ep0 maxpacket: 16
[  891.793721][T11447] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  891.856896][T11447] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  891.868863][T11947] loop0: detected capacity change from 0 to 128
[  891.890520][T11447] usb 4-1: Product: syz
[  891.894770][T11447] usb 4-1: Manufacturer: syz
[  891.901380][T11447] usb 4-1: SerialNumber: syz
[  891.913646][   T30] audit: type=1804 audit(1727969710.649:1051): pid=11947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1343" name="/newroot/157/file2/bus" dev="loop0" ino=1048769 res=1 errno=0
[  891.913743][T11447] usb 4-1: config 0 descriptor??
[  891.944582][   T30] audit: type=1804 audit(1727969710.677:1052): pid=11947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1343" name="/newroot/157/file2/bus" dev="loop0" ino=1048769 res=1 errno=0
[  891.951251][T11447] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  892.127274][T11945] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1344'.
[  892.137843][T11945] vxcan1: entered promiscuous mode
[  892.217227][ T8325] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  892.238356][ T8325] FAT-fs (loop0): Filesystem has been set read-only
[  892.421263][T11447] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[  892.429942][T11447] visor 4-1:0.0: probe with driver visor failed with error -5
[  892.544125][ T1111] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  893.360712][ T1111] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  894.545334][ T5247] Bluetooth: hci3: command tx timeout
[  895.290192][ T1111] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  895.822390][T11972] loop0: detected capacity change from 0 to 2048
[  895.829933][T11972] udf: Unknown parameter ''
[  895.852473][T11440] usb 4-1: USB disconnect, device number 14
[  895.966094][T11935] chnl_net:caif_netlink_parms(): no params data found
[  896.276645][ T1111] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  896.750494][ T5247] Bluetooth: hci3: command tx timeout
[  897.663398][T11935] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.671218][T11935] bridge0: port 1(bridge_slave_0) entered disabled state
[  897.678606][T11935] bridge_slave_0: entered allmulticast mode
[  897.686885][T11935] bridge_slave_0: entered promiscuous mode
[  897.696268][T11935] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.703995][T11935] bridge0: port 2(bridge_slave_1) entered disabled state
[  897.711494][T11935] bridge_slave_1: entered allmulticast mode
[  897.719534][T11935] bridge_slave_1: entered promiscuous mode
[  897.837620][ T1111] bridge_slave_1: left allmulticast mode
[  897.847405][ T1111] bridge_slave_1: left promiscuous mode
[  897.866640][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state
[  897.893432][ T1111] bridge_slave_0: left allmulticast mode
[  897.918064][ T1111] bridge_slave_0: left promiscuous mode
[  897.936305][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state
[  897.962576][T11440] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  898.183057][T11440] usb 5-1: Using ep0 maxpacket: 32
[  898.253642][T11440] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  898.316741][T11440] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  898.660724][T11440] usb 5-1: config 0 descriptor??
[  898.870893][T11440] gspca_main: sq930x-2.14.0 probing 041e:403c
[  898.976609][ T5247] Bluetooth: hci3: command tx timeout
[  899.077701][T12010] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1354'.
[  899.694303][T11440] gspca_sq930x: ucbus_write failed -110
[  899.708196][T11440] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[  899.983096][T12015] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  899.983096][T12015]    program syz.3.1356 not setting count and/or reply_len properly
[  900.132476][T12018] loop3: detected capacity change from 0 to 1024
[  900.277454][T12018] hfsplus: invalid catalog btree flag
[  900.289566][T11448] usb 5-1: USB disconnect, device number 32
[  900.308708][T12018] hfsplus: failed to load catalog file
[  900.400248][ T1111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  900.416398][ T1111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  900.435855][ T1111] bond0 (unregistering): Released all slaves
[  900.655375][T12019] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1357'.
[  900.848445][T11935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  901.211603][ T5247] Bluetooth: hci3: command tx timeout
[  901.489169][T11935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  901.755554][T11935] team0: Port device team_slave_0 added
[  901.777580][T11935] team0: Port device team_slave_1 added
[  901.849883][T11439] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  901.882062][ T1111] hsr_slave_0: left promiscuous mode
[  901.902533][ T1111] hsr_slave_1: left promiscuous mode
[  901.933737][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  901.955809][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  901.973849][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  901.987667][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  902.031547][T11439] usb 5-1: Using ep0 maxpacket: 16
[  902.041825][T11439] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  902.046577][ T1111] veth0_macvtap: left promiscuous mode
[  902.051243][T11439] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  902.064947][ T1111] veth1_vlan: left promiscuous mode
[  902.065043][T11439] usb 5-1: Product: syz
[  902.070320][ T1111] veth0_vlan: left promiscuous mode
[  902.075166][T11439] usb 5-1: Manufacturer: syz
[  902.084408][T11439] usb 5-1: SerialNumber: syz
[  902.104175][T11439] usb 5-1: config 0 descriptor??
[  902.131809][T11439] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  903.696600][T11439] usb 5-1: clie_3_5_startup: get interface number bad return length: 0
[  903.705247][T11439] visor 5-1:0.0: probe with driver visor failed with error -5
[  903.941203][T12037] loop0: detected capacity change from 0 to 2048
[  904.274423][T12037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  904.298071][T12037] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  905.454212][ T8325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  905.495997][T11438] usb 5-1: USB disconnect, device number 33
[  907.427559][ T1111] team0 (unregistering): Port device team_slave_1 removed
[  908.423297][ T1111] team0 (unregistering): Port device team_slave_0 removed
[  909.294359][T12059] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1366'.
[  910.109446][T11935] batman_adv: batadv0: Adding interface: batadv_slave_0
[  910.121140][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  910.159241][T11935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  910.183833][T11935] batman_adv: batadv0: Adding interface: batadv_slave_1
[  910.228217][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  910.335071][T11935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  911.506979][T11935] hsr_slave_0: entered promiscuous mode
[  911.583357][T11935] hsr_slave_1: entered promiscuous mode
[  911.749286][T12070] netlink: 'syz.4.1369': attribute type 4 has an invalid length.
[  911.931127][T11439] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  912.128307][T11439] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  912.145273][T11439] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  912.208998][T11439] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  912.270958][T11439] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  912.341036][T11439] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  912.388790][T11439] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  912.430164][T11439] usb 3-1: config 0 descriptor??
[  912.466341][T12075] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  912.715571][T11935] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  912.805007][T11935] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  912.890639][T11935] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  912.922774][T11935] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  912.940162][T11439] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd
[  912.960099][T11439] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  912.983268][T11439] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  913.157905][T11935] 8021q: adding VLAN 0 to HW filter on device bond0
[  913.204117][T11935] 8021q: adding VLAN 0 to HW filter on device team0
[  913.224354][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  913.231554][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  913.257415][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  913.264589][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  913.343319][T11439] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  913.513550][T11439] usb 5-1: Using ep0 maxpacket: 32
[  913.519005][T11935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  913.530586][T11439] usb 5-1: config 0 has an invalid descriptor of length 111, skipping remainder of the config
[  913.551577][T11439] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  913.561382][T11439] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.569652][T11439] usb 5-1: Product: syz
[  913.576487][T11439] usb 5-1: Manufacturer: syz
[  913.580798][T11935] veth0_vlan: entered promiscuous mode
[  913.581918][T11439] usb 5-1: SerialNumber: syz
[  913.596485][T11935] veth1_vlan: entered promiscuous mode
[  913.599752][T11439] usb 5-1: config 0 descriptor??
[  913.611942][T11439] cdc_ether 5-1:0.0: More than one union descriptor, skipping ...
[  913.626129][T11439] usb 5-1: bad CDC descriptors
[  913.632378][T11439] usb 5-1: unsupported MDLM descriptors
[  913.634176][T11935] veth0_macvtap: entered promiscuous mode
[  913.651629][T11935] veth1_macvtap: entered promiscuous mode
[  913.670758][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  913.681936][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.693662][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  913.695325][T11440] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  913.710974][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.723773][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  913.738059][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.750832][T11935] batman_adv: batadv0: Interface activated: batadv_slave_0
[  913.767395][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  913.778469][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.789996][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  913.800907][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.810925][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  913.821684][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  913.835508][T11935] batman_adv: batadv0: Interface activated: batadv_slave_1
[  913.845813][T11439] usb 5-1: USB disconnect, device number 34
[  913.870876][T11935] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  913.880889][T11935] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  913.889964][T11440] usb 4-1: Using ep0 maxpacket: 16
[  913.895410][T11935] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  913.905895][T11935] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  913.933955][T11440] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  913.949284][T11440] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.960065][T11440] usb 4-1: Product: syz
[  913.968940][T11440] usb 4-1: Manufacturer: syz
[  913.974382][T11440] usb 4-1: SerialNumber: syz
[  913.982966][T11440] usb 4-1: config 0 descriptor??
[  914.032963][T11440] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  914.045455][ T1306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  914.059799][ T1306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  914.087914][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  914.096309][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  914.466839][T11440] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[  914.477868][T11440] visor 4-1:0.0: probe with driver visor failed with error -5
[  914.550427][ T4646] usb 3-1: reset high-speed USB device number 31 using dummy_hcd
[  914.619221][T12086] loop1: detected capacity change from 0 to 32768
[  917.443939][T12106] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1376'.
[  918.459450][T12115] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1377'.
[  918.804870][ T8021] usb 3-1: USB disconnect, device number 31
[  919.125041][ T4646] usb 4-1: USB disconnect, device number 15
[  921.723066][T12144] loop1: detected capacity change from 0 to 128
[  921.762431][T12144] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  921.786006][T12144] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  921.912978][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 1024
[  921.938497][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 8192
[  921.970411][ T4646] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  921.984530][T11935] EXT4-fs error (device loop1): ext4_empty_dir:3117: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  922.002448][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 1024
[  922.023606][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 8192
[  922.050235][T11935] EXT4-fs error (device loop1): ext4_empty_dir:3117: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  922.081755][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 1024
[  922.104599][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 8192
[  922.132670][T11935] EXT4-fs error (device loop1): ext4_empty_dir:3117: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  922.155032][T11935] EXT4-fs error (device loop1): ext4_readdir:221: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 1024
[  922.171064][ T4646] usb 3-1: Using ep0 maxpacket: 16
[  922.189784][ T4646] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  922.200707][ T4646] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  922.209823][ T4646] usb 3-1: Product: syz
[  922.214193][ T4646] usb 3-1: Manufacturer: syz
[  922.312228][ T4646] usb 3-1: SerialNumber: syz
[  922.369594][T12153] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  922.369839][ T4646] usb 3-1: config 0 descriptor??
[  922.427385][T12153] fuse: Bad value for 'user_id'
[  922.434058][T12153] fuse: Bad value for 'user_id'
[  922.541246][ T4646] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  923.384942][T12157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1390'.
[  923.442539][ T4646] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[  923.451130][ T4646] visor 3-1:0.0: probe with driver visor failed with error -5
[  924.773941][T12173] loop0: detected capacity change from 0 to 128
[  924.784974][T12173] /dev/loop0: Can't open blockdev
[  925.545275][T12176] loop0: detected capacity change from 0 to 1024
[  925.882614][T11439] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  926.074755][T11439] usb 4-1: Using ep0 maxpacket: 16
[  926.103188][T11439] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  926.114326][T11439] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  926.125588][T11439] usb 4-1: Product: syz
[  926.193282][T11439] usb 4-1: Manufacturer: syz
[  926.200236][T11439] usb 4-1: SerialNumber: syz
[  926.222083][T11439] usb 4-1: config 0 descriptor??
[  926.236025][T11439] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  926.871841][T11935] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  926.882787][T11439] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[  926.892351][T11439] visor 4-1:0.0: probe with driver visor failed with error -5
[  927.268519][ T5319] usb 3-1: USB disconnect, device number 32
[  927.357709][T12185] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  927.394018][T12187] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device sda1 blocksize: 4096
[  927.617799][T12187] grow_buffers: requested out-of-range block 144115188075855872 for device sda1
[  927.906742][T12187] EXT4-fs warning (device sda1): ext4_resize_fs:2017: can't read last block, resize aborted
[  928.204943][   T29] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  928.454356][T12197] SET target dimension over the limit!
[  928.461752][   T29] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  929.253108][   T29] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  929.313439][T11439] usb 4-1: USB disconnect, device number 16
[  929.325313][ T5236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  929.375532][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  929.387699][ T5236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  929.401757][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  929.412866][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  929.420442][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  929.575907][T12211] loop3: detected capacity change from 0 to 256
[  929.653220][   T29] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  930.733999][T12218] loop0: detected capacity change from 0 to 1024
[  931.826407][ T5236] Bluetooth: hci3: command tx timeout
[  932.057691][T12205] chnl_net:caif_netlink_parms(): no params data found
[  932.104292][T11448] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  932.179173][T11440] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  932.291520][T11448] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  932.308374][T11448] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  932.320852][T11448] usb 5-1: config 0 descriptor??
[  932.329118][T11448] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  932.349259][   T29] bridge_slave_1: left allmulticast mode
[  932.356343][T11440] usb 4-1: Using ep0 maxpacket: 32
[  932.371859][T11440] usb 4-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  932.385037][  T940] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  932.388820][   T29] bridge_slave_1: left promiscuous mode
[  932.399695][T11440] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  932.408436][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.429384][T11440] usb 4-1: config 0 descriptor??
[  932.434726][   T29] bridge_slave_0: left allmulticast mode
[  932.449613][T11440] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input22
[  932.467531][   T29] bridge_slave_0: left promiscuous mode
[  932.474855][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.553340][  T940] usb 3-1: Using ep0 maxpacket: 16
[  932.563210][  T940] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  932.573168][  T940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  932.581398][  T940] usb 3-1: Product: syz
[  932.585848][  T940] usb 3-1: Manufacturer: syz
[  932.590547][  T940] usb 3-1: SerialNumber: syz
[  932.598346][  T940] usb 3-1: config 0 descriptor??
[  932.606849][  T940] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  933.017053][T11448] gspca_sonixj: reg_w1 err -71
[  933.022195][T11448] sonixj 5-1:0.0: probe with driver sonixj failed with error -71
[  933.045702][T11448] usb 5-1: USB disconnect, device number 35
[  933.071979][  T940] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[  933.080777][  T940] visor 3-1:0.0: probe with driver visor failed with error -5
[  933.385624][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  933.413355][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  933.438467][   T29] bond0 (unregistering): Released all slaves
[  933.446494][   T81] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  933.483236][T12205] bridge0: port 1(bridge_slave_0) entered blocking state
[  933.490992][T12205] bridge0: port 1(bridge_slave_0) entered disabled state
[  933.510454][T12205] bridge_slave_0: entered allmulticast mode
[  933.531956][T12205] bridge_slave_0: entered promiscuous mode
[  933.703927][T12205] bridge0: port 2(bridge_slave_1) entered blocking state
[  933.725196][T12205] bridge0: port 2(bridge_slave_1) entered disabled state
[  933.741754][T12205] bridge_slave_1: entered allmulticast mode
[  933.760988][T12205] bridge_slave_1: entered promiscuous mode
[  933.878170][T12205] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  933.973709][T12205] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  934.039596][ T5236] Bluetooth: hci3: command tx timeout
[  934.047678][ T4670] bcm5974 4-1:0.0: could not read from device
[  934.060726][ T4670] bcm5974 4-1:0.0: could not read from device
[  934.086262][T11440] usb 4-1: USB disconnect, device number 17
[  934.087621][ T4670] bcm5974 4-1:0.0: could not read from device
[  934.182805][   T29] hsr_slave_0: left promiscuous mode
[  934.194897][   T29] hsr_slave_1: left promiscuous mode
[  934.202670][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  934.211812][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  934.220073][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  934.229507][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  934.263375][   T29] veth1_macvtap: left promiscuous mode
[  934.269169][   T29] veth0_macvtap: left promiscuous mode
[  934.285900][   T29] veth1_vlan: left promiscuous mode
[  934.294105][   T29] veth0_vlan: left promiscuous mode
[  935.044633][T11439] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  935.275753][T11439] usb 4-1: Using ep0 maxpacket: 16
[  935.296332][T11439] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  935.306678][T11439] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.335213][T11439] usb 4-1: Product: syz
[  935.339548][T11439] usb 4-1: Manufacturer: syz
[  935.344338][T11439] usb 4-1: SerialNumber: syz
[  935.358721][T11439] usb 4-1: config 0 descriptor??
[  935.427286][T11439] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  936.258634][T12256] loop0: detected capacity change from 0 to 1024
[  936.283405][ T5236] Bluetooth: hci3: command tx timeout
[  936.305945][T11439] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[  936.314383][T11439] visor 4-1:0.0: probe with driver visor failed with error -5
[  936.349397][T12258] sctp: [Deprecated]: syz.4.1416 (pid 12258) Use of int in max_burst socket option deprecated.
[  936.349397][T12258] Use struct sctp_assoc_value instead
[  936.403536][T12256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  936.803436][ T8021] usb 3-1: USB disconnect, device number 33
[  939.173472][ T5236] Bluetooth: hci0: command 0x0406 tx timeout
[  939.179761][ T5236] Bluetooth: hci3: command tx timeout
[  939.310708][  T940] usb 4-1: USB disconnect, device number 18
[  939.387083][   T30] audit: type=1800 audit(1727969754.902:1053): pid=12266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1415" name="file1" dev="loop0" ino=15 res=0 errno=0
[  939.654355][T12281] loop3: detected capacity change from 0 to 1024
[  939.888723][   T29] team0 (unregistering): Port device team_slave_1 removed
[  940.249432][ T8325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  940.599690][   T29] team0 (unregistering): Port device team_slave_0 removed
[  940.766068][T12287] No source specified
[  940.782049][T12287] input: syz1 as /devices/virtual/input/input23
[  940.845559][ T8021] kernel write not supported for file /vcs (pid: 8021 comm: kworker/1:3)
[  941.269159][T12295] serio: Serial port ptm0
[  942.130517][T12300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1423'.
[  945.510541][T12205] team0: Port device team_slave_0 added
[  945.567566][T12205] team0: Port device team_slave_1 added
[  945.775413][T12205] batman_adv: batadv0: Adding interface: batadv_slave_0
[  945.803345][T12205] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  945.980760][T12205] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  946.032678][T12205] batman_adv: batadv0: Adding interface: batadv_slave_1
[  946.066383][T11448] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  946.074642][T12205] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  946.175610][T12327] loop0: detected capacity change from 0 to 32768
[  946.215788][T12205] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  946.280757][T11448] usb 4-1: Using ep0 maxpacket: 16
[  946.293708][T11448] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  946.493545][T11448] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  947.098519][T11448] usb 4-1: Product: syz
[  947.102738][T11448] usb 4-1: Manufacturer: syz
[  947.110027][T12205] hsr_slave_0: entered promiscuous mode
[  947.114682][T11448] usb 4-1: SerialNumber: syz
[  947.123066][T11448] usb 4-1: config 0 descriptor??
[  947.132440][T12205] hsr_slave_1: entered promiscuous mode
[  947.137439][T11448] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  947.869924][T12338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1434'.
[  948.194817][T11448] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[  948.203876][T11448] visor 4-1:0.0: probe with driver visor failed with error -5
[  948.246680][T12346] loop0: detected capacity change from 0 to 2048
[  948.261636][T12346] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  948.263049][T12348] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[  948.287757][T12346] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  948.308748][T12346] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field
[  949.275686][T12346] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field
[  952.763239][ T5319] usb 4-1: USB disconnect, device number 19
[  953.548467][T12366] loop3: detected capacity change from 0 to 256
[  953.591057][T12372] IPVS: set_ctl: invalid protocol: 1 172.30.1.5:20000
[  953.740827][T12374] loop0: detected capacity change from 0 to 512
[  953.775570][T12205] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  953.800908][T12374] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  953.834856][T12205] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  953.867993][T12374] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (20904!=33349)
[  953.991884][T12374] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  954.009125][T12374] EXT4-fs (loop0): orphan cleanup on readonly fs
[  954.437743][T12205] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  954.477687][T12374] EXT4-fs error (device loop0): ext4_map_blocks:671: inode #2: block 4: comm syz.0.1441: lblock 0 mapped to illegal pblock 4 (length 1)
[  954.638543][T12205] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  954.722652][T12374] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  954.737225][T12374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  954.852707][T12385] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[  955.013233][T12389] EXT4-fs error (device loop0): ext4_map_blocks:671: inode #2: block 4: comm syz.0.1441: lblock 0 mapped to illegal pblock 4 (length 1)
[  955.150943][T12205] 8021q: adding VLAN 0 to HW filter on device bond0
[  955.180070][T12205] 8021q: adding VLAN 0 to HW filter on device team0
[  955.212982][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  955.220232][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  955.255463][ T8325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  955.269706][ T1306] bridge0: port 2(bridge_slave_1) entered blocking state
[  955.277028][ T1306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  955.340640][T12205] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  955.369427][T12205] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  955.915320][T12205] 8021q: adding VLAN 0 to HW filter on device batadv0
[  957.028912][T12205] veth0_vlan: entered promiscuous mode
[  957.042942][T12205] veth1_vlan: entered promiscuous mode
[  957.071079][T12205] veth0_macvtap: entered promiscuous mode
[  957.081664][T12205] veth1_macvtap: entered promiscuous mode
[  957.103754][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  957.114990][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.125221][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  957.136071][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.146281][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  957.157120][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.169152][T12205] batman_adv: batadv0: Interface activated: batadv_slave_0
[  957.179552][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.190764][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.201150][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.212007][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.222310][T12205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  957.233024][T12205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  957.244628][T12205] batman_adv: batadv0: Interface activated: batadv_slave_1
[  957.255725][T12205] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  957.264765][T12205] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  957.273846][T12205] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  957.282904][T12205] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  957.423886][T12409] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[  958.355264][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  958.363538][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  958.515288][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  958.536374][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  958.606240][ T4646] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  958.884235][ T4646] usb 5-1: Using ep0 maxpacket: 16
[  958.931310][ T4646] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  959.301434][ T4646] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  959.312854][ T4646] usb 5-1: Product: syz
[  959.321969][ T4646] usb 5-1: Manufacturer: syz
[  959.327578][ T4646] usb 5-1: SerialNumber: syz
[  959.335487][ T4646] usb 5-1: config 0 descriptor??
[  959.370317][ T4646] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  959.489166][T12430] loop1: detected capacity change from 0 to 512
[  959.503014][T12430] EXT4-fs: Ignoring removed oldalloc option
[  959.544475][T12430] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  959.553154][T12430] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=84fc01c, mo2=0002]
[  959.577091][T12430] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  959.588548][T12430] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  959.832122][T12430] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  960.615654][ T4646] usb 5-1: clie_3_5_startup: get interface number bad return length: 0
[  960.625012][ T4646] visor 5-1:0.0: probe with driver visor failed with error -5
[  960.645705][   T30] audit: type=1326 audit(1727969774.929:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12427 comm="syz.1.1399" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcae097dff9 code=0x0
[  961.127868][T12442] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.1399: dx entry: limit 65535 != root limit 120
[  961.161630][T12442] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1399: Corrupt directory, running e2fsck is recommended
[  961.514992][T12442] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 3: comm syz.1.1399: path /0/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  962.028585][T12442] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) !
[  962.185679][T12450] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 3: comm syz.1.1399: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  962.910200][T12458] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  963.043435][ T4646] usb 5-1: USB disconnect, device number 36
[  963.050781][T12205] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  963.099018][T12458] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1456'.
[  963.812687][ T5319] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  964.094552][ T5319] usb 2-1: Using ep0 maxpacket: 32
[  964.306375][ T5319] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  964.325845][ T5319] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  964.373957][ T5319] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  964.467535][ T5319] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  964.483687][ T5319] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  964.515776][ T5319] usb 2-1: Product: syz
[  964.782791][ T5319] usb 2-1: Manufacturer: syz
[  964.794007][ T5319] usb 2-1: SerialNumber: syz
[  965.747713][ T5319] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input24
[  966.166561][  T940] usb 2-1: USB disconnect, device number 20
[  966.278216][  T940] appletouch 2-1:1.0: input: appletouch disconnected
[  967.666766][ T1306] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  967.882827][T12490] netlink: 'syz.0.1461': attribute type 4 has an invalid length.
[  968.452320][ T5319] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  968.634090][ T5319] usb 2-1: Using ep0 maxpacket: 8
[  968.645163][  T940] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  968.661529][ T5319] usb 2-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=7f.01
[  968.687089][ T5319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  968.723531][ T5319] usb 2-1: config 0 descriptor??
[  968.746430][ T5319] usb 2-1: unknown interface protocol 0x3f, assuming v1
[  968.755529][ T5319] usb 2-1: cannot find UAC_HEADER
[  968.781493][ T5319] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  968.815833][  T940] usb 3-1: Using ep0 maxpacket: 16
[  968.850127][  T940] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  968.864769][  T940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  968.873130][  T940] usb 3-1: Product: syz
[  968.877445][  T940] usb 3-1: Manufacturer: syz
[  968.898700][  T940] usb 3-1: SerialNumber: syz
[  968.918580][  T940] usb 3-1: config 0 descriptor??
[  968.948592][  T940] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  969.380043][  T940] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[  969.382071][T12516] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1469'.
[  969.401193][T12518] loop3: detected capacity change from 0 to 1024
[  969.408928][  T940] visor 3-1:0.0: probe with driver visor failed with error -5
[  970.868631][   T30] audit: type=1800 audit(1727969784.508:1055): pid=12519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1470" name="bus" dev="loop3" ino=25 res=0 errno=0
[  971.718548][T11447] usb 2-1: USB disconnect, device number 21
[  971.753924][T12531] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  972.096875][ T4646] usb 3-1: USB disconnect, device number 34
[  973.143015][T11447] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  973.744349][T11447] usb 2-1: Using ep0 maxpacket: 16
[  973.762780][T11447] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  973.764654][T12547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1478'.
[  973.803023][T11447] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  973.830809][T11447] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  973.855801][T11447] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.874543][T11447] usb 2-1: config 0 descriptor??
[  973.899893][T12552] netlink: 'syz.2.1480': attribute type 11 has an invalid length.
[  973.918185][T12552] netlink: 'syz.2.1480': attribute type 11 has an invalid length.
[  973.934899][T12552] debugfs: Directory 'netdev:' with parent 'phy52' already present!
[  974.075579][T11440] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  974.481846][T11440] usb 5-1: Using ep0 maxpacket: 16
[  974.488933][T11440] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  974.502824][T11440] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[  974.512419][T11440] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  974.516286][T11447] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000E/input/input25
[  974.520692][T11440] usb 5-1: Product: syz
[  974.536895][T11440] usb 5-1: Manufacturer: syz
[  974.541604][T11440] usb 5-1: SerialNumber: syz
[  974.579948][T11440] usb 5-1: config 0 descriptor??
[  975.342571][T11447] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  976.177070][T11447] usb 2-1: USB disconnect, device number 22
[  976.434332][T12568] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  976.466244][T12568] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  976.542137][T12568] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  976.806125][T12574] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  977.799497][T12580] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1487'.
[  977.815754][T12580] overlayfs: failed to resolve './file2': -2
[  977.818325][T11440] usb 5-1: Found UVC 0.00 device syz (045e:0721)
[  977.838721][T11440] usb 5-1: No valid video chain found.
[  977.855928][T11440] usb 5-1: USB disconnect, device number 37
[  978.684275][T12595] xt_SECMARK: invalid mode: 0
[  979.256740][ T5247] Bluetooth: hci0: command tx timeout
[  982.175475][T12623] netlink: 'syz.2.1496': attribute type 10 has an invalid length.
[  982.193350][T12624] loop0: detected capacity change from 0 to 512
[  982.239877][T12624] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  982.248342][T12623] bond0: (slave vlan0): Enslaving as an active interface with an up link
[  982.332691][T12624] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  982.350939][T12624] EXT4-fs (loop0): 1 truncate cleaned up
[  982.357289][T12624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  983.509629][ T8325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  984.030479][T12637] loop1: detected capacity change from 0 to 128
[  984.426674][T12637] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  984.566028][T12637] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  985.198254][T12657] binder: 12648:12657 ioctl c0306201 0 returned -14
[  986.963466][T12205] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  987.642013][T11447] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  987.813015][T11447] usb 3-1: Using ep0 maxpacket: 16
[  987.827058][T11447] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  987.847435][T11447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.870442][T11447] usb 3-1: Product: syz
[  987.882995][T11447] usb 3-1: Manufacturer: syz
[  988.955615][T11447] usb 3-1: SerialNumber: syz
[  988.977792][T11447] usb 3-1: config 0 descriptor??
[  988.990413][T11447] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  990.047272][    C0] hrtimer: interrupt took 63957 ns
[  990.927963][T11447] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[  990.936749][T11447] visor 3-1:0.0: probe with driver visor failed with error -5
[  992.740733][  T940] usb 3-1: USB disconnect, device number 35
[  992.908317][T12698] netlink: 288 bytes leftover after parsing attributes in process `syz.1.1512'.
[  995.183471][T12717] dlm: no locking on control device
[  997.645079][T12740] loop0: detected capacity change from 0 to 1024
[  997.880279][T12739] syz.4.1523 (12739): drop_caches: 2
[  999.312290][T12739] syz.4.1523 (12739): drop_caches: 2
[  999.318822][T12739] syz.4.1523 (12739): drop_caches: 2
[  999.377448][T12739] syz.4.1523 (12739): drop_caches: 2
[  999.390284][T12739] syz.4.1523 (12739): drop_caches: 2
[  999.505609][T12747] xt_ecn: cannot match TCP bits for non-tcp packets
[  999.608712][T12753] netlink: 'syz.4.1526': attribute type 2 has an invalid length.
[  999.633535][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1525'.
[ 1001.468600][   T29] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1001.993733][T12770] loop3: detected capacity change from 0 to 128
[ 1002.028698][T12768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1002.052659][T12768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1002.137465][   T30] audit: type=1326 audit(1727969813.748:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12750 comm="syz.4.1526" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e4197dff9 code=0x0
[ 1006.878467][T12797] sp0: Synchronizing with TNC
[ 1007.535602][T12791] [U] �
[ 1008.185470][ T8866] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1008.225775][ T8866] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1008.235736][ T8866] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1008.249157][ T8866] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1008.257431][ T8866] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1008.265189][ T8866] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1008.312559][T12803] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1536'.
[ 1008.739964][T12809] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1008.914574][T12815] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 51917 - 0
[ 1008.986049][T12815] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 51917 - 0
[ 1009.032907][T12815] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 51917 - 0
[ 1009.076114][T12815] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 51917 - 0
[ 1009.098378][T12815] netdevsim netdevsim0 netdevsim0: set [1, 2] type 2 family 0 port 32926 - 0
[ 1009.159328][T12815] netdevsim netdevsim0 netdevsim1: set [1, 2] type 2 family 0 port 32926 - 0
[ 1009.216446][T12815] netdevsim netdevsim0 netdevsim2: set [1, 2] type 2 family 0 port 32926 - 0
[ 1009.225787][T12815] netdevsim netdevsim0 netdevsim3: set [1, 2] type 2 family 0 port 32926 - 0
[ 1009.248681][T12815] geneve2: entered promiscuous mode
[ 1009.254220][T12815] geneve2: entered allmulticast mode
[ 1009.297924][T12793] chnl_net:caif_netlink_parms(): no params data found
[ 1009.532992][T12795] loop3: detected capacity change from 0 to 32768
[ 1009.550783][T12793] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1009.710467][T12793] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1009.718171][T12793] bridge_slave_0: entered allmulticast mode
[ 1009.727107][T12793] bridge_slave_0: entered promiscuous mode
[ 1009.742600][T12793] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1009.750710][T12793] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1009.759384][T12793] bridge_slave_1: entered allmulticast mode
[ 1009.772440][T12793] bridge_slave_1: entered promiscuous mode
[ 1010.354073][   T30] audit: type=1326 audit(1727969821.419:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12794 comm="syz.3.1538" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9152d7dff9 code=0x0
[ 1010.553084][ T5247] Bluetooth: hci5: command tx timeout
[ 1011.085503][T12793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1011.318361][T12793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.343028][T11448] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 1011.403847][T12793] team0: Port device team_slave_0 added
[ 1011.427605][T12793] team0: Port device team_slave_1 added
[ 1011.503724][T11448] usb 5-1: Using ep0 maxpacket: 8
[ 1011.510645][T11448] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1011.528339][T11448] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1011.533126][T12793] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1011.551534][T11448] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1011.555304][T12793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1011.578345][T11448] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1011.597690][T12793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1011.612817][T11448] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1011.631650][T11448] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.655719][T12793] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1011.662714][T12793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1011.688997][T12793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1011.747617][T12793] hsr_slave_0: entered promiscuous mode
[ 1011.779267][T12793] hsr_slave_1: entered promiscuous mode
[ 1011.846062][T12793] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1011.867626][T12793] Cannot create hsr debugfs directory
[ 1012.950200][ T5247] Bluetooth: hci5: command tx timeout
[ 1013.275805][T11448] usb 5-1: usb_control_msg returned -71
[ 1013.302054][T11448] usbtmc 5-1:16.0: can't read capabilities
[ 1013.339014][T11448] usb 5-1: USB disconnect, device number 38
[ 1013.479885][T12845] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[ 1013.628857][T12793] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1013.705701][T11438] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1013.876780][T11438] usb 4-1: Using ep0 maxpacket: 32
[ 1013.914344][T11438] usb 4-1: New USB device found, idVendor=10cf, idProduct=8068, bcdDevice=2e.fd
[ 1014.512980][T12793] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1014.580892][T11438] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1014.594477][T11438] usb 4-1: config 0 descriptor??
[ 1014.611898][T11438] vmk80xx 4-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[ 1015.372139][T12854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1550'.
[ 1015.606411][ T5247] Bluetooth: hci5: command tx timeout
[ 1015.613018][T12793] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1015.889086][T12793] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1016.247291][T12858] cgroup: fork rejected by pids controller in /syz2
[ 1017.699443][T12898] loop0: detected capacity change from 0 to 1024
[ 1017.992771][ T5247] Bluetooth: hci5: command tx timeout
[ 1019.839842][  T940] usb 4-1: USB disconnect, device number 20
[ 1019.856690][T12898] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[ 1019.866396][T12898] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1019.876616][T12898] EXT4-fs (loop0): external journal device major/minor numbers have changed
[ 1019.885377][T12898] EXT4-fs (loop0): filesystem has both journal inode and journal device!
[ 1020.395877][T12793] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1021.202229][T12912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1556'.
[ 1021.960118][T12793] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1022.019513][T12793] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1022.156939][T12793] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1022.273134][T12920] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1557'.
[ 1024.095381][T12793] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1024.121795][T12793] 8021q: adding VLAN 0 to HW filter on device team0
[ 1024.157575][T12793] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1024.168207][T12793] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1024.203458][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.210679][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1024.219950][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.227160][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1024.885089][T12793] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1025.014686][T12793] veth0_vlan: entered promiscuous mode
[ 1025.063281][T12793] veth1_vlan: entered promiscuous mode
[ 1025.156160][T12793] veth0_macvtap: entered promiscuous mode
[ 1025.744173][T12793] veth1_macvtap: entered promiscuous mode
[ 1025.780475][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1025.820051][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1025.844315][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.035097][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.045131][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.056544][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.085530][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.104351][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.121405][T12793] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1026.146671][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.157429][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.167860][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.393946][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.404528][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.415325][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.425961][T12793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.436802][T12793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.454679][T12793] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1026.484987][T12793] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1026.494828][T12793] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1026.504706][T12793] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1026.514233][T12793] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.671170][ T5350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1028.679455][ T5350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1029.775182][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1029.783363][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1029.953697][T12975] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1567'.
[ 1031.947002][T12986] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1570'.
[ 1032.198903][T12986] bridge_slave_0: left allmulticast mode
[ 1032.206671][T12986] bridge_slave_0: left promiscuous mode
[ 1032.221152][T12986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.113934][T12992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1571'.
[ 1034.214590][T12997] loop1: detected capacity change from 0 to 164
[ 1034.641079][T13007] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[ 1035.606850][T13008] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1035.623236][T13009] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1574'.
[ 1036.585947][T13016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1577'.
[ 1036.718698][   T30] audit: type=1326 audit(1727969846.095:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13017 comm="syz.2.1578" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd3e17dff9 code=0x0
[ 1037.032588][ T4646] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1040.118817][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1041.007122][T13043] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[ 1041.020256][T13044] netlink: 'syz.0.1582': attribute type 27 has an invalid length.
[ 1041.315907][ T4646] usb 4-1: device not accepting address 21, error -71
[ 1041.537352][T13050] loop1: detected capacity change from 0 to 128
[ 1041.789040][T13044] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.897506][T13044] bridge0: left promiscuous mode
[ 1041.902509][T13044] bridge0: left allmulticast mode
[ 1042.464852][T13044] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1042.510887][T13044] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1042.857997][T13044] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.887224][T13044] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.917857][T13044] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.982146][T13044] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1043.060474][T13044] netdevsim netdevsim0 netdevsim0: unset [1, 2] type 2 family 0 port 32926 - 0
[ 1043.072736][T13044] netdevsim netdevsim0 netdevsim1: unset [1, 2] type 2 family 0 port 32926 - 0
[ 1043.081777][T13044] netdevsim netdevsim0 netdevsim2: unset [1, 2] type 2 family 0 port 32926 - 0
[ 1043.121324][T13044] netdevsim netdevsim0 netdevsim3: unset [1, 2] type 2 family 0 port 32926 - 0
[ 1043.177188][T13044] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 51917 - 0
[ 1043.208025][T13044] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 51917 - 0
[ 1043.224899][T13044] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 51917 - 0
[ 1043.247667][T13044] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 51917 - 0
[ 1043.303063][T13044] geneve2: left promiscuous mode
[ 1043.308595][T13044] geneve2: left allmulticast mode
[ 1044.639644][   T30] audit: type=1107 audit(1727969853.503:1059): pid=13059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[ 1046.002391][T13060] Bluetooth: hci0: Opcode 0x0401 failed: -22
[ 1046.041583][T13073] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1047.050398][ T5247] Bluetooth: hci0: command tx timeout
[ 1047.223329][T13075] loop0: detected capacity change from 0 to 32768
[ 1047.237388][  T940] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1047.392585][T11448] IPVS: starting estimator thread 0...
[ 1047.471186][  T940] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 1047.538412][  T940] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1047.709720][T13079] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1047.719215][  T940] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1047.807438][  T940] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1047.904285][  T940] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1047.933802][  T940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1047.962899][  T940] usb 2-1: Product: syz
[ 1047.971996][  T940] usb 2-1: Manufacturer: syz
[ 1047.976703][  T940] usb 2-1: SerialNumber: syz
[ 1048.211452][T13087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1590'.
[ 1048.890465][  T940] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[ 1048.908498][  T940] usb 2-1: 2:1 : sample bitwidth 187 in over sample bytes 4
[ 1048.929078][  T940] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1049.023169][  T940] usb 2-1: USB disconnect, device number 23
[ 1049.366089][T13092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1594'.
[ 1049.425270][T13092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1594'.
[ 1050.702753][T13092] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1050.713110][T13092] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1050.722090][T13092] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1050.730938][T13092] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1050.965606][ T5247] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1050.977207][ T5247] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1050.989471][ T5247] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1051.000009][ T5247] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1051.008964][ T5247] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1051.016833][ T5247] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1051.094869][T13106] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1052.286620][T13109] loop0: detected capacity change from 0 to 40427
[ 1052.323629][T13109] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1052.332297][T13109] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1052.356863][T13104] chnl_net:caif_netlink_parms(): no params data found
[ 1052.434659][T13109] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1052.705627][T13109] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1052.712937][T13109] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1052.862048][T13128] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1598'.
[ 1052.961119][T13104] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1052.968500][T13104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1052.983044][T13104] bridge_slave_0: entered allmulticast mode
[ 1053.095298][T13104] bridge_slave_0: entered promiscuous mode
[ 1053.131966][T13104] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.161663][T13104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.214385][T13104] bridge_slave_1: entered allmulticast mode
[ 1053.258989][T13104] bridge_slave_1: entered promiscuous mode
[ 1053.265807][ T5247] Bluetooth: hci6: command tx timeout
[ 1053.416617][T13104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1053.459897][T13104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1053.565204][T13104] team0: Port device team_slave_0 added
[ 1053.682968][T13104] team0: Port device team_slave_1 added
[ 1053.749783][T13104] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1053.767904][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1053.870658][T13104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1053.962484][T13104] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1054.012031][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1054.119704][T13104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1054.277041][T13135] netlink: 'syz.0.1601': attribute type 10 has an invalid length.
[ 1054.348788][T13135] team0: Port device netdevsim0 added
[ 1054.447282][T13104] hsr_slave_0: entered promiscuous mode
[ 1054.497899][T13104] hsr_slave_1: entered promiscuous mode
[ 1054.593022][T13104] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1054.622164][T13104] Cannot create hsr debugfs directory
[ 1054.641581][T13137] netlink: 'syz.0.1601': attribute type 10 has an invalid length.
[ 1054.711072][T13137] team0: Failed to send options change via netlink (err -105)
[ 1054.723038][T13137] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[ 1054.743268][T13137] team0: Port device netdevsim0 removed
[ 1054.776778][T13137] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1055.486445][ T5247] Bluetooth: hci6: command tx timeout
[ 1056.900691][T13152] Falling back ldisc for ttyprintk.
[ 1056.940077][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.161754][T13156] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1057.445870][T13161] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1057.977280][ T5247] Bluetooth: hci6: command tx timeout
[ 1058.086629][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.355709][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1060.316780][ T5247] Bluetooth: hci6: command tx timeout
[ 1060.440073][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1060.678174][   T11] bridge_slave_1: left allmulticast mode
[ 1060.684144][T11448] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1060.703310][   T11] bridge_slave_1: left promiscuous mode
[ 1060.709054][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1060.739412][   T11] bridge_slave_0: left allmulticast mode
[ 1060.750191][   T11] bridge_slave_0: left promiscuous mode
[ 1060.773453][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1060.862028][T11448] usb 3-1: Using ep0 maxpacket: 16
[ 1061.385127][T13187] hub 9-0:1.0: USB hub found
[ 1061.391057][T13187] hub 9-0:1.0: 8 ports detected
[ 1061.399688][T11448] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1061.409483][T11448] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.420531][T11448] usb 3-1: Product: syz
[ 1061.424713][T11448] usb 3-1: Manufacturer: syz
[ 1061.431343][T11448] usb 3-1: SerialNumber: syz
[ 1061.437497][T11448] usb 3-1: config 0 descriptor??
[ 1061.455550][T11448] visor 3-1:0.0: Sony Clie 3.5 converter detected
[ 1061.897306][T13194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1612'.
[ 1062.843484][ T8797] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1062.999510][T13192] syz.1.1613[13192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1062.999679][T13192] syz.1.1613[13192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1063.021648][T13192] syz.1.1613[13192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1063.050289][T11448] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[ 1063.080488][T11448] visor 3-1:0.0: probe with driver visor failed with error -5
[ 1064.178960][ T8866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1064.195726][ T8866] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1064.206065][ T8866] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1064.215863][ T8866] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1064.225338][ T8866] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1064.244426][ T8866] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1064.421260][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1064.451689][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1064.479285][   T11] bond0 (unregistering): Released all slaves
[ 1064.638052][T11438] usb 3-1: USB disconnect, device number 36
[ 1064.664004][T13192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1613'.
[ 1064.707094][T13199] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1614'.
[ 1064.978444][T13210] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1065.730359][T13212] netlink: 'syz.1.1619': attribute type 9 has an invalid length.
[ 1065.738455][T13212] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1619'.
[ 1066.021646][T13218] netlink: 'syz.1.1619': attribute type 9 has an invalid length.
[ 1066.086551][T13218] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1619'.
[ 1066.120093][   T11] hsr_slave_0: left promiscuous mode
[ 1066.133598][   T11] hsr_slave_1: left promiscuous mode
[ 1066.155623][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1066.163383][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1066.177990][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1066.186069][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1066.216517][   T11] veth1_macvtap: left promiscuous mode
[ 1066.222581][   T11] veth0_macvtap: left promiscuous mode
[ 1066.228162][   T11] veth1_vlan: left promiscuous mode
[ 1066.234631][   T11] veth0_vlan: left promiscuous mode
[ 1066.523383][ T5247] Bluetooth: hci0: command tx timeout
[ 1067.212310][ T5247] Bluetooth: hci5: command 0x0406 tx timeout
[ 1067.305732][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1067.485415][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1068.741677][ T8866] Bluetooth: hci0: command tx timeout
[ 1069.905863][T13230] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1070.098373][T13204] chnl_net:caif_netlink_parms(): no params data found
[ 1070.145887][T13104] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1070.251040][T13234] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1070.303074][T13104] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1070.326215][T13104] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1070.503637][T13104] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1070.676390][T13204] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1070.706973][T13204] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.727501][T13204] bridge_slave_0: entered allmulticast mode
[ 1070.749745][T13204] bridge_slave_0: entered promiscuous mode
[ 1070.844127][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1070.895141][T13204] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1070.911382][T13204] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.918715][T13204] bridge_slave_1: entered allmulticast mode
[ 1070.965614][ T8866] Bluetooth: hci0: command tx timeout
[ 1070.988580][T13204] bridge_slave_1: entered promiscuous mode
[ 1071.123379][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1071.271685][T13204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1071.317933][T13204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1071.395130][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1071.587079][T13204] team0: Port device team_slave_0 added
[ 1071.677068][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1071.705925][T13204] team0: Port device team_slave_1 added
[ 1071.843123][T13204] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1071.853422][T13204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1071.881440][T13204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1071.997510][T13104] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1072.045241][T13204] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1072.063312][T13204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1072.100891][T13204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1072.135741][   T11] team0: left allmulticast mode
[ 1072.140916][   T11] team_slave_0: left allmulticast mode
[ 1072.148079][   T11] team_slave_1: left allmulticast mode
[ 1072.157375][   T11] bridge0: port 3(team0) entered disabled state
[ 1072.173471][   T11] bridge_slave_1: left allmulticast mode
[ 1072.187436][   T11] bridge_slave_1: left promiscuous mode
[ 1072.194488][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1072.212178][   T11] bridge_slave_0: left allmulticast mode
[ 1072.226880][   T11] bridge_slave_0: left promiscuous mode
[ 1072.238592][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1072.511215][T13241] loop1: detected capacity change from 0 to 512
[ 1072.565468][T13241] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 1072.649204][T13246] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1624'.
[ 1072.718982][T13241] EXT4-fs (loop1): 1 truncate cleaned up
[ 1072.763367][T13241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1073.209717][ T8866] Bluetooth: hci0: command tx timeout
[ 1074.206136][T12793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1075.047996][T13255] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1075.340294][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1075.360379][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1075.382905][   T11] bond0 (unregistering): Released all slaves
[ 1075.450518][T13258] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1625'.
[ 1075.607455][T13104] 8021q: adding VLAN 0 to HW filter on device team0
[ 1075.700342][T13204] hsr_slave_0: entered promiscuous mode
[ 1075.729175][T13204] hsr_slave_1: entered promiscuous mode
[ 1075.738676][T13204] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1075.770820][T13204] Cannot create hsr debugfs directory
[ 1076.920072][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1076.927179][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1076.965590][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1076.972788][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1077.573468][T13277] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1077.672325][T13281] netlink: 560 bytes leftover after parsing attributes in process `syz.1.1630'.
[ 1078.916079][T13104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1078.942228][   T11] hsr_slave_0: left promiscuous mode
[ 1078.947970][   T11] hsr_slave_1: left promiscuous mode
[ 1078.966529][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1078.994770][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1079.152086][T13292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1633'.
[ 1083.886883][   T11] team_slave_1 (unregistering): left promiscuous mode
[ 1083.923191][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1084.027904][   T11] team_slave_0 (unregistering): left promiscuous mode
[ 1084.066824][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1085.050241][T13313] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1636'.
[ 1085.463815][T13322] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1085.919744][T13104] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1086.417444][   T11] IPVS: stop unused estimator thread 0...
[ 1086.437327][T13104] veth0_vlan: entered promiscuous mode
[ 1086.449100][T13104] veth1_vlan: entered promiscuous mode
[ 1086.892915][T13104] veth0_macvtap: entered promiscuous mode
[ 1086.955174][T13104] veth1_macvtap: entered promiscuous mode
[ 1087.030237][T13204] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1087.077684][T13204] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1087.128544][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1087.161272][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.217297][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1087.246594][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.289855][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1087.322789][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.365061][T13104] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1087.388488][T13204] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1087.428767][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1087.453296][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.487563][T13341] netlink: 'syz.2.1640': attribute type 1 has an invalid length.
[ 1087.501876][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1087.528363][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.550271][T13104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1087.567842][T13104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1087.589088][T13104] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1087.597760][T13204] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1087.620261][T13341] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1640'.
[ 1087.656752][T13104] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.667269][T13104] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.688967][T13104] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.715738][T13104] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1088.841686][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1088.860806][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1089.001833][T13352] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1089.022726][ T8797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1089.052558][ T8797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1089.272145][T13358] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1644'.
[ 1089.284645][T13204] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1089.423598][T13204] 8021q: adding VLAN 0 to HW filter on device team0
[ 1089.523968][ T8797] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1089.531186][ T8797] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1090.155184][ T8797] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1090.162577][ T8797] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1090.662845][T13204] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1091.902993][T13379] loop3: detected capacity change from 0 to 1024
[ 1091.953531][T13373] overlayfs: missing 'lowerdir'
[ 1092.211950][T13373] loop0: detected capacity change from 0 to 1036
[ 1092.313320][T13383] loop3: detected capacity change from 0 to 1024
[ 1092.399319][T13204] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1092.891214][T13204] veth0_vlan: entered promiscuous mode
[ 1092.972442][T13204] veth1_vlan: entered promiscuous mode
[ 1093.003151][T13204] veth0_macvtap: entered promiscuous mode
[ 1093.012348][ T5247] Bluetooth: Frame is too long (len 18, expected len 4)
[ 1093.012553][T13204] veth1_macvtap: entered promiscuous mode
[ 1093.033073][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1093.043736][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.062058][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1093.072785][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.082704][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1093.094250][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.104113][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1093.114726][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.127330][T13204] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1093.134931][T13395] tipc: Enabled bearer <ib:caif0>, priority 0
[ 1093.165851][T12383] hfsplus: b-tree write err: -5, ino 4
[ 1093.188785][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1093.210066][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.237975][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1093.284757][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.315914][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1093.345840][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.370279][T13204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1093.387058][T13204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1093.455149][T13204] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1093.544707][T13395] bond0: (slave bond_slave_0): Releasing backup interface
[ 1093.579269][T13403] loop0: detected capacity change from 0 to 256
[ 1093.622648][T13403] vfat: Bad value for 'dmask'
[ 1093.735761][T11448] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1093.794644][T13204] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.990793][T13204] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.069449][T11448] usb 4-1: Using ep0 maxpacket: 32
[ 1094.165501][T13204] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.330680][ T9181] tipc: Node number set to 6291454
[ 1094.827872][T13204] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.837196][T13408] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1094.881374][T11448] usb 4-1: config 1 interface 0 altsetting 7 bulk endpoint 0x1 has invalid maxpacket 16
[ 1094.900954][T11448] usb 4-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1094.932991][T11448] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1094.981471][T11448] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1094.992795][T11448] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1095.077034][T11448] usb 4-1: Product: syz
[ 1095.096473][ T5247] Bluetooth: hci3: command 0x0406 tx timeout
[ 1095.113901][T11448] usb 4-1: Manufacturer: syz
[ 1095.120086][T11448] usb 4-1: SerialNumber: syz
[ 1095.131237][T13399] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1095.139514][T13399] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1095.216622][T13412] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1654'.
[ 1095.254024][T12383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1095.287127][T13416] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1655'.
[ 1095.299489][T12383] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1095.431478][T13399] loop3: detected capacity change from 0 to 512
[ 1095.437780][T12383] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1095.437808][T12383] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1095.477253][T13399] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[ 1095.543065][T13399] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.1650: iget: bad i_size value: -67835469387268086
[ 1095.559805][T13399] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1650: couldn't read orphan inode 15 (err -117)
[ 1095.576729][T13399] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1095.589703][T13399] ext2 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1095.890169][T11448] usb 4-1: USB disconnect, device number 23
[ 1096.200705][T13425] loop4: detected capacity change from 0 to 2048
[ 1096.382310][T13431] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1657'.
[ 1096.938850][T13104] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[ 1097.213576][   T30] audit: type=1326 audit(1727969902.686:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13439 comm="syz.3.1659" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6c7377dff9 code=0x0
[ 1097.279182][T13442] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1098.256285][T13447] pimreg: entered allmulticast mode
[ 1098.312220][T13449] loop4: detected capacity change from 0 to 512
[ 1098.365385][T13449] EXT4-fs (loop4): blocks per group (71) and clusters per group (20800) inconsistent
[ 1099.415199][T13463] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1663'.
[ 1099.512975][T13463] netlink: 'syz.3.1663': attribute type 2 has an invalid length.
[ 1099.536529][T13463] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1663'.
[ 1099.729752][T13469] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1667'.
[ 1099.757463][T13463] loop3: detected capacity change from 0 to 64
[ 1099.801229][T13470] loop0: detected capacity change from 0 to 128
[ 1099.828212][T13463] minix: Unknown parameter '��;�[u�`�2Ao���vP�3�����.G�#���Mō/�R������^Wg)Nr�����8�����nX�'�'
[ 1099.879611][T13471] loop1: detected capacity change from 0 to 2048
[ 1099.974401][T13470] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1100.026153][T13471]  loop1: p3 < > p4 < >
[ 1100.047596][T13470] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1100.106844][T13471] loop1: partition table partially beyond EOD, truncated
[ 1100.117797][T13471] loop1: p3 start 4284289 is beyond EOD, 
[ 1101.028813][ T8325] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1101.216060][T13471] truncated
[ 1101.993881][T13493] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1102.063984][T13490] loop4: detected capacity change from 0 to 4096
[ 1102.073253][T13490] ntfs3: Unknown parameter ''
[ 1103.613291][T13506] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1103.647018][T13498] loop1: detected capacity change from 0 to 1024
[ 1103.653852][ T5247] Bluetooth: hci5: command 0x0406 tx timeout
[ 1103.796522][T13498] ext4: Unknown parameter 'hash'
[ 1103.886285][T13488] delete_channel: no stack
[ 1104.029579][T13498] loop1: detected capacity change from 0 to 512
[ 1104.064166][ T5247] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[ 1104.075962][ T5247] Bluetooth: hci6: Injecting HCI hardware error event
[ 1104.087353][ T5247] Bluetooth: hci6: hardware error 0x00
[ 1104.087489][T13498] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1104.259743][T13498] EXT4-fs (loop1): 1 truncate cleaned up
[ 1104.285226][T13498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1105.624671][T13516] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1105.657942][T13516] libceph: resolve 'c' (ret=-3): failed
[ 1106.372075][ T5247] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 1107.025654][T12793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1107.269558][T13526] loop0: detected capacity change from 0 to 16
[ 1107.335679][T13526] loop0: detected capacity change from 0 to 256
[ 1108.091627][ T8866] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1108.102812][ T8866] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1108.111621][ T8866] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1108.121518][ T8866] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1108.129566][ T8866] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1108.136979][ T8866] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1108.493054][T13532] loop3: detected capacity change from 0 to 1024
[ 1108.500372][T13532] hfsplus: Unknown parameter 'nodecomp'
[ 1108.527752][ T8797] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.657627][T13524] chnl_net:caif_netlink_parms(): no params data found
[ 1109.774563][T13545] loop3: detected capacity change from 0 to 64
[ 1109.783076][T13545] hfs: unable to change codepage
[ 1109.828308][ T8797] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.149060][T13547] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1685'.
[ 1110.315315][ T8866] Bluetooth: hci1: command tx timeout
[ 1110.785765][ T8797] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.073479][T13524] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1111.081866][T13524] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1111.955101][T13524] bridge_slave_0: entered allmulticast mode
[ 1112.405664][T13524] bridge_slave_0: entered promiscuous mode
[ 1112.590527][T13524] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1112.665908][ T8866] Bluetooth: hci1: command tx timeout
[ 1112.683553][T13524] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1112.693684][T13524] bridge_slave_1: entered allmulticast mode
[ 1113.156422][T13524] bridge_slave_1: entered promiscuous mode
[ 1113.336335][T13573] loop4: detected capacity change from 0 to 256
[ 1113.442922][T13573] exfat: Unknown parameter '��'
[ 1115.655636][T13580] loop0: detected capacity change from 0 to 128
[ 1116.164413][ T8866] Bluetooth: hci1: command tx timeout
[ 1116.778481][ T8797] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1116.824441][T13583] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[ 1116.833239][T13570] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1688'.
[ 1117.169031][T13524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1117.379833][T13591] overlayfs: missing 'lowerdir'
[ 1118.021100][T13524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1118.296815][T13524] team0: Port device team_slave_0 added
[ 1118.332228][T13524] team0: Port device team_slave_1 added
[ 1118.345566][ T8866] Bluetooth: hci1: command tx timeout
[ 1118.403498][T13524] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1118.421203][T13524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1118.572883][T13524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1118.592495][T13601] loop3: detected capacity change from 0 to 1024
[ 1119.853723][T13524] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1119.861756][T13524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1119.895443][T13524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1119.919109][T13600] loop0: detected capacity change from 0 to 1024
[ 1119.926232][T13600] EXT4-fs: Ignoring removed i_version option
[ 1119.938501][T13600] EXT4-fs: Ignoring removed orlov option
[ 1119.944406][T13600] ext4: Unknown parameter 'euid>00000000000000000000'
[ 1120.261545][T13524] hsr_slave_0: entered promiscuous mode
[ 1120.285074][T13524] hsr_slave_1: entered promiscuous mode
[ 1120.409915][T13617] Unsupported ieee802154 address type: 0
[ 1120.454270][T13524] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1120.723160][T13524] Cannot create hsr debugfs directory
[ 1120.938377][ T8797] bridge_slave_1: left allmulticast mode
[ 1121.135905][ T8797] bridge_slave_1: left promiscuous mode
[ 1121.141727][ T8797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1121.200561][ T8797] bridge_slave_0: left allmulticast mode
[ 1121.216609][ T8797] bridge_slave_0: left promiscuous mode
[ 1121.262837][ T8797] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.855224][T13632] loop3: detected capacity change from 0 to 1024
[ 1122.862415][T13632] hfsplus: type requires a 4 character value
[ 1123.836679][ T1306] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1124.658980][ T5247] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 1125.594660][ T8797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1125.616339][ T8797] bond0 (unregistering): (slave vlan0): Releasing backup interface
[ 1125.628994][ T8797] bond0 (unregistering): Released all slaves
[ 1125.655744][T13616] netlink: 'syz.1.1697': attribute type 4 has an invalid length.
[ 1125.731036][T13637] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1699'.
[ 1125.779282][ T8797] tipc: Disabling bearer <ib:caif0>
[ 1125.878128][ T8797] tipc: Left network mode
[ 1127.090567][ T5247] Bluetooth: hci0: command tx timeout
[ 1127.430792][T13657] block device autoloading is deprecated and will be removed.
[ 1127.720368][T13660] ubi0: attaching mtd0
[ 1127.740658][T13660] ubi0: scanning is finished
[ 1128.241642][T13662] loop0: detected capacity change from 0 to 32768
[ 1128.728901][T13660] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1128.736694][T13660] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1128.744357][T13660] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1128.751897][T13660] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1128.783708][T13660] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1128.790694][T13660] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1128.798772][T13660] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3631752674
[ 1128.808978][T13660] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1128.840410][T13671] ubi0: background thread "ubi_bgt0d" started, PID 13671
[ 1129.346308][T13662] XFS (loop0): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[ 1129.396181][T13672] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1703'.
[ 1129.577476][T13662] XFS (loop0): Ending clean mount
[ 1129.611365][T13662] XFS (loop0): Quotacheck needed: Please wait.
[ 1129.713387][T13662] XFS (loop0): Quotacheck: Done.
[ 1129.938110][ T8325] XFS (loop0): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[ 1130.000378][T13691] loop4: detected capacity change from 0 to 2048
[ 1130.017471][T13691] NILFS (loop4): invalid segment: Sequence number mismatch
[ 1130.024922][T13691] NILFS (loop4): trying rollback from an earlier position
[ 1130.080671][T13691] NILFS (loop4): recovery complete
[ 1130.089743][T13692] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1131.413465][ T8797] hsr_slave_0: left promiscuous mode
[ 1131.424866][ T8797] hsr_slave_1: left promiscuous mode
[ 1131.447350][ T8797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1131.482357][ T8797] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1131.513040][T13702] loop3: detected capacity change from 0 to 1024
[ 1131.541845][ T8797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1132.886218][ T8797] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1133.398837][T13715] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1714'.
[ 1133.518014][T13717] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1133.518014][T13717] The task syz.4.1711 (13717) triggered the difference, watch for misbehavior.
[ 1133.535500][ T8797] veth1_macvtap: left promiscuous mode
[ 1133.568997][ T8797] veth0_macvtap: left promiscuous mode
[ 1133.577063][T13719] loop0: detected capacity change from 0 to 1024
[ 1133.580197][ T8797] veth1_vlan: left promiscuous mode
[ 1133.596354][ T8797] veth0_vlan: left promiscuous mode
[ 1133.890624][T13716] ipt_rpfilter: unknown options
[ 1134.628203][T13719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1135.034248][T13734] tmpfs: Unknown parameter '18446744073709551615'
[ 1135.460319][ T8325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.995818][   T30] audit: type=1326 audit(1727969938.933:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1136.049358][   T30] audit: type=1326 audit(1727969938.933:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1136.289140][   T30] audit: type=1326 audit(1727969938.933:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1136.859439][   T30] audit: type=1326 audit(1727969938.933:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1136.991483][T13739] syz.0.1716: attempt to access beyond end of device
[ 1136.991483][T13739] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1137.006439][   T30] audit: type=1326 audit(1727969938.933:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1137.033546][T13739] gfs2: error -5 reading superblock
[ 1137.034737][   T30] audit: type=1326 audit(1727969938.942:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1137.062391][   T30] audit: type=1326 audit(1727969938.942:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1137.086145][   T30] audit: type=1326 audit(1727969938.942:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1137.108936][   T30] audit: type=1326 audit(1727969938.942:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c6d7dff9 code=0x7ffc0000
[ 1137.131701][   T30] audit: type=1326 audit(1727969938.942:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13737 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37c6d7c990 code=0x7ffc0000
[ 1137.692406][T13749] loop0: detected capacity change from 0 to 164
[ 1138.415188][T13751] loop0: detected capacity change from 0 to 512
[ 1138.450679][T13751] EXT4-fs (loop0): blocks per group (7872) and clusters per group (32768) inconsistent
[ 1138.537998][ T8797] team0 (unregistering): Port device team_slave_1 removed
[ 1138.645946][ T8797] team0 (unregistering): Port device team_slave_0 removed
[ 1139.687674][T13727] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1713'.
[ 1139.697306][T13743] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1717'.
[ 1139.813849][T13752] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[ 1141.373241][T13524] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1142.117737][   T30] kauditd_printk_skb: 37 callbacks suppressed
[ 1142.117791][   T30] audit: type=1326 audit(1727969944.564:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1142.429430][   T30] audit: type=1326 audit(1727969944.564:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1142.533615][   T30] audit: type=1326 audit(1727969944.564:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1142.565357][T13764] netlink: 'syz.4.1723': attribute type 15 has an invalid length.
[ 1142.573403][T13764] netlink: 719 bytes leftover after parsing attributes in process `syz.4.1723'.
[ 1142.681478][T13524] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1142.851409][   T30] audit: type=1326 audit(1727969944.573:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1142.874894][   T30] audit: type=1326 audit(1727969944.573:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1143.110994][   T30] audit: type=1326 audit(1727969944.583:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1143.874940][T13769] sd 0:0:1:0: device reset
[ 1144.594226][T13524] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1144.601444][   T30] audit: type=1326 audit(1727969944.583:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1144.601498][   T30] audit: type=1326 audit(1727969944.583:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1144.601540][   T30] audit: type=1326 audit(1727969944.583:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1144.601579][   T30] audit: type=1326 audit(1727969944.583:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1144.914294][T13782] loop0: detected capacity change from 0 to 512
[ 1144.958535][T13524] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1145.139108][T13782] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.241451][T13782] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1146.212641][T13524] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1146.286380][T13524] 8021q: adding VLAN 0 to HW filter on device team0
[ 1146.459262][ T5350] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1146.466450][ T5350] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1146.490159][ T5350] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1146.497391][ T5350] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1146.690412][T13524] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1146.715129][T13524] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1146.881287][T13796] nbd: must specify at least one socket
[ 1146.938295][T13798] loop4: detected capacity change from 0 to 512
[ 1147.046809][T13798] EXT4-fs (loop4): revision level too high, forcing read-only mode
[ 1147.103511][T13798] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1147.121976][T13798] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1147.449840][T13798] EXT4-fs (loop4): Cannot turn on quotas: error -22
[ 1147.462672][T13798] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1729: bg 0: block 40: padding at end of block bitmap is not set
[ 1147.479845][T13798] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[ 1147.495937][T13798] EXT4-fs (loop4): 1 truncate cleaned up
[ 1147.506710][T13798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1147.670494][T13806] loop3: detected capacity change from 0 to 256
[ 1147.708079][T13806] exFAT-fs (loop3): failed to read boot sector
[ 1147.714523][T13806] exFAT-fs (loop3): failed to recognize exfat type
[ 1148.501779][T13524] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1148.587610][T13524] veth0_vlan: entered promiscuous mode
[ 1148.622904][T13524] veth1_vlan: entered promiscuous mode
[ 1149.015880][T13815] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1732'.
[ 1149.331522][T13817] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1731'.
[ 1149.565999][T13524] veth0_macvtap: entered promiscuous mode
[ 1149.657338][T13524] veth1_macvtap: entered promiscuous mode
[ 1149.679646][ T5329] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 1149.777540][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1149.966447][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1149.977639][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1149.989893][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1150.000021][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1150.011687][ T5329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1150.021996][ T5329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1150.032135][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1150.466627][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1150.749400][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1150.776193][ T5329] usb 5-1: string descriptor 0 read error: -71
[ 1150.783788][T13524] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1150.793011][T13825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1733'.
[ 1150.895513][ T5329] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1150.926685][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1150.945264][ T5329] usb 5-1: can't set config #1, error -71
[ 1150.952912][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1150.982511][ T5329] usb 5-1: USB disconnect, device number 39
[ 1151.003769][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1151.029397][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1151.052013][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1151.069355][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1151.236463][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1151.246489][T13524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1151.259930][T13524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1151.271570][T13524] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1151.290394][T13204] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1151.320135][T13524] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.344116][T13524] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.491956][T13831] loop3: detected capacity change from 0 to 1024
[ 1151.521929][T13831] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[ 1151.521929][T13831] 
[ 1151.533112][T13831] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[ 1151.551231][T13524] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.575046][T13524] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.055542][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1152.095039][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1152.240627][ T5350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1152.278260][ T5350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1153.313960][T13840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1736'.
[ 1154.589830][T13845] loop4: detected capacity change from 0 to 16
[ 1154.610564][T13845] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1155.475754][ T9181] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1155.790667][ T9181] usb 4-1: Using ep0 maxpacket: 16
[ 1156.531611][ T8866] Bluetooth: hci1: unexpected event 0x30 length: 4 > 3
[ 1156.687030][ T9181] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1156.750887][ T9181] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.769512][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1156.781707][ T9181] usb 4-1: Product: syz
[ 1156.785902][ T9181] usb 4-1: Manufacturer: syz
[ 1156.791541][ T9181] usb 4-1: SerialNumber: syz
[ 1156.798048][ T9181] usb 4-1: config 0 descriptor??
[ 1156.822464][ T9181] visor 4-1:0.0: Sony Clie 3.5 converter detected
[ 1156.859144][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1156.954953][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1156.966963][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1156.975916][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1156.983804][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1157.344291][ T9181] usb 4-1: clie_3_5_startup: get interface number bad return length: 0
[ 1157.353353][ T9181] visor 4-1:0.0: probe with driver visor failed with error -5
[ 1157.914516][T13854] chnl_net:caif_netlink_parms(): no params data found
[ 1158.125098][T11447] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1158.301761][T11447] usb 2-1: Using ep0 maxpacket: 16
[ 1158.334107][T11447] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1158.372483][T13854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.395635][T11447] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1158.423272][T13854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.454865][T13854] bridge_slave_0: entered allmulticast mode
[ 1158.462797][T11447] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1158.519033][T13854] bridge_slave_0: entered promiscuous mode
[ 1158.540236][T11447] usb 2-1: config 0 descriptor??
[ 1158.586747][T13854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.643841][T13854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.695990][T13854] bridge_slave_1: entered allmulticast mode
[ 1158.713567][ T5236] Bluetooth: hci1: command tx timeout
[ 1158.749618][T13854] bridge_slave_1: entered promiscuous mode
[ 1158.969143][T13854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1159.063111][T13854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1159.157237][T13880] loop1: detected capacity change from 0 to 8
[ 1159.234470][ T5236] Bluetooth: hci4: command tx timeout
[ 1159.347675][T13880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1159.766397][T13883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1745'.
[ 1159.869969][T13880] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1159.885985][T11447] hid (null): invalid report_size 812540268
[ 1159.973973][T11447] hid-generic 0003:0158:0100.000F: unknown main item tag 0x1
[ 1160.008094][T11447] hid-generic 0003:0158:0100.000F: unexpected long global item
[ 1160.036889][T11447] hid-generic 0003:0158:0100.000F: probe with driver hid-generic failed with error -22
[ 1160.314446][T13854] team0: Port device team_slave_0 added
[ 1160.338253][T11448] usb 2-1: USB disconnect, device number 24
[ 1160.358013][T13854] team0: Port device team_slave_1 added
[ 1161.077097][T13854] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1161.370524][T13854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1161.450116][ T5236] Bluetooth: hci4: command tx timeout
[ 1161.458589][T13854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1161.472321][T13854] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1161.480088][T13854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1161.625621][T13854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1161.734367][T13891] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1747'.
[ 1162.591613][T11447] usb 4-1: USB disconnect, device number 24
[ 1162.798947][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1162.798969][   T30] audit: type=1326 audit(1727969963.983:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1163.814833][ T5236] Bluetooth: hci4: command tx timeout
[ 1163.912160][T13854] hsr_slave_0: entered promiscuous mode
[ 1163.941646][T13854] hsr_slave_1: entered promiscuous mode
[ 1163.958960][   T30] audit: type=1326 audit(1727969963.983:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1164.049865][T13854] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1164.086698][T13854] Cannot create hsr debugfs directory
[ 1164.274818][   T30] audit: type=1326 audit(1727969965.068:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.042229][   T30] audit: type=1326 audit(1727969965.068:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.068009][   T30] audit: type=1326 audit(1727969965.068:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.091485][   T30] audit: type=1326 audit(1727969965.068:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.114591][   T30] audit: type=1326 audit(1727969965.068:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.138098][   T30] audit: type=1326 audit(1727969965.068:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.160732][   T30] audit: type=1326 audit(1727969965.068:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.188018][   T30] audit: type=1326 audit(1727969965.106:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13893 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcc0477dff9 code=0x7ffc0000
[ 1165.362651][ T4646] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 1165.865742][T13927] vivid-006: disconnect
[ 1165.910176][T13924] vivid-006: reconnect
[ 1165.988028][ T5236] Bluetooth: hci4: command tx timeout
[ 1166.020147][ T4646] usb 5-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=7b.a3
[ 1166.045914][ T4646] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1166.087667][ T4646] usb 5-1: Product: syz
[ 1166.119703][ T4646] usb 5-1: Manufacturer: syz
[ 1166.148445][ T4646] usb 5-1: SerialNumber: syz
[ 1166.202106][ T4646] usb 5-1: config 0 descriptor??
[ 1166.330351][ T4646] usb 5-1: can't set config #0, error -71
[ 1166.381865][ T4646] usb 5-1: USB disconnect, device number 40
[ 1166.457950][T13854] bond0: (slave netdevsim0): Releasing backup interface
[ 1167.969102][T13948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1759'.
[ 1168.807443][T13854] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1168.842430][T13942] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1168.883025][T13854] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1168.939212][T13782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1168.974341][T13854] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1169.094242][ T9181] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1169.113668][T13854] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1170.332595][ T5329] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1170.373356][ T9181] usb 2-1: Using ep0 maxpacket: 16
[ 1170.596488][ T9181] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1170.615100][ T9181] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.654608][ T9181] usb 2-1: Product: syz
[ 1170.669355][ T9181] usb 2-1: Manufacturer: syz
[ 1170.889969][ T9181] usb 2-1: SerialNumber: syz
[ 1170.923916][ T9181] usb 2-1: config 0 descriptor??
[ 1170.967409][ T9181] visor 2-1:0.0: Sony Clie 3.5 converter detected
[ 1171.023482][T13973] loop4: detected capacity change from 0 to 764
[ 1171.048702][T13973] iso9660: Unknown parameter '��������00000000000000000000000�'
[ 1171.131624][ T5329] usb 3-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[ 1171.146664][ T5329] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1171.169079][ T5329] usb 3-1: config 0 descriptor??
[ 1171.234337][ T5329] gspca_main: sonixj-2.14.0 probing 0c45:614a
[ 1171.242209][T13973] loop4: detected capacity change from 0 to 512
[ 1171.269065][T13973] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1171.322486][T13973] EXT4-fs (loop4): 1 orphan inode deleted
[ 1171.329592][T13973] EXT4-fs (loop4): 1 truncate cleaned up
[ 1171.344335][T13973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1171.511716][T13980] loop3: detected capacity change from 0 to 128
[ 1172.226598][ T5329] gspca_sonixj: reg_w1 err -71
[ 1172.231473][ T5329] sonixj 3-1:0.0: probe with driver sonixj failed with error -71
[ 1172.247099][ T5329] usb 3-1: USB disconnect, device number 37
[ 1172.497800][ T9181] usb 2-1: clie_3_5_startup: get interface number bad return length: 0
[ 1172.506958][ T9181] visor 2-1:0.0: probe with driver visor failed with error -5
[ 1172.523874][T13980] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1172.537475][T13980] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1173.521804][T13978] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1175.367426][ T5329] usb 2-1: USB disconnect, device number 25
[ 1175.396595][T13204] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1175.524485][T13991] loop1: detected capacity change from 0 to 512
[ 1175.544709][T13979] netlink: 'syz.3.1765': attribute type 2 has an invalid length.
[ 1175.569393][T13991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1175.668773][T13104] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1175.704063][T13854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1175.737620][T13854] 8021q: adding VLAN 0 to HW filter on device team0
[ 1175.772827][T13854] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1175.783362][T13854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1175.888888][T13991] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1175.908446][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1175.915650][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1176.447145][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1176.447237][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1176.897198][ T8797] bridge_slave_1: left allmulticast mode
[ 1176.897224][ T8797] bridge_slave_1: left promiscuous mode
[ 1176.897348][ T8797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.232567][ T4647] BUG: unable to handle page fault for address: fffffbfff0000000
[ 1178.232592][ T4647] #PF: supervisor read access in kernel mode
[ 1178.232607][ T4647] #PF: error_code(0x0000) - not-present page
[ 1178.232622][ T4647] PGD 23ffe4067 P4D 23ffe4067 PUD 23ffe3067 PMD 0 
[ 1178.232661][ T4647] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI
[ 1178.232683][ T4647] CPU: 0 UID: 0 PID: 4647 Comm: jbd2/sda1-8 Not tainted 6.12.0-rc1-next-20241003-syzkaller #0
[ 1178.232710][ T4647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1178.232726][ T4647] RIP: 0010:kasan_check_range+0x82/0x290
[ 1178.232773][ T4647] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
[ 1178.232794][ T4647] RSP: 0018:ffffc9000df5f198 EFLAGS: 00010286
[ 1178.232814][ T4647] RAX: 0000000000000001 RBX: 1ffffffff0000000 RCX: ffffffff81cf410f
[ 1178.232831][ T4647] RDX: 0000000000000000 RSI: 0000000000000005 RDI: ffffffff80000000
[ 1178.232865][ T4647] RBP: ffffffffffffffff R08: ffffffff80000004 R09: 1ffffffff0000000
[ 1178.232883][ T4647] R10: dffffc0000000000 R11: fffffbfff0000000 R12: ffffffff80000000
[ 1178.232916][ T4647] R13: 0000000000000005 R14: dffffc0000000001 R15: fffffbfff0000001
[ 1178.232933][ T4647] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1178.232971][ T4647] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1178.232989][ T4647] CR2: fffffbfff0000000 CR3: 0000000028d18000 CR4: 00000000003526f0
[ 1178.233010][ T4647] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1178.233025][ T4647] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1178.233041][ T4647] Call Trace:
[ 1178.233050][ T4647]  <TASK>
[ 1178.233061][ T4647]  ? __die_body+0x5f/0xb0
[ 1178.233091][ T4647]  ? page_fault_oops+0x8e4/0xcc0
[ 1178.233127][ T4647]  ? __pfx_page_fault_oops+0x10/0x10
[ 1178.233158][ T4647]  ? is_prefetch+0x4ed/0x780
[ 1178.233186][ T4647]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1178.233218][ T4647]  ? __pfx_validate_chain+0x10/0x10
[ 1178.233244][ T4647]  ? __pfx_is_prefetch+0x10/0x10
[ 1178.233281][ T4647]  ? __bad_area_nosemaphore+0x118/0x770
[ 1178.233319][ T4647]  ? __pfx_lock_release+0x10/0x10
[ 1178.233340][ T4647]  ? __pfx___bad_area_nosemaphore+0x10/0x10
[ 1178.233373][ T4647]  ? spurious_kernel_fault+0x119/0x5a0
[ 1178.233408][ T4647]  ? exc_page_fault+0x5c8/0x8c0
[ 1178.233453][ T4647]  ? asm_exc_page_fault+0x26/0x30
[ 1178.233487][ T4647]  ? copy_from_kernel_nofault+0x6f/0x2f0
[ 1178.233513][ T4647]  ? kasan_check_range+0x82/0x290
[ 1178.233543][ T4647]  copy_from_kernel_nofault+0x6f/0x2f0
[ 1178.233570][ T4647]  bpf_probe_read_compat+0x10f/0x180
[ 1178.233604][ T4647]  ? bpf_trace_run2+0x1fc/0x540
[ 1178.233630][ T4647]  bpf_prog_cb06cae8179e3bfa+0x43/0x45
[ 1178.233649][ T4647]  bpf_trace_run2+0x2ec/0x540
[ 1178.233677][ T4647]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 1178.233702][ T4647]  ? validate_chain+0x11e/0x5920
[ 1178.233727][ T4647]  ? __pfx_validate_chain+0x10/0x10
[ 1178.233753][ T4647]  ? __pfx_validate_chain+0x10/0x10
[ 1178.233778][ T4647]  ? __pfx_validate_chain+0x10/0x10
[ 1178.233806][ T4647]  ext4_es_lookup_extent+0x8ec/0xa90
[ 1178.233837][ T4647]  ext4_map_blocks+0x1f9/0x1960
[ 1178.233870][ T4647]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1178.233906][ T4647]  ext4_journal_bmap+0x146/0x2c0
[ 1178.233932][ T4647]  ? __pfx_ext4_journal_bmap+0x10/0x10
[ 1178.233964][ T4647]  jbd2_journal_next_log_block+0x236/0x3f0
[ 1178.234000][ T4647]  ? __pfx_jbd2_journal_next_log_block+0x10/0x10
[ 1178.234034][ T4647]  ? __pfx_lock_acquire+0x10/0x10
[ 1178.234075][ T4647]  jbd2_journal_get_descriptor_buffer+0xc1/0x4e0
[ 1178.234113][ T4647]  ? __pfx_jbd2_journal_get_descriptor_buffer+0x10/0x10
[ 1178.234154][ T4647]  jbd2_journal_commit_transaction+0x175b/0x67e0
[ 1178.234214][ T4647]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[ 1178.234245][ T4647]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1178.234291][ T4647]  ? lockdep_hardirqs_on+0x99/0x150
[ 1178.234322][ T4647]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1178.234358][ T4647]  ? __try_to_del_timer_sync+0x2ad/0x340
[ 1178.234395][ T4647]  ? __timer_delete_sync+0x15c/0x310
[ 1178.234426][ T4647]  ? __timer_delete_sync+0x25d/0x310
[ 1178.234458][ T4647]  ? __pfx___timer_delete_sync+0x10/0x10
[ 1178.234489][ T4647]  ? __pfx_do_raw_write_lock+0x10/0x10
[ 1178.234519][ T4647]  ? prepare_to_wait+0x186/0x210
[ 1178.234553][ T4647]  ? schedule+0x90/0x320
[ 1178.234583][ T4647]  kjournald2+0x41c/0x7b0
[ 1178.234607][ T4647]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1178.234651][ T4647]  ? __pfx_kjournald2+0x10/0x10
[ 1178.234675][ T4647]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1178.234711][ T4647]  ? __kthread_parkme+0x169/0x1d0
[ 1178.234747][ T4647]  ? __pfx_kjournald2+0x10/0x10
[ 1178.234771][ T4647]  kthread+0x2f0/0x390
[ 1178.234793][ T4647]  ? __pfx_kjournald2+0x10/0x10
[ 1178.234817][ T4647]  ? __pfx_kthread+0x10/0x10
[ 1178.234840][ T4647]  ret_from_fork+0x4b/0x80
[ 1178.234874][ T4647]  ? __pfx_kthread+0x10/0x10
[ 1178.234896][ T4647]  ret_from_fork_asm+0x1a/0x30
[ 1178.234937][ T4647]  </TASK>
[ 1178.234946][ T4647] Modules linked in:
[ 1178.234973][ T4647] CR2: fffffbfff0000000
[ 1178.234988][ T4647] ---[ end trace 0000000000000000 ]---
[ 1178.235004][ T4647] RIP: 0010:kasan_check_range+0x82/0x290
[ 1178.235035][ T4647] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
[ 1178.235054][ T4647] RSP: 0018:ffffc9000df5f198 EFLAGS: 00010286
[ 1178.235080][ T4647] RAX: 0000000000000001 RBX: 1ffffffff0000000 RCX: ffffffff81cf410f
[ 1178.235098][ T4647] RDX: 0000000000000000 RSI: 0000000000000005 RDI: ffffffff80000000
[ 1178.235114][ T4647] RBP: ffffffffffffffff R08: ffffffff80000004 R09: 1ffffffff0000000
[ 1178.235132][ T4647] R10: dffffc0000000000 R11: fffffbfff0000000 R12: ffffffff80000000
[ 1178.235151][ T4647] R13: 0000000000000005 R14: dffffc0000000001 R15: fffffbfff0000001
[ 1178.235169][ T4647] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1178.235189][ T4647] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1178.235207][ T4647] CR2: fffffbfff0000000 CR3: 0000000028d18000 CR4: 00000000003526f0
[ 1178.235227][ T4647] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1178.235242][ T4647] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1178.235260][ T4647] Kernel panic - not syncing: Fatal exception
[ 1178.235767][ T4647] Kernel Offset: disabled