last executing test programs:

18.767701623s ago: executing program 1 (id=3653):
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
dup(r0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1, @ANYRES32=0x0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
socket$packet(0x11, 0x3, 0x300)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x0, 0x0}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
socket$packet(0x11, 0x0, 0x300)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r3, &(0x7f0000000040)="800037bbd79ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000001640)=ANY=[@ANYBLOB="1800000000000000000000000000000061111c00000000009500000000000000f99ca3a7753fa66ebff0a93261763f00a57df35f3161c97af107333124d5d2ca1dcddc758e006662acf0543fda23cf60ab5aa1b4c0b97f7bfc5bbeb1b700002005c1255c41740c016975b770d32e66d2fa58d102b966770412ccb30587d465c8412466bcafafc86901a426c5ceb0e9858d272a3027e6d37bcdf397ac81b7e6652130846c9fd2d67904c1496945dcf86ca5227d43d096361ca0c6d0fbffffff913083cf65b42777731adf59acaa2d04ff7fec29770270dac8d11e7f651b9f8868c29c87dde04d359ff2d1c7300d2401a0a1288de96fb49863dcb2f6681a6a5409811484ca56e68ca0536524242d2e461eb40814a0eca8a2e8fd8aa5069d201348329ee235a0b5deec3c366177ac8ba9d84cd2cfa180c1bed940a51cae53389cca056a79b985abb1ac77d8ce5c240aecea67e5cd37befbdc42534a502c3fa1e45c56ca750ed570ff0343ff057e737d8b2b22486389ac853fee470c932b6a36316ff0b7459a82f69fd74ba75c97dc42b504162bf6fa7933d0a36d97090ed1b70d176b75b816667356030799897eedf1c7035d4b572c762c01b4f1869de8dc91d558fa41eec506dc3e8dabdd8824ffbde06620a1a1bcef3eb73a7171859a85e29bc3940055719718184121ff4080d6551fbd195516e3974ed3689fbae9c27684ed61aa0781c53ebc6689ef1b25959b1f52f04cd6626e0300b88e2dd1b52d070ec194d5b33f761fc91f07988098de9bbd931e47b8a389508924cf14e32aaca3710eb9915a200ed6452b2195447bd7a74edd015fdf2bd9808fb5f846be969fb8f71abf87395c48cedf9960f612c2e8bc8b96d003035702218f8c32c0bf8aa28157d37940861b83934f270ba263feac6347e35c1e4e0d967323964ff0e295db0226419a2a821d58c9c284fa827746dd2430dea41b86bb4e7f4a8c87b71c3356dde2be6805b00603ea915bf82884de32eea2f1a3a8b5c7fa9df4329a35c9c216d8f6a80c656faca2f777888bca19eaa3517b1910d14d319d2dfa320796d1b256707e84ec09fa2dd6b4da53f312eefb999ce52aa26818c87a8c957fd36dffa5607d155ccc478cc798a6616f51b11d4405001b9b92c5cc7b90ddb2fc9b841ce7b2970236c56204244201b757bf129cdc7f5bafc30c0e27d438184f84ed05db34cbf65bb09c7ca25a6171b77048dfdbe770e2c6417ee6939a59d66634e767e1557f190ce1afce1d6096f7f441a91e0b4b543a59d94724927a0c1610e292345200e5e10406e24c3acb02f7d31db8cd97f5897aaf5cabbdbfe6e60e48a4525716205f895e0faa5e976b1441394034046daa6c0bf7bd90893afedfbe858864deb2ba51dfbd78753bc3ad4da2fcc955bf28c0cbc7d9b18e1d1a1ebf2d759561fe432bc7b793dd3e9275c8a90a4d7a9dc056aafc9bc3ac3ed5b1d1993332cedd756c386edc1c19c616d063397f308a909f034a46081fdd70b64254ab11"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15}, 0x70)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000040), 0x0)

16.030286928s ago: executing program 1 (id=3668):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007292bd404020305582a80000000109021b0001000000000904000001df7fa900", @ANYRES16], 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$minix(&(0x7f0000000540), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYRES64=0x0, @ANYBLOB="5233e4bcc8bb45113a25c1610e31d6cf63a55d6630a3393e148124e5f1a1436d9dc07e9071d1439b8e2197a77007013ebc090ec868980b344cbab5d9b01e239608a77a0ef84b71da8c25f697aad73b14d3dc5908370b7c45868ea512b8fc0bca8c4528e4297b3e413fd2dce3e006d7bcd25e582f516c51ee87e1153bbbcef76d7bb9955f66d313b51b76a55e34533f6b25fa6219e854e61d5212b6edfd829cac6ff13953d7304e9c47fe5d9c67d48183", @ANYRES8=0x0], 0xfd, 0x187, &(0x7f0000000200)="$eJzs289q4lAUx/Hf9e+M8//fZlYDMzCzGTM60LS7+iiiqZXGVmo3SqH4KH2gvkGhL6DQvkBTGsU2wWJIMbH6/YDkHuFwzl1cPXcRAdhYHyUZGeUleZ53tv/L6EfaTQFIhKdbD8Cmyl6n3QGAdIxrWX8O6Eq6ujltjKaffMT5YVzL+M9dSaNH+YWo+UPjP7/ngvlFSa+izC/nk/zfofqvjXkq5fJiTv1SKL8Uuf/J/v/8DOa/kfRW0jsjvZf0YXrX+iTp85z6zVD9bxHrA89hVA7HgS8y2mu7zr9ZnPfjyiwu+HE1FP+fxUU/LjeO3OaytgAgpsyC858Nnf9c6PwDeLl6/cFB3XWd4w1dDBMuOpS0KnuPuZBWog0Wixb39+f46Wn/MgFYNuuk07V6/cHfdqfeclrOYdXese3KdmXLtvzJ3wrO/wDWx8OfftqdAAAAAAAAAAAAAACAuL5I+pp2EwAAAAASkcTbSGnvEQAAAAAAAAAAAAAAAAAAAFgXdwEAAP//xZ5OgA==")
mkdir(&(0x7f0000000440)='./control\x00', 0x0)
open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x80040, 0x0)
unlink(&(0x7f00000001c0)='./control/file0\x00')
rmdir(&(0x7f0000000000)='./control\x00')
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x1010, 0xffffffffffffffff, 0x7d266000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

12.924459758s ago: executing program 1 (id=3678):
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
dup(r0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1, @ANYRES32=0x0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
socket$packet(0x11, 0x3, 0x300)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x0, 0x0}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
socket$packet(0x11, 0x0, 0x300)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r3, &(0x7f0000000040)="800037bbd79ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000001640)=ANY=[@ANYBLOB="1800000000000000000000000000000061111c00000000009500000000000000f99ca3a7753fa66ebff0a93261763f00a57df35f3161c97af107333124d5d2ca1dcddc758e006662acf0543fda23cf60ab5aa1b4c0b97f7bfc5bbeb1b700002005c1255c41740c016975b770d32e66d2fa58d102b966770412ccb30587d465c8412466bcafafc86901a426c5ceb0e9858d272a3027e6d37bcdf397ac81b7e6652130846c9fd2d67904c1496945dcf86ca5227d43d096361ca0c6d0fbffffff913083cf65b42777731adf59acaa2d04ff7fec29770270dac8d11e7f651b9f8868c29c87dde04d359ff2d1c7300d2401a0a1288de96fb49863dcb2f6681a6a5409811484ca56e68ca0536524242d2e461eb40814a0eca8a2e8fd8aa5069d201348329ee235a0b5deec3c366177ac8ba9d84cd2cfa180c1bed940a51cae53389cca056a79b985abb1ac77d8ce5c240aecea67e5cd37befbdc42534a502c3fa1e45c56ca750ed570ff0343ff057e737d8b2b22486389ac853fee470c932b6a36316ff0b7459a82f69fd74ba75c97dc42b504162bf6fa7933d0a36d97090ed1b70d176b75b816667356030799897eedf1c7035d4b572c762c01b4f1869de8dc91d558fa41eec506dc3e8dabdd8824ffbde06620a1a1bcef3eb73a7171859a85e29bc3940055719718184121ff4080d6551fbd195516e3974ed3689fbae9c27684ed61aa0781c53ebc6689ef1b25959b1f52f04cd6626e0300b88e2dd1b52d070ec194d5b33f761fc91f07988098de9bbd931e47b8a389508924cf14e32aaca3710eb9915a200ed6452b2195447bd7a74edd015fdf2bd9808fb5f846be969fb8f71abf87395c48cedf9960f612c2e8bc8b96d003035702218f8c32c0bf8aa28157d37940861b83934f270ba263feac6347e35c1e4e0d967323964ff0e295db0226419a2a821d58c9c284fa827746dd2430dea41b86bb4e7f4a8c87b71c3356dde2be6805b00603ea915bf82884de32eea2f1a3a8b5c7fa9df4329a35c9c216d8f6a80c656faca2f777888bca19eaa3517b1910d14d319d2dfa320796d1b256707e84ec09fa2dd6b4da53f312eefb999ce52aa26818c87a8c957fd36dffa5607d155ccc478cc798a6616f51b11d4405001b9b92c5cc7b90ddb2fc9b841ce7b2970236c56204244201b757bf129cdc7f5bafc30c0e27d438184f84ed05db34cbf65bb09c7ca25a6171b77048dfdbe770e2c6417ee6939a59d66634e767e1557f190ce1afce1d6096f7f441a91e0b4b543a59d94724927a0c1610e292345200e5e10406e24c3acb02f7d31db8cd97f5897aaf5cabbdbfe6e60e48a4525716205f895e0faa5e976b1441394034046daa6c0bf7bd90893afedfbe858864deb2ba51dfbd78753bc3ad4da2fcc955bf28c0cbc7d9b18e1d1a1ebf2d759561fe432bc7b793dd3e9275c8a90a4d7a9dc056aafc9bc3ac3ed5b1d1993332cedd756c386edc1c19c616d063397f308a909f034a46081fdd70b64254ab11"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15}, 0x70)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000040), 0x0)

12.66186236s ago: executing program 4 (id=3681):
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x40015b0b, 0x0)

12.472291198s ago: executing program 3 (id=3683):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40000000000000061114800000000004600feff00000000950000000000000075b71e127abedd60962fc96fb81a6b69e9ea7265b1a7f3eed659742494b0dcced2fc01d43cb79510344d9fbd6bf71ac0e17bb6fec779bd52ec2666a91af002818aaf9c0f0253743bf7925c97861149847d6a31446d64277b8f2de68adf63565a9730313858c8f1b1cfacacf8d27c76f6d3fcb459df14f6822631da82f4ff7ff59f4d51f1bc20d8df28cc414af9f9bc2d25db12c983ec7ef6d34153bf"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33}, 0x48)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x87f0389ef7e17334, 0x10, 0xffffffffffffffff, 0x41f3e000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000001480))
ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000040))
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000980)={0x1, @pix_mp={0x8d2}})
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000005c0)={0x1, @win={{0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0}})
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001000000000000a4fdf2223c760000000000000a74000000060a0b040000000000000000020000004c0004802c000180090001006d617371000000001c0002800800024000000015080001400000000c08000140000000011c0001800b0001006e756d67656e00000c000280080001400000000208000b40000000070900020073797a320000000014000000110001000000"], 0x9c}, 0x1, 0x0, 0x0, 0x2004a0a4}, 0x48000)
r5 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, 0xfffffffffffffffc, &(0x7f0000000140)=0x4)

11.30962332s ago: executing program 3 (id=3684):
syz_io_uring_setup(0x24fd, &(0x7f0000000180), 0x0, &(0x7f0000000140))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib}}, 0x118)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}}, 0x0)
mkdir(0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000001880)='numa_maps\x00')
pread64(r4, &(0x7f0000000880)=""/4096, 0x1000, 0x0)
syz_usb_connect(0x6, 0x53, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000570ced08080405ead54601020301090241000100000000090437000043ce320005240600010524000b000d240f010500000009000b62b0c6f6fac5521b7d234231cab0009d06241a230cbd34544f98c8c0ece4410100020624070840000c241b02000300080006000a"], 0x0)

10.980630519s ago: executing program 1 (id=3685):
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = fanotify_init(0x4, 0x0)
r1 = socket$inet6_sctp(0xa, 0x0, 0x84)
r2 = dup(r1)
fanotify_mark(r0, 0x201, 0x20, r2, 0x0)
r3 = syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)

10.892779342s ago: executing program 1 (id=3686):
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x180000)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioperm(0x0, 0x0, 0xc)
getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
chdir(0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000300)={{0x2, 0x0, 0x1, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x3e, r1, 0x1, 0x0, 'syz1\x00', &(0x7f0000000080)=['syz0\x00'], 0x5})
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f0000001940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$x25(r0, &(0x7f0000000080)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x12)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4'], 0x34}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r2, 0xc008af12, &(0x7f00000001c0))

10.359179642s ago: executing program 3 (id=3689):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f00000000c0)=@assoc_value={<r2=>0x0}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000080)={r2, 0x0, 0x1}, 0x8)

9.636211551s ago: executing program 1 (id=3691):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r3, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000480)={'syzkaller0\x00', @broadcast})
writev(r0, &(0x7f0000000d00)=[{&(0x7f0000010240)="89e7ee2c7cdad9b4b47180c988caead67fe1eb42beed2d4101607677935566c449e0e0e465897c4eabb1", 0x2a}], 0x1)

9.556516208s ago: executing program 4 (id=3692):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4004, 0xc}, 0x48)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000540)='task_rename\x00'}, 0x11)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000340)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], <r2=>0x0, 0x2b, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000500), &(0x7f0000000580), 0x8, 0x94, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x200000000000003f, &(0x7f0000000500)=ANY=[@ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007dc4ac039ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xec0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b0fd25a806c8c6f94f90524fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)

9.556136643s ago: executing program 3 (id=3693):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="05030400d3fc02000000ab5d71aced", 0xf, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x6084}, 0x10, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{r0}, 0x200000002})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x6, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})

9.34239825s ago: executing program 4 (id=3695):
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
dup(r0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1, @ANYRES32=0x0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
socket$packet(0x11, 0x3, 0x300)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x0, 0x0}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
socket$packet(0x11, 0x0, 0x300)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r3, &(0x7f0000000040)="800037bbd79ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000001640)=ANY=[@ANYBLOB="1800000000000000000000000000000061111c00000000009500000000000000f99ca3a7753fa66ebff0a93261763f00a57df35f3161c97af107333124d5d2ca1dcddc758e006662acf0543fda23cf60ab5aa1b4c0b97f7bfc5bbeb1b700002005c1255c41740c016975b770d32e66d2fa58d102b966770412ccb30587d465c8412466bcafafc86901a426c5ceb0e9858d272a3027e6d37bcdf397ac81b7e6652130846c9fd2d67904c1496945dcf86ca5227d43d096361ca0c6d0fbffffff913083cf65b42777731adf59acaa2d04ff7fec29770270dac8d11e7f651b9f8868c29c87dde04d359ff2d1c7300d2401a0a1288de96fb49863dcb2f6681a6a5409811484ca56e68ca0536524242d2e461eb40814a0eca8a2e8fd8aa5069d201348329ee235a0b5deec3c366177ac8ba9d84cd2cfa180c1bed940a51cae53389cca056a79b985abb1ac77d8ce5c240aecea67e5cd37befbdc42534a502c3fa1e45c56ca750ed570ff0343ff057e737d8b2b22486389ac853fee470c932b6a36316ff0b7459a82f69fd74ba75c97dc42b504162bf6fa7933d0a36d97090ed1b70d176b75b816667356030799897eedf1c7035d4b572c762c01b4f1869de8dc91d558fa41eec506dc3e8dabdd8824ffbde06620a1a1bcef3eb73a7171859a85e29bc3940055719718184121ff4080d6551fbd195516e3974ed3689fbae9c27684ed61aa0781c53ebc6689ef1b25959b1f52f04cd6626e0300b88e2dd1b52d070ec194d5b33f761fc91f07988098de9bbd931e47b8a389508924cf14e32aaca3710eb9915a200ed6452b2195447bd7a74edd015fdf2bd9808fb5f846be969fb8f71abf87395c48cedf9960f612c2e8bc8b96d003035702218f8c32c0bf8aa28157d37940861b83934f270ba263feac6347e35c1e4e0d967323964ff0e295db0226419a2a821d58c9c284fa827746dd2430dea41b86bb4e7f4a8c87b71c3356dde2be6805b00603ea915bf82884de32eea2f1a3a8b5c7fa9df4329a35c9c216d8f6a80c656faca2f777888bca19eaa3517b1910d14d319d2dfa320796d1b256707e84ec09fa2dd6b4da53f312eefb999ce52aa26818c87a8c957fd36dffa5607d155ccc478cc798a6616f51b11d4405001b9b92c5cc7b90ddb2fc9b841ce7b2970236c56204244201b757bf129cdc7f5bafc30c0e27d438184f84ed05db34cbf65bb09c7ca25a6171b77048dfdbe770e2c6417ee6939a59d66634e767e1557f190ce1afce1d6096f7f441a91e0b4b543a59d94724927a0c1610e292345200e5e10406e24c3acb02f7d31db8cd97f5897aaf5cabbdbfe6e60e48a4525716205f895e0faa5e976b1441394034046daa6c0bf7bd90893afedfbe858864deb2ba51dfbd78753bc3ad4da2fcc955bf28c0cbc7d9b18e1d1a1ebf2d759561fe432bc7b793dd3e9275c8a90a4d7a9dc056aafc9bc3ac3ed5b1d1993332cedd756c386edc1c19c616d063397f308a909f034a46081fdd70b64254ab11"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15}, 0x70)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000040), 0x0)

9.319250749s ago: executing program 3 (id=3696):
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = fanotify_init(0x4, 0x0)
r1 = socket$inet6_sctp(0xa, 0x0, 0x84)
r2 = dup(r1)
fanotify_mark(r0, 0x201, 0x20, r2, 0x0)
r3 = syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)

9.038829959s ago: executing program 3 (id=3697):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x78, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r5, 0x0, 0xfdef)
r6 = syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b010000000904000302ccd4280009050b02000000040009058a02"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000001240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r5, @ANYBLOB="0000000000000000b702000014000400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r8, 0x4b72, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)})
r9 = dup(r3)
syz_usb_control_io(r6, &(0x7f0000000700)={0x2c, &(0x7f0000000580)={0x40, 0x0, 0x4, {0x4, 0x5, 'wQ'}}, 0x0, &(0x7f0000000600)={0x0, 0xf, 0x5d, {0x5, 0xf, 0x5d, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x6, 0x7, 0x5e4d}, @ssp_cap={0x24, 0x10, 0xa, 0x0, 0x6, 0x4, 0xff0f, 0x3, [0x3fcf, 0xfebff0, 0x14000, 0x3f00, 0x0, 0xdfb0]}, @wireless={0xb, 0x10, 0x1, 0xd1ec37bb1d67a05, 0x24, 0x0, 0x8a, 0x3, 0x81}, @wireless={0xb, 0x10, 0x1, 0x8, 0x0, 0xff, 0x8, 0x1ff}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "bbc35dd570958566fc0657eb7d81f582"}]}}, &(0x7f0000000680)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9f, 0x2, 0xfd, 0x7f, "a7fcef71", "da8e7090"}}, &(0x7f00000006c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xfd, 0x0, 0x4, 0x10, 0x0, 0x5, 0x7}}}, &(0x7f0000001140)={0x84, &(0x7f0000000740)={0x0, 0x3, 0x67, "79f862ab4c65bd5d9458d32585a2ffc41b41cd9c8177dd99453f8027a915eb5146005024d9e4b95d77d0de3f67073fc76a41c88ab3e05fb3b723cccdb86c797ac9351016ebe32cfff644d7ad884f54781a5cdc4f7f2d89780f3459b3b7512fd52a18ed652cdf10"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000840)={0x20, 0x0, 0x4, {0x1, 0x2}}, &(0x7f0000000e40)={0x20, 0x0, 0x8, {0x800, 0x20, [0xf0f0]}}, &(0x7f0000000e80)={0x40, 0x7, 0x2, 0x1}, &(0x7f0000000ec0)={0x40, 0x9, 0x1, 0x8}, &(0x7f0000000f00)={0x40, 0xb, 0x2, "afb1"}, &(0x7f0000000f40)={0x40, 0xf, 0x2, 0x6}, &(0x7f0000000f80)={0x40, 0x13, 0x6, @local}, &(0x7f0000000fc0)={0x40, 0x17, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, &(0x7f0000001000)={0x40, 0x19, 0x2, "fdf2"}, &(0x7f0000001040)={0x40, 0x1a, 0x2, 0x7fff}, &(0x7f0000001080)={0x40, 0x1c, 0x1, 0x2}, &(0x7f00000010c0)={0x40, 0x1e, 0x1, 0x8}, &(0x7f0000001100)={0x40, 0x21, 0x1, 0x81}})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000008c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd25479024a676b21b3adc5e463c9effbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953584db11b7f89ec68098eafa48cebd6882a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56f335e2373b2cde5692db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8b03fe4798e5750d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a69151fccaefc6e9b770c9ac124da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb11803"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000001200)=0x5)
getpid()

7.702702488s ago: executing program 2 (id=3699):
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x180000)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioperm(0x0, 0x0, 0xc)
getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
chdir(0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000300)={{0x2, 0x0, 0x1, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x3e, r1, 0x1, 0x0, 'syz1\x00', &(0x7f0000000080)=['syz0\x00'], 0x5})
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f0000001940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$x25(r0, &(0x7f0000000080)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x12)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4'], 0x34}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r4, 0xc008af12, &(0x7f00000001c0))

6.833703068s ago: executing program 4 (id=3701):
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x180000)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioperm(0x0, 0x0, 0xc)
getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
chdir(0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000300)={{0x2, 0x0, 0x1, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x3e, r1, 0x1, 0x0, 'syz1\x00', &(0x7f0000000080)=['syz0\x00'], 0x5})
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f0000001940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$x25(r0, &(0x7f0000000080)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x12)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4'], 0x34}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r2, 0xc008af12, &(0x7f00000001c0))

6.535136234s ago: executing program 0 (id=3702):
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x40015b0b, 0x0)

5.954796625s ago: executing program 4 (id=3703):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
open(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)

4.827491549s ago: executing program 4 (id=3704):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x40000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket(0x10, 0x2, 0x0)
sendto$inet6(r5, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d27000b000a00070849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e21800003b6ed538f6523250", 0x78, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtfilter={0x50, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0x2}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1}]}]}]}}]}, 0x50}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r10, 0x89f3, &(0x7f0000000400)={'erspan0\x00', &(0x7f0000000500)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x8, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x9, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private, {[@ra={0x94, 0x4}, @noop, @end, @timestamp_prespec={0x44, 0x4}]}}}}})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000900)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
fchdir(r11)

3.564339675s ago: executing program 2 (id=3705):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4004, 0xc}, 0x48)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000540)='task_rename\x00'}, 0x11)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000340)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], <r2=>0x0, 0x2b, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000500), &(0x7f0000000580), 0x8, 0x94, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x200000000000003f, &(0x7f0000000500)=ANY=[@ANYRESOCT, @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007dc4ac039ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xec0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b0fd25a806c8c6f94f90524fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)

3.429710497s ago: executing program 0 (id=3706):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="05030400d3fc02000000ab5d71aced", 0xf, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x6084}, 0x10, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{r0}, 0x200000002})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x6, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})

2.479066504s ago: executing program 0 (id=3707):
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = fanotify_init(0x4, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(0xffffffffffffffff)
fanotify_mark(r0, 0x201, 0x20, r1, 0x0)
r2 = syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

2.478331354s ago: executing program 2 (id=3708):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000480)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYRES32=r0], &(0x7f0000000440)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000380)='contention_end\x00', r2}, 0x10)
sendmsg$AUDIT_TTY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x18}, 0x18}}, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030302c6465636f6d706f73652c666f7263652c6e6f6465636f6d706f73652c626172726965722c6e6f6465636f6d706f73652c747970653db029e1c02c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a8503", @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESHEX=0x0, @ANYRES8=0x0], 0x2, 0x6ee, &(0x7f0000032440)="$eJzs3UtoHOcdAPD/rFYrrQqOnPiRlkCWGNJSUVuyUFr1UreUokMoIT30vNhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0NKyVXHQCGXnHSqyszO7EMa7a5s2do6v5+YnW/me8w3/3nt7CAmgK+tlbmoPookVube3E6n93YXWxO7i1N5disiahFRiai2R5GsR5Z7Ix/im+nMvHzSafhf/cv5cG357c+/2vuiPVXNh6x80ldvuNrRWTv5EI2ImMjHR00e0+Inhxff197NY9sbVXcN04BdKQIXf3qiVuGJHRyx08n7+N/Z56DqJzlugTGVtK+bR8xGzETEdET7qp+fHSrPtnenb+esOwAAAAAnVT95lRf2Yz+249zT6A4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8r/L3/yf5UCnSjUiK9//X8nmRp9tzx8rwFyF+NtUeP3r6nQEAAAAAAACAp+7V/diP7ThXTB8k2TP/13qe8X8j3ovNWI2NuBrb0Yyt2IqNWIiI2Z6GatvNra2NhaxmxIUBNa/HpyU1rx/fxxunvM4AAAAAAAAAMOaG/Sf+3clOcqdI/DZWus//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgHCQRE+1RNlwo0rNRqUbEdFFuJ+LTiKidbW9PJCmb+ejZ9wMAAACeyHT/ZDI9Qp0X3o/92I5zxfRBkt3zX8rul6fjvViPrViLrWjFatzK76HTu/7K3u5ia2938V46HG33x1+eqOtZi9H+7aF8yS9nJepxO9ayOVfjZiRxkKnkrby8t7uYju+V9+uDtE/Jj3IDejPRk76Vflz+JEv/sf9XhGp79N8TrelJVY7Nmc1yJzsRmc/7ltY4X0SgPBJ9W6dsN6kOXNJCVDq//FwYvKTymH8weJ1nDpUq/eXmTByOxPWodLbQpcGRiPj23z7+5Z3W+t07tzfnxmeVSr0/tMThSCz2ROLycxSJ4eazSFzsTK/Ez+IXMRdfTr0VG7EWv4pmbMVqo8hv5vtz+jk7OFKfzfROvTWsJ+kx2eicv8r61Ii+PkUjfpqlmvFatk3PxVokcT8iVuON7O96LHTOBt0tfHGEo74ywpm2x5XvZKNOmKJ+fNm/jNbkaUnjer4nrr3n3Nksr3dON0ovlkapuNaNfj3qUf1Wnkhb+N3A68OzdjgSCz2ReOm4/aUd0j9nV5PN1vrdjTvNd0dc3uv5OD2O/jBWV4l0bV6M6XzlzmefSXZMzWd5L3WusP3xquVPXNoqR/Iuduq1j9Sfx/241Xekfj+WYimWs9KXstKTR65Yad7lTkv95/A0L/2mVe082On9vnU/Wu3vQwCMt5nvztTq/6n/s/5R/ff1O/U3p38y9YOpV2ox+Y/JH1bnJ16vvJL8NT6K33Tv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMe3+eDh3WartbpRnqiUZyWDazVbB8WLxAaU6Usk+atyRiicbD54eDC0wcGJqbx7j1n9NBPFa/iGF24MbKf6RN1Idg5vr+nh26J4y9MIi0iOBDyt/NihK5bcnTM5BpvycKJxeg0WO2xP1sn33nrZ9pqIiLLCQ04cE6dx9gHO0rWte+9e23zw8Htr95rvrL6zuj65tLQ8v7z0xuK122ut1fn2Z0+F6hl2FjhVvV8nOmoR8erwugNe1AoAAAAAAAAAAAA8Rc/ifyHOeh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/28rc1F9FEkszF+dT6f3dhdb6VCkuyWrEVGJiOTXEcnfI25Ee4jZnuaS45bz4dry259/tfdFt61qUb4SsXNsvdHs5EM0ImIiH59WezeHt1frJqdKspNOZNKAXSkCB2ftfwEAAP//jLTthw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
write$cgroup_int(r3, &(0x7f0000000200), 0x42400)
r5 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000000340))
close(0xffffffffffffffff)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x3)
r7 = dup(r6)
write$uinput_user_dev(r7, &(0x7f0000000380)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000002600)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1]}, 0x45c)
setns(r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000003080)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a9554328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c5a01ba62ed8f2c6a503dd1b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341d13d244359718ac3dad595712a4051bb6cf826ab757193fc093b8b3353fbbb278d19000000000000007b61805ed430ef06000000000000001e93f640f159320c8b088f4d64977b2eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751df38c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b777d73a63246ce6f0467167626329ab91df7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c230f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6ee02412064730700aeff2b69c2f2bf6f691c3560e068743ae8e8771280dac7fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c56d9abc40c64a20c14ff0b1bf4d23fe07ae90f503ba9c64bf89b26e7d8d70710b04f9ece69023acadbb4582272e5b3a0429a5675e5a9554de54945d9a270180e0545b0c824ad36f7cc8be12b3874d5a19349b0ede845e9ece24d546d3af1bae069b89f6ecf2aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d8fc9a28c6b8e00250a7f2eeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d1690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1be3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a6df5bdc6f7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dcdb951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02c0c714c2862ddbe567755f05a1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1e88f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c21181f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae65e9f2cc9a5129e385b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfe63c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738bf356131ca53e9d7ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e4c26497c029bb61462623a58556cd62844d4d23cc738ee5b36c71d2c010b089251d5806000b1ade92dd9f441468967c052aecd9de817394eb580240d556d0f0b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd49457536430ffbd3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e04e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c3b5a620fc84e1c735647895713cbcea57b2277831f8f633f0d29371e645e5544e57010a9b76457f6ad73231a9f31f6bbb1b95248aeda5a9df9dea643a792bb0910e45fce298ab0a0298fc33a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b96acf060f74084760d226f50edb115c2e075f3c663a4b4169b900fa0a13cf796e0d7a9dad86953c13ed6241206d68ae194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b9d5dd8bf6c28653eb84f117e476e052a9db790e0a71dac9d8b343efebdc026860000000000000000000000000000aad579302085dfdf75bea24798c680b3de341e3bd57543bf74fd58bcebdbb883c743ed43ba7f540f2c4e0310c21e7deff9e45b8bd2cf65bb584091b8e80e34b3e59185fe32d1d73dd4f62712a39b1366c71420b339ec1295f79b1516723b6b80a7e99e5aa6536982c02275fc53fa3ef14d9fccb05f9c4e69a3af0fde863af2d9a0f8a94fc571b0ab4ad714f41fa4ee0bf14a8b44e3c41a3125be95e4b23d5f05395852761bfaebe0db979d5f3991d826cc74542b85cfd0dba66bc93cfd79178ab0b79fa3b29ff9c19e0424513c91980187c9d94b8354337a1fc782505db900c47d83bd49276cfe6e242ba8365b1ea4598a21f50f5415a70990b5bb4a1f6bd8acdf2c7da3d648754767089c9b5ceb556fafa3cc5afd2f3e9a62a90262a76ff89a2751b59a744f0d3f36ca503357daa3e29ce6f357dc1e4839277d003e93fdbb955e1a1302a76aea7e73835094fb15464e94e814c77c293121d0433e80d444c4ca17abaf32b521d8686666055da023aef9c8df3e80d2ed640ed10aa19a036dcef172dbd3b3600b69d7b90c6222e167d7c76059f2b5f3b3004e8a20d1f6612efeb629573be97aa949c6016e7e56283e84986aaa4fc8a098708ebe36f377ada63d9b464c39342e0682549862de3ec75e7b031bc49f341a21417fb6375e8701481b59d1722c836961804666801678eb25750b520bf1615a4bbf30aa74d60ec6b657f2dd298b0419da43fc708a60c94a7ff2fd6a2d08005ad73c9e2d6143d2857be8fb3f12bfa6628bccb153e39172d07563d6a1dc75c347c08060304f091230bd74b49ecdd13bf480db3984622a167c8603b8c501280059a7b6123c8f8cd217f64eccc2dffe4f3a1e8c9a96a13d8126f3ea26779fbd0069d729a7764d4ddd7d9d820b0de2530969362b94b974678527f5bac7eb8d6e321b2be0b2f7534634a5ecd1248d7ad7e8e03163e92e9f1d620e28597bd881eea0981e8adfd70b670b0763ce9226f7c3e156b353e22fdea6942b577bbc539aab23cbd46bdd0ea1e67140c759f208c12dc57f3100000000000000e4965fcb6c2749955eac9476687e63b41c6282bbcb0c3d8b0c9493a3a5f6d879d7257b4b68dc7cac3d9d5f5bbe937c501866ee4042b250e516ec074559e1e551167138766eeecb6941e8305d9cde1800c821536f9d25bd14163890842a08135bdb7a90db630b18f099855a7d9de65c80fa71ff90e873361d0e11a7dfebe56ffb2000b711a0b7914d6351ff60593e48af60e1ffecba7cd6f8ab662eb3c8f3164139e994d6a706afb92722595d649a04f1ff64e5634e7cb9106173a96bf47f7085e7eecdfdc1b6507b851c4ba43312726cfec58dedece1355a087c1b60882713a6161914f09267e2ce8aa886b380add5cd92e185d345c9b2933a78a4215133e8e7247fa444aee30bfb6c17ef537fba43aad323f552c01e17514d5db387e4bf9341ccf5931fc75350f8dcef3ed3e74d674865249b879466f0e3cf0dc9e3d8720ea261e6996b844501e374a0e9878c1d02fd3d6e2ae5d7677892d7a5cdf4b7fa8f315b41552d07495f034e1fa0a2c9a34b7f66638e775dacb33e9b5cd3f4193bdebb7e86090dd265ee2b3ca9bd32d19ef229a050e910263d916670d8006067f5c0a1d8"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

2.344611959s ago: executing program 0 (id=3709):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mlockall(0x7)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
munlockall()
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000140), 0x0, 0x4)
ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000000)={'vlan0\x00'})
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x0, 0xf24, &(0x7f0000001e80)="$eJzs3UFsHNUZAOA3613biU28BgoGSkihFYGCHZKoTW9BoB4Rl95BIaERhqKGHoiAmB4QlRBFQpwqDlRcKJVSpCKBKlWop7anVr31hHqhUpVKQT20kRJXsd+sd5897Hq8nvXufp/0++2bNzv/P17HmRnPvg3A2KqtfT1+fCEL4Z1P33705aeyj68vu6u1xqG1r1nsNUMIjbZ+lmzv87jg6uWXTm3VZuHo2te8Hx671HruTAhhJRwKn4Vm+HBp+csP3n3k8EevTd/y5vlnXtml3W9J9wMAAEbRxT8v//2+f/7pgfkrFw+eDFOt5fnxeTP2Z+Jx/5F4oJwfL9dCZz9ri3aTyXoTMWrJehPJevUkT70gXyPZTqNgvcku+Sbalm21nwAAADCM8vPaZshqix39Wm1xcf28/7rP5yazxefOLp85N6BCAQAAgNL+c2HtplshxF6MsAdq2MW4MOL7txFZfdRfSyGGOSb9+xRifOLVPVCDEAOM1bkBXnwAAAAAxlI6X9gmK/2dqau1tWZv+S89XNv6+dAHVf/8yz9c+d9/1W8cAADKG9WjyXy/8uPofB6DdB7BieR52z3+ryXbqW+zzqJ5BYdlvsGiOtPv615VVP92X8dBKao/nQ9zryqqP52nc68qqn+q4jrKKqp/uuI6yiqqf1/FdZRVVP/+iusoq6j+mYrrKKuo/tmK6yirqP4bKq6jrKL6D1RcR1lF9Q/LbbVF9TcrrqOsovrnK66jrKL6b6y4jrKK6r+p4jrKKqr/5orrGJQ7Y5t/Hw4WrDezxTndsJzjAQAAwLj7n/n/hBBCCCGEEEKIkY8Lg74AAQAAAAxc/r6A/F3vq1E+PtFlvN4+Pr2xQj7e6PL8yS7jU13GAQAAgBB+9/qZ297KNua72+l8ePm8UfvCx9dCiXmM0vkIt5t/p/Oe7TT/sMxbBgAAwHjJvv/Ztfsffe+F+SsXD55sO/u9Fs9383lA6/HawCexn98XMJv0s/wc+mRnnlrBeun1gRuKtvf4DncUAAAAxlh+/t4MWW2x7by7GWq1xcWN8/GF0MjOnF0+fST2889n+eNcY+r68ocqrhsAAADo3cb5/tbn//nn+C6EyWzxubPLZ86t92dbyxu19usCcxvLs/brAs1k+dGC5cdiP//8zh/O7VtbvnjqR8tP9XvnAQAAYEyce/H8M08uL5/+sQceeOBB68GgfzMBAAD99sUXbzd+cmz29+vv/9+Y/y5///+h2G/Guf3+ElfI7xPI3wew6f36T3TmmSta7/nO9ZrJehMxppK6p9u2E9bmG+x83nxRvmbndiYL8qXzAM4m+dJ5CurJ+nm+A8nydH7CfL25ZHk6D2M9yZEl+e8OAAAAUGzphWefXzr34vkHzz775NOnnz793LGjJ7534sSRh7770NLaff1L7Xf3AwAAAMNo46bfcs9f6XdBAAAAAAAAAAAAAAAAAAAAMIaq+DixQe8jAAAAjLt/X4iT+AmxVeQfMDjoOsRejtWpfm4vG/j+7L0IX/HvcGIP1CeEGJnIdut38HdmHE8IsRJOTm+xfNW/DVFhrK6mnzQPAAAAsLuuXn7pVHu7yUrW13ytrTXXm2sxb97OPvi3+euRr3bp4c7rJfv7Wg3jruqff/mHK//7r/Y3/3T+oOfff7XODZzs6O3rNe+9S79aaM9/e73H/On+P95rxk6Hk/z3ht7yr76X5H+io1frNf99Sf79PebftP/P95qx0/0x/0LsH76n1/yduzgV23w/ev0B+Hay/0+FXvMn+9/sMWHigZgfAMZRzwcsQyY/SsiPo+NdZ639jYebIb37YbvH/7VkO/UdV9653fw46NbYbx2vr3TmzW23/vz7MhvbG0rWmRqWu0qK6u/X67jbiupvVFxHWUX1T1ZcR1lF9U9VXEdZRfVPV1xHWUX193whYsCK6h+W68pF9c9UXEdZRfXPVlxHWUX1b/f/8UEpqv9AxXWUVVT/XMV1lFVUf8nLapUrqn++4jrKKqr/xorrKKuo/psqrqOsovpvrriOQbkjtkXnw/n551wcy/vNpD+1xfdyVK8tAAAAwLD5l/n/hBBCiL5FX+fDFEKICuO/q+vCSqgNuhYhxO7E6uqgr0AwSLv7bmYA9iq//8eb13+8ef3Hm9efIvW2e/jzn5P0nv6JLuP1LuONLuOTyXj68zqVLE/fv3BTst3V/LpmdHOX8a999fhK6PL8W7uML3QZv63L+O1dxu/oMg4AAMB4uCW2zg8BAABgdL3860/e+O29T1yev3Lx4MkwuWne+SOxPxX/xv567Kfz3uca8W/+P439X8b2D7H9R7K++08AAABg9+WfE+Pv/wAAADC68s8pdf4PAAAAo2s+ts7/AQAAYHTdGFvn/wAAADDCsumtF8c2vy5wd2x7ndcPANj7vh7bO2N7MLZ3xfYbsc2PA+6J7Tcrqg8A6J9f/OBnJ97KNub7P5aMX43L83aTlfUrBVmtcyb/fbHdH9tv9VhP+nkAvebPHegxz27ln9thfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdNTWvh4/vpCF8M6nbz/688k3/np92V2tNQ6tfc1irxlCaLSel49u9H8TV7x6+aVT7e212GbhaMhC1loeHrvUyjQTQlgJh8JnoRk+XFr+8oN3Hzn80WvTt7x5/plXdvFb0LF/AAAAMIr+HwAA//9k+CGg")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x30000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000010004000100c0"])

2.0673193s ago: executing program 2 (id=3710):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x3, 0x200003f0, 0x20000418, 0x400], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYRES16=r0]}, 0x7a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$iso9660(&(0x7f00000002c0), &(0x7f0000000000)='./file0\x00', 0x32004c8, &(0x7f0000000100)=ANY=[@ANYRES8=r1, @ANYRESOCT=0x0, @ANYBLOB='8,\x00'], 0x1, 0x656, &(0x7f0000000640)="$eJzs3c9v2+Ydx/EPZdmWvaEYtqEIAjd5mqyAjWWKJDcOjOwwjaJsdpIokHRhAwOKrJELo3K6pRmw+lL4sh9A9w/s1ssO+w92GbDz/osddhhQbLcBu2jgQ8mSrF92rDjt+n4JDh+SXz3Pl6TCxzRFUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQI5bKRSKjmp+Y2/fTOZWwqA+Zf6yrW1RG2m1GzPblZzkR7mcbqSTbny3P/v15J87WkvH1pRLBjmdfOP1bz36TjbTe/+UhF6ELlvhx5+cfPi43W49m3MiXwLKXCBox2v4UeDXyzue8aPAbG9tFe7vViNT9WtedBDFXt24oZeJg9CsuxumuL29abz8QbDX2KmUa15v4sMflAqFLfPOcnfz338nH7m7fq3mN3ZsTDI7iXloPvtpGvKPbmhrc1aSh0ftVvEiQaVZQaVCqVQslkrFrQfbDx4WCtmRCYVzNBIx9w8tvmLmtOcGri6T9P9/d6SacmpoT/syY1+uKgoVqD5hftdGugvfeOu+N7Xdwf6/18vf6M++Kdv/30rHbk3q/4cyaA+O2TeMy9OZMP2FXk4v38dqq62Wnl2hNqdfvj23DF/ya0fKSr4iBfK1orJ25Ml0pxhta0tbKug97aqqSEZV+arJU6QDRYrlqW63SShPZcUKFMpoXa42ZFTUtra1KSNPeR0o0J4a2lFFZf2n0+kc6ujP31TLRkx66VBHduMUByef+/CcBZWm1DSp///Zp+mngP7/6663P7hIDPDKdbrH/5d0++VkAwAAAAAAXgbH/vXdsefu35DUUdWveYVXnRYAAAAAAJgje+Z/LRksJqU35Ew4/u9cf24AAAAAAGA+HHuNnSNp1X6p3+lfCXWRLwEsXEOKAAAAAADgiuz5/1tLUsfeuOe2nEsd/wMAAAAAgK+A36p777815bK9e+x2FiS9u5jOiJrLzl/+taxw0Tlt7n/POS4nU8vH3VP/I98AiKs3nde6N+q1gyVJdsz11pz+gwEc+5NLR744nHWvfyc8l8DSQu/PF7MS2Mp2x/SZ3kxj3uy2++QkIzsnbWW16te8vBvUHhVVLr+Wib39+JdPj34lhWfLeXjUbuXf/6j9xOZymkw6PU7y+HQoncysXJ7b+y3Yay7GLfGKqr0mf9eorzq23UJv+RdUPs4MNnSx5f+17qQxd1bT4epJbwvY5c8ly1/M203WX3p7dwinn0Xx/JKP2xATssjZLO6mMXfX76aDXn7dLL6/IJXyo9sgHMyiNJjF7HXh/HtkXczIIlkXm0kWf00qGs4i08ti83JZjGwRAHhVDvu9kL2J+eg99s/3uy+yl5vdu/9ouJXnf+ikFxwuSNnuuYmpreSU7NHX05gl2R1r9uaYPXqh26/kNKFfKVyhd0va+lP/GUjdtEey+G+n03lUtO3+vlHv/p4l2+7nSenzie1GtdJCsgrvPz/+ub0BfuKD1getp6XS5lbh7ULhQUmLdjG6A/oeAMAYs5+xMzPCefvsqPrJP99KS0M93rd1qJz9SkFe7+sjtfVE93qPELg9vtbVga8h3Bs9ak1iV6TzsUXdm3hUZ/vSgdjSWWyvAz5/BNiP3XzJWwEAgOt1Z0Y/fJH+/17vuHv95tjj7uG+/PwTgifFFq95TQAA8PXhhV84q/FvnDD0m+8Vt7eL5XjXM2Hg/sSEfmXHM34j9kJ3t9zY8UwzDOLADWqmGWrZr3iRifaazSCMTTUITTOI/H375HcTJVXXTeTVy43Yd6NmzStHnnGDRlx2Y1PxI9c0935c86NdL7Rvjpqe61d9txz7QcNEwV7oenljIs8bCPQrXiP2q35SbJhm6NfL4YF5N6jt1T1T8SI39JtxkFZo23LkqFENwrqtNq/OpR90CADA/6OPPzn58HG73Xo2pXCq2THdwtK4CsWpZgAAvlQGeumpeufIK9eRFAAAAAAAAAAAAAAAAAAAAAAAGHKR6/8uVVgcd7GgdDblF737Bk+vx9G8E7tMIfPib//blJiVsykasxJOX8GSKi1k51/zinTxy0bnUPjhYbpGJ8YkM8fOWj7bFtn5/3dICk//OGFWp9PpTH/78vA6XJq2gMOFrKRnS1fYBNe/LwJwvf4XAAD//7nMOZ8=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
set_mempolicy(0x4003, &(0x7f0000000080)=0x7, 0x3)
r5 = syz_io_uring_setup(0x80011c9, 0x0, &(0x7f0000000180), &(0x7f0000000240))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x13, 0x2000ac0a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000fdffffff0000000000000000b7080000000000007b8af8ff007b8af0ff00000000bfa1"], 0x0}, 0x90)

1.885359755s ago: executing program 0 (id=3711):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48}, 0x90)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6bd, &(0x7f0000000d00)="$eJzs3c9rHOf9B/D3rFZrrb/BXzmxE1NSamxIC6a2bOG07qVuKcWHUEJ66FnYciy8loMkFyWUVmkLPRV6yB+QFnTrqdC7i3tOb7mKngKFXkwPpheVmZ2VV9rVD0uy1k5eLzF6npl55pnPfObX7qzEBvjKunEhzYcpcuPCO8vl+NrqdGdtdfpYPbuTpKw3kma3SDGfFI+S6+X8om9IXzngk7lr733+eO2L7lizHqr2jZ2WG2JI25V6yNkkY3U5aHyvq9jU380krww0ae21r00Ny6Sdr0sYufUBKzu0/ueJLROe5bwFXjC9u1PRvW8OmEyOJ5moXwekvjo0ji7C52OnqxwAAAB8WXx2f9QRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMun/v7/oh4adZmzKXrf/9/qTavrL7WHow4AAAAAAAAAADZr72ehbzzJkyznRG98vag+8z9XjZzKf9eT/8uDLGY2C7mY5cxkKUtZyOUkk30dtZZnlpYWLm8sWRq+5JWhS17Z51YDAAAAAAAAwFfJ9n8d8OvcePr5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvAiKZKxbZD3JqY0ZK41md3Ja1Wjyj179JVEMm/jw6OMAAACAA5nYxzL//yRPspwTvfH1onrP/3r1fnkiDzKfpcxlKZ3M5lb9Hrp8199YW53urK1O3yuHwX5/8O9nCqPqMd1nD9WaN96s99Z8pmrRzu3MVVMu5mbV5lYa1ZKlM714hsf1cRlT8f3aQAzNoZE167SWK/vDdk8RDsWzPoqYrEPuZWSqjq3MxsluBorqQU2yNRO77p3m1jWlkfGNNV1OY+PJz6kD5Xy443VZPKjLPS53qFaGTdzIRCNVJq70HX2v75yJ5Jt//fPP7nTm7965vXhhJJu0H2PbTK8z0TvCMt2XiTde6kwMvw5sb6rKxOmN8Rv5cX6aCzmbd7OQufw8M1nKbPU8tTRTH8/l78mdM3V909i7u0XSqvdLd5/tJaaz+VFVm8m5atkTmUuR+7mV2bxd/VzJ5XwnV3M11/r28Olt4662rTrrG1vP+t6e/tvQ4M9/q660k/yuLgdyUFtZ79ru6Dws3Wt/mdeTfXntXgkfb7Q62XdtnOrL0qu97IwP7Xw/18bm1+pKuY7f1OWLYbLORHkC9e4Svehe62aiWd2LBo/zP1bnxmJn/u7CnZkPtul/6wX5rbosD6vVr+81yuG74nCVx8urmaivJJuPjnLea+WOHCuTc3LTXbVVf+LSXa4xMO90Na8oemfqT7Y9U1v1a7jBnq5U894YOm+6mnemb96m11u5n05uHUH+ADigyRxvtf/V/qz9afu37TvtdyZ+eOy7x95sZfzv499rTo291Xiz+Es+zS/HTow6UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DJY/PCjuzOdzuzC8Epj+1m7VHbreUulqL/QZ1/rOsRKK8lh9DOxtZ/xcsKRb057181Z/1Vy5HnufYng8Da/LyvN7KXD67u1+XhfETaSjPY4PLrKWIYfACO+MAHP3aWlex9cWvzwo2/P3Zt5f/b92fnxq1evTV27+vb0pdtzndmp7u9RRwk8D09v+qOOBAAAAAAAAAAAANirYf8YcO6Vw/gfmJa/LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxY0LaT5MkctTF6fK8bXV6U459OpPWzaTNBpJ8YukeJRcT3fIZF93Rf70KOtD1vPJ3LX3Pn+89sXTvprd9kmjLg9gpR5yNslYXR5WfzcP3F/xn94Wlgk730scjNr/AgAA//8zePjB")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0xf36ec9f677bfe399, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000500)='./file0\x00', 0x200000, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x1, 0x495, &(0x7f0000000a40)="$eJzs29trHGUYx/HfM8luNttqt22aVil0VVCpWHPo0XjRQwwVekjTRqSoEJtNXJoT2VTaIlq88dYbb0REQUGqaEHEG6+0d/4BCoKgF16I4F54AEGQmX1nZ7LZtkn3kGz7/UC7k3eemXkP+8777s67AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0uGnD/X02mrnAgAANNOJ0yM9fYz/AADcVc7w+R8AAOBuYvL0g0yDI0U7HvxdkjqWn7lwcXRwqPphnRYc2RbE+/9SvX39u/fs3bc/fL358fV2n06ePnMoe2R2em4+VyjkxrOjM/lzs+O5ZZ+h1uMr7QwqIDt9/sL4xEQh27erf9Hui5lfO9Z1Zwb2dR/0wtjRwaGh07GY9sRtX32JG83wk/K0TabfH/7MTkjyVHtd3OK902idQSF2BoUYHRwKCjKVH5tZ8HcOhxXhubI6ybCOmtAWNemS/HxZsj6f2RLydFCm7l+KdlJSW1gPjwVfDN/4wPa6XP62+fl8QdKDaoE2W8M65OknmaY3pDS8+s2KJmuXp4sy/TlQtFPB/cDvT/5t89iz2WdmJmZjscPmelSrjw/NtMbvTSl5OhHc8Ys2stqZQdP5k6W3ZdryySvBvELBvHTDwL4nT/XHZxhbb3EeP3aXmz8uZ0xOuNhhGzbz6l8uAAAAAAAAAFKHefpepuLX2SgxY/Jij4xTKj0Yyq5OFgE0inl6R6ZTI8Xga/j4upS22PqeslZ/9tfY/HemjszOXZrPT768UHV/OnXopcLC/Ni56rvV6d9n2+Ipt1rHUqOEeUrK9PxfH1v5uqX7v1sKEOXmo6eiNTOpyusH75t7S+uZwmdIB85ujW9XzfIKno/61zTztCDT4U3b3FqVtJbUmUpxX8j0x/vbXZyX9DMfnjZTOuNEfirX48d+I9MH/4WxwbIorXOxm6PYXj/WZHrr+OLY9S62K4rt82OHZLr+YvXYLVFsvx/7hkxzv2XD2LQfu8PFdkexu87NTo1Xq0pgpfz+/7NM73VlLewb7aX339L+/2o0FlypPNEN+nyt/T8TS7vi+vVZv///vS3oy0H/96r3/zdl+vTL7S6u1PeSbv/G4P+o/z8n0+R3i2PTLnZTFNu77IptEX77b5fp6JZr5bpx7e9aIGq1ePvfX/nuaFD7b4ylZdx1O+pTdEgqXLp8fmxqKjfPRq0brkavrJX8rJGNHWsjG2yscGOVb0xoCn/8/9yfRX31Y3m+48Z/9zElmln981o0/g9UnqhB4/+mWNqAm40k2qXUwvRcYquUKly6/Hh+emwyN5mb2d2zt2fP7gO9B/YnkuHkLtqqua7uRH77fyvTv+uulj/vLp7/VZ//pytP1KD23xxLSy+ar9RcdLj2vyrTA9evlb+XuNn8P/z+59GHSq/l/tmg9u+KpWXcde+pT9EBAAAAAAAAAAAAAAAAoKUlzNOHMh19ot3C35otZ/3fkh+gNWj9V3csbbxJv1eouVIBoAV48vSuTI+oaK/7Ceul4/FX3NH+DwAA///WsSBT")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="0c0000005100000005"], 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000100), 0x4)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448c9, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000003a00)=[{{&(0x7f00000003c0), 0x6e, &(0x7f0000000140)=[{&(0x7f00000004c0)=""/115, 0x73}, {&(0x7f0000000540)=""/252, 0xfc}, {&(0x7f0000000640)=""/75, 0x4b}, {&(0x7f00000006c0)=""/147, 0x93}], 0x4, &(0x7f0000000780)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}, {{&(0x7f0000000840)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000a00)=""/239, 0xef}, {&(0x7f00000008c0)=""/191, 0xbf}, {&(0x7f0000000200)}], 0x3}}, {{&(0x7f0000000b00), 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000b80)=""/175, 0xaf}, {&(0x7f0000000c40)=""/48, 0x30}, {&(0x7f0000000c80)=""/66, 0x42}, {&(0x7f00000013c0)=""/33, 0x21}, {&(0x7f0000001400)=""/68, 0x44}, {&(0x7f0000001480)=""/31, 0x1f}, {&(0x7f00000014c0)=""/45, 0x2d}, {&(0x7f0000001500)=""/237, 0xed}, {&(0x7f0000001600)=""/140, 0x8c}], 0x9, &(0x7f0000001780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}}, {{&(0x7f0000001880), 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001900)=""/93, 0x5d}, {&(0x7f0000001980)=""/222, 0xde}, {&(0x7f0000001a80)=""/47, 0x2f}, {&(0x7f0000001ac0)=""/98, 0x62}], 0x4, &(0x7f0000001b80)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000001bc0), 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c40)=""/177, 0xb1}], 0x1}}, {{0x0, 0x0, &(0x7f0000003980), 0x0, &(0x7f00000039c0)=[@cred={{0x1c}}], 0x20}}], 0x6, 0x11000, 0x0)
ioperm(0x0, 0x2534, 0x8)
socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_IO_FLUSHER(0x3a, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000980)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r4, &(0x7f00000009c0)={0x1d, r6, 0x1, {}, 0x2}, 0x18)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
recvmsg$can_j1939(r8, &(0x7f0000000000)={&(0x7f0000000440)=@pppol2tpin6={0x18, 0x1, {0x0, <r9=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, 0x0}, 0x20000000)
close_range(r9, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

518.226823ms ago: executing program 2 (id=3712):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r1, 0x0, 0x11203}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}, @IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

381.785385ms ago: executing program 2 (id=3713):
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x180000)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioperm(0x0, 0x0, 0xc)
getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
chdir(0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000300)={{0x2, 0x0, 0x1, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x3e, r1, 0x1, 0x0, 'syz1\x00', &(0x7f0000000080)=['syz0\x00'], 0x5})
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f0000001940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$x25(r0, &(0x7f0000000080)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x12)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4'], 0x34}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r2, 0xc008af12, &(0x7f00000001c0))

0s ago: executing program 0 (id=3714):
open(&(0x7f00000004c0)='./file0\x00', 0xa8062, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioperm(0x0, 0x1, 0xffffffffffffffff)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0x7ffffffb)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000bc0)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@acl}, {@dioread_lock}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0xaca43a, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
chdir(&(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)=""/55, 0x37}], 0x1}, 0x0)
read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000083c0)="61ddaf21c1282a5a6352f350c2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009885f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff418fe4bd892d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4dbcacea29d4554d2d95ed4444e9bcbd6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f32574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152aefdc45eac6ff786dae370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee1482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa35e548ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f5823", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)

kernel console output (not intermixed with test programs):

g interface: batadv_slave_0
[ 1054.306150][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1054.313615][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1054.342762][ T7165] veth1_macvtap: left promiscuous mode
[ 1054.348645][ T7165] veth0_macvtap: left promiscuous mode
[ 1054.354304][ T7165] veth1_vlan: left promiscuous mode
[ 1054.359948][ T7165] veth0_vlan: left promiscuous mode
[ 1054.655568][ T5225] Bluetooth: hci2: command tx timeout
[ 1054.744860][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.753206][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1055.035102][ T7165] team0 (unregistering): Port device team_slave_1 removed
[ 1055.092402][ T7165] team0 (unregistering): Port device team_slave_0 removed
[ 1055.615457][ T5225] Bluetooth: hci6: command tx timeout
[ 1055.731325][T17519] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1055.738724][T17519] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1055.750338][T17519] bridge_slave_0: entered allmulticast mode
[ 1055.757661][T17519] bridge_slave_0: entered promiscuous mode
[ 1055.765628][T17526] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1055.783778][T17526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1055.811609][T17526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1055.829540][T17512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1055.849517][T17519] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1055.857647][T17519] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1055.865014][T17519] bridge_slave_1: entered allmulticast mode
[ 1055.872464][T17519] bridge_slave_1: entered promiscuous mode
[ 1055.901655][T17526] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1055.908730][T17526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1055.958171][T17526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1055.977181][T17512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1056.083956][T17512] team0: Port device team_slave_0 added
[ 1056.096832][T17512] team0: Port device team_slave_1 added
[ 1056.114659][T17519] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1056.128646][T17519] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1056.154700][T17529] hsr_slave_0: entered promiscuous mode
[ 1056.161635][T17529] hsr_slave_1: entered promiscuous mode
[ 1056.168721][T17529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1056.176472][T17529] Cannot create hsr debugfs directory
[ 1056.265006][T17512] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1056.273146][T17512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.306139][T17512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1056.330821][T17519] team0: Port device team_slave_0 added
[ 1056.340756][T17519] team0: Port device team_slave_1 added
[ 1056.351577][T17526] hsr_slave_0: entered promiscuous mode
[ 1056.358035][T17526] hsr_slave_1: entered promiscuous mode
[ 1056.364196][T17526] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1056.372533][T17526] Cannot create hsr debugfs directory
[ 1056.381007][T17512] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1056.389702][T17512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.416856][T17512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1056.466950][T17519] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1056.474033][T17519] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.503371][T17519] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1056.550779][T17519] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1056.558158][T17519] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.584559][T17519] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1056.729556][T17519] hsr_slave_0: entered promiscuous mode
[ 1056.736859][T17519] hsr_slave_1: entered promiscuous mode
[ 1056.743352][T17519] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1056.760724][T17519] Cannot create hsr debugfs directory
[ 1056.804125][T17512] hsr_slave_0: entered promiscuous mode
[ 1056.811116][T17512] hsr_slave_1: entered promiscuous mode
[ 1056.819994][T17512] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1056.828280][T17512] Cannot create hsr debugfs directory
[ 1057.046633][ T7165] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1057.058792][ T7165] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.147957][ T7165] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1057.159469][ T7165] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.205371][  T941] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1057.264362][ T7165] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1057.277626][ T7165] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.367860][ T7165] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1057.378282][ T7165] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.422540][  T941] usb 1-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 1057.432200][  T941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1057.440434][  T941] usb 1-1: Product: syz
[ 1057.444630][  T941] usb 1-1: Manufacturer: syz
[ 1057.458416][  T941] usb 1-1: SerialNumber: syz
[ 1057.470427][  T941] usb 1-1: config 0 descriptor??
[ 1057.482622][  T941] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 1057.548989][ T7165] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.644792][ T7165] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.686577][  T941] sonixb 1-1:0.0: Error reading register 00: -32
[ 1057.694771][  T941] usb 1-1: USB disconnect, device number 24
[ 1057.736631][ T7165] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.819734][ T7165] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.982820][ T7165] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.080649][ T7165] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.157763][ T7165] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.237972][ T7165] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.354560][ T7165] bridge_slave_1: left allmulticast mode
[ 1058.375387][ T7165] bridge_slave_1: left promiscuous mode
[ 1058.381097][ T7165] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1058.390892][ T7165] bridge_slave_0: left allmulticast mode
[ 1058.402039][ T7165] bridge_slave_0: left promiscuous mode
[ 1058.417768][ T7165] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1058.432092][ T7165] bridge_slave_1: left allmulticast mode
[ 1058.445224][ T7165] bridge_slave_1: left promiscuous mode
[ 1058.451085][ T7165] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1058.466456][ T7165] bridge_slave_0: left allmulticast mode
[ 1058.472155][ T7165] bridge_slave_0: left promiscuous mode
[ 1058.484131][ T7165] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1058.493786][ T7165] bridge_slave_1: left allmulticast mode
[ 1058.499827][ T7165] bridge_slave_1: left promiscuous mode
[ 1058.506637][ T7165] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1058.529387][ T7165] bridge_slave_0: left allmulticast mode
[ 1058.535060][ T7165] bridge_slave_0: left promiscuous mode
[ 1058.541025][ T7165] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1059.684916][ T7165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1059.701378][ T7165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1059.711746][ T7165] bond0 (unregistering): Released all slaves
[ 1059.952889][ T7165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1059.974480][ T7165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1059.988062][ T7165] bond0 (unregistering): Released all slaves
[ 1060.368510][ T7165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1060.381109][ T7165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1060.392262][ T7165] bond0 (unregistering): Released all slaves
[ 1060.539305][ T7165] tipc: Left network mode
[ 1060.552582][T17601] loop0: detected capacity change from 0 to 128
[ 1060.604052][T17601] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1060.617628][T17601] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1060.755034][T15921] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1060.980940][T17526] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1060.990557][T17526] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1061.026666][T17609] 9pnet_fd: Insufficient options for proto=fd
[ 1061.034400][T17608] netlink: 'syz.0.3289': attribute type 10 has an invalid length.
[ 1061.044757][T17608] bond0: (slave bond_slave_0): Releasing backup interface
[ 1061.157000][T17526] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1061.181050][T17526] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1061.679924][T17526] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1061.746430][ T7165] hsr_slave_0: left promiscuous mode
[ 1061.759808][ T7165] hsr_slave_1: left promiscuous mode
[ 1061.776840][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1061.784368][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1061.799614][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1061.807647][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1061.821341][ T7165] hsr_slave_0: left promiscuous mode
[ 1061.831003][ T7165] hsr_slave_1: left promiscuous mode
[ 1061.836999][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1061.844462][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1061.852763][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1061.860269][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1061.873061][ T7165] hsr_slave_0: left promiscuous mode
[ 1061.879320][ T7165] hsr_slave_1: left promiscuous mode
[ 1061.890176][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1061.897675][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1061.906175][ T7165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1061.913596][ T7165] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1061.973350][ T7165] veth1_macvtap: left promiscuous mode
[ 1061.978983][ T7165] veth0_macvtap: left promiscuous mode
[ 1061.984563][ T7165] veth1_vlan: left promiscuous mode
[ 1061.989930][ T7165] veth0_vlan: left promiscuous mode
[ 1062.000123][ T7165] veth1_macvtap: left promiscuous mode
[ 1062.005756][ T7165] veth0_macvtap: left promiscuous mode
[ 1062.011382][ T7165] veth1_vlan: left promiscuous mode
[ 1062.017625][ T7165] veth0_vlan: left promiscuous mode
[ 1062.024201][ T7165] veth1_macvtap: left promiscuous mode
[ 1062.029961][ T7165] veth0_macvtap: left promiscuous mode
[ 1062.036833][ T7165] veth1_vlan: left promiscuous mode
[ 1062.042207][ T7165] veth0_vlan: left promiscuous mode
[ 1062.889781][ T7165] team0 (unregistering): Port device team_slave_1 removed
[ 1062.953275][ T7165] team0 (unregistering): Port device team_slave_0 removed
[ 1062.975588][ T5334] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1063.213832][ T5334] usb 1-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 1063.223513][ T5334] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1063.245806][ T5334] usb 1-1: Product: syz
[ 1063.249981][ T5334] usb 1-1: Manufacturer: syz
[ 1063.254652][ T5334] usb 1-1: SerialNumber: syz
[ 1063.276761][ T5334] usb 1-1: config 0 descriptor??
[ 1063.286840][ T5334] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 1063.512470][ T5334] sonixb 1-1:0.0: Error reading register 00: -32
[ 1063.529743][ T5334] usb 1-1: USB disconnect, device number 25
[ 1064.043781][ T7165] team0 (unregistering): Port device team_slave_1 removed
[ 1064.117855][ T7165] team0 (unregistering): Port device team_slave_0 removed
[ 1065.261753][ T7165] team0 (unregistering): Port device team_slave_1 removed
[ 1065.324288][ T7165] team0 (unregistering): Port device team_slave_0 removed
[ 1065.975462][T17526] 8021q: adding VLAN 0 to HW filter on device team0
[ 1066.022106][   T29] audit: type=1326 audit(1722671170.534:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.0.3294" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9abef779f9 code=0x0
[ 1066.052995][T17519] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1066.092342][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1066.099541][ T5334] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1066.120861][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1066.128056][ T5334] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1066.157184][T17519] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1066.207274][T17628] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3294'.
[ 1066.229594][T17628] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1066.238552][T17628] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1066.247312][T17628] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1066.256138][T17628] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1066.265413][T17628] vxlan0: entered promiscuous mode
[ 1066.276429][T17519] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1066.300097][T17519] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1066.572823][T17519] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1066.642364][T17519] 8021q: adding VLAN 0 to HW filter on device team0
[ 1066.679264][  T941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1066.686462][  T941] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1066.764580][ T5281] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1066.771744][ T5281] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1066.860317][T17512] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1066.926631][T17526] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1066.933863][T17512] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1066.971531][T17512] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1067.000712][T17512] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1067.033121][T17519] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1067.059384][T17519] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1067.247762][T17529] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1067.290986][T17529] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1067.322223][T17526] veth0_vlan: entered promiscuous mode
[ 1067.341519][T17529] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1067.374576][T17529] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1067.541430][T17526] veth1_vlan: entered promiscuous mode
[ 1068.560904][T17519] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1068.753316][T17526] veth0_macvtap: entered promiscuous mode
[ 1068.771341][T17512] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1068.783716][T17526] veth1_macvtap: entered promiscuous mode
[ 1068.854135][T17526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1068.870089][T17526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1068.887380][T17526] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1068.946566][T17519] veth0_vlan: entered promiscuous mode
[ 1068.959759][T17529] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1068.996895][T17526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1069.021474][T17526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1069.034324][T17526] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1069.057756][T17512] 8021q: adding VLAN 0 to HW filter on device team0
[ 1069.103100][T16028] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1069.110324][T16028] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1069.120552][T16028] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1069.127726][T16028] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1069.141215][T17526] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.150828][T17526] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.160601][T17526] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.170363][T17526] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.202092][T17519] veth1_vlan: entered promiscuous mode
[ 1069.248204][T17529] 8021q: adding VLAN 0 to HW filter on device team0
[ 1069.292442][  T941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1069.299673][  T941] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1069.322310][  T941] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1069.329507][  T941] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1069.384602][T17519] veth0_macvtap: entered promiscuous mode
[ 1069.403274][T17519] veth1_macvtap: entered promiscuous mode
[ 1069.409415][ T5281] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1069.455122][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1069.464805][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1069.468373][T17519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1069.484272][T17519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1069.497070][T17519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1069.508033][T17519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1069.519592][T17519] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1069.585447][ T7167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1069.593314][ T7167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1069.601333][T17519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1069.613448][T17519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1069.632225][T17519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1069.643140][T17519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1069.657492][ T5281] usb 1-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1069.666827][ T5281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1069.674915][ T5281] usb 1-1: Product: syz
[ 1069.677696][T17519] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1069.679334][ T5281] usb 1-1: Manufacturer: syz
[ 1069.690988][ T5281] usb 1-1: SerialNumber: syz
[ 1069.695526][T17519] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.704638][T17519] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.706696][ T5281] usb 1-1: config 0 descriptor??
[ 1069.721037][T17519] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.723701][ T5281] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1069.736570][T17519] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.769468][T17529] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1069.945077][T17512] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1070.127273][T17675] loop0: detected capacity change from 0 to 6
[ 1070.138452][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1070.152962][T17675] Dev loop0: unable to read RDB block 6
[ 1070.184301][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1070.205885][T17675]  loop0: unable to read partition table
[ 1070.243824][T17675] loop0: partition table beyond EOD, truncated
[ 1070.249726][ T5281] gspca_sunplus: reg_r err -110
[ 1070.255148][ T5281] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[ 1070.288199][T17675] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[ 1070.288199][T17675] 
) failed (rc=-5)
[ 1070.316057][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1070.357607][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1070.470279][T17529] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1071.584661][T17529] veth0_vlan: entered promiscuous mode
[ 1071.735217][T17529] veth1_vlan: entered promiscuous mode
[ 1071.763723][T17512] veth0_vlan: entered promiscuous mode
[ 1071.813047][T17529] veth0_macvtap: entered promiscuous mode
[ 1071.842931][T17529] veth1_macvtap: entered promiscuous mode
[ 1071.860378][T17512] veth1_vlan: entered promiscuous mode
[ 1072.010011][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.027854][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.041237][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.065367][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.103041][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.134421][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.151668][T17529] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1072.192997][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.206429][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.221367][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.235320][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.249048][T17529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.262864][T17529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.281376][T17529] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1072.321654][T17512] veth0_macvtap: entered promiscuous mode
[ 1072.340151][T17529] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.350526][T17529] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.361341][T17529] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.375357][T17529] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.400998][T17512] veth1_macvtap: entered promiscuous mode
[ 1072.522978][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.543226][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.555020][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.579291][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.605663][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.620836][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.631025][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.651381][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.682762][T17512] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1072.722217][ T7165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1072.737342][ T7165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1072.797123][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.836866][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.864504][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.925772][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.951870][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.991987][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1073.038421][T17512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1073.060817][T17640] usb 1-1: USB disconnect, device number 26
[ 1073.078190][T17512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1073.107081][T17512] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1073.153098][T17512] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1073.171961][T17512] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1073.181100][T17512] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1073.196731][T17512] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1073.265070][ T7165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1073.304324][ T7165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1073.503657][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1073.533867][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1073.624678][ T7174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1073.643272][ T7174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1075.915439][ T5278] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1076.109459][ T5278] usb 4-1: Using ep0 maxpacket: 8
[ 1076.166161][ T5278] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1076.296036][ T5278] usb 4-1: config 0 has no interface number 0
[ 1076.728529][ T5278] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1076.843130][ T5278] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1076.890021][ T5278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.946218][ T5278] usb 4-1: config 0 descriptor??
[ 1076.973158][ T5278] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1077.277282][ T5278] usb 4-1: USB disconnect, device number 26
[ 1077.875106][ T5278] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[ 1079.059355][T17773] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1079.075601][T17773] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[ 1079.084380][T17773] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1079.100238][T17773] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[ 1079.135587][ T5278] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1079.602307][T17783] gtp0: entered promiscuous mode
[ 1079.621584][T17783] gtp0: entered allmulticast mode
[ 1079.935455][ T5334] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1080.155350][ T5334] usb 3-1: Using ep0 maxpacket: 16
[ 1080.164723][ T5334] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1080.198244][ T5334] usb 3-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.40
[ 1080.215299][ T5334] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1080.235314][ T5334] usb 3-1: Product: syz
[ 1080.240714][ T5334] usb 3-1: Manufacturer: syz
[ 1080.255246][ T5334] usb 3-1: SerialNumber: syz
[ 1080.272581][ T5334] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input50
[ 1081.024737][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1081.137900][ T5334] usb 3-1: USB disconnect, device number 38
[ 1081.149436][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1081.302231][T17793] loop0: detected capacity change from 0 to 32768
[ 1081.374815][T17793] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1081.424449][T17793] XFS (loop0): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1081.502895][T17825] xt_hashlimit: max too large, truncated to 1048576
[ 1081.509238][T17793] XFS (loop0): Quotacheck needed: Please wait.
[ 1081.509911][T17825] xt_hashlimit: overflow, try lower: 0/0
[ 1081.706610][T17793] XFS (loop0): Quotacheck: Done.
[ 1081.797228][T17793] 9pnet_fd: Insufficient options for proto=fd
[ 1081.934923][T15921] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1083.870100][T17861] loop1: detected capacity change from 0 to 2048
[ 1083.957652][T17861]  loop1: p1 < > p3
[ 1083.965551][T17861] loop1: p3 size 134217728 extends beyond EOD, truncated
[ 1084.243506][T17878] loop1: detected capacity change from 0 to 1024
[ 1084.273509][T17878] EXT4-fs error (device loop1): __ext4_fill_super:5435: inode #2: comm syz.1.3360: casefold flag without casefold feature
[ 1084.311328][T17878] EXT4-fs (loop1): get root inode failed
[ 1084.317214][T17878] EXT4-fs (loop1): mount failed
[ 1084.735340][ T5334] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1084.945751][ T5334] usb 1-1: Using ep0 maxpacket: 8
[ 1085.043791][ T5334] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1085.044287][ T5334] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1085.044607][ T5334] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1085.045163][ T5334] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1085.049096][ T5334] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1085.049410][ T5334] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1085.343456][ T5334] usb 1-1: GET_CAPABILITIES returned 0
[ 1085.343510][ T5334] usbtmc 1-1:16.0: can't read capabilities
[ 1085.554091][ T5334] usb 1-1: USB disconnect, device number 27
[ 1085.638133][T17879] loop3: detected capacity change from 0 to 32768
[ 1085.683501][T17879] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[ 1085.697723][T17879] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1085.745395][T17879] XFS (loop3): Quotacheck needed: Please wait.
[ 1085.838840][T17879] XFS (loop3): Quotacheck: Done.
[ 1085.858151][T17879] 9pnet_fd: Insufficient options for proto=fd
[ 1085.889189][T17519] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1086.144793][T17910] infiniband {yz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1086.242468][T17914] loop0: detected capacity change from 0 to 2048
[ 1086.263830][T17913] loop4: detected capacity change from 0 to 256
[ 1086.445751][T17914]  loop0: p1 < > p3
[ 1086.455589][T17914] loop0: p3 size 134217728 extends beyond EOD, truncated
[ 1087.462740][T17913] FAT-fs (loop4): IO charset iso	 not found
[ 1087.787323][ T5334] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 1087.977597][ T5334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[ 1088.011026][ T5334] usb 5-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=d4.fd
[ 1088.030936][ T5334] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1088.075604][ T5334] usb 5-1: Product: syz
[ 1088.098431][ T5334] usb 5-1: Manufacturer: syz
[ 1088.124525][ T5334] usb 5-1: SerialNumber: syz
[ 1088.147899][ T5334] usb 5-1: config 0 descriptor??
[ 1088.437338][ T5334] usb 5-1: USB disconnect, device number 51
[ 1088.473091][ T5225] Bluetooth: hci7: unexpected event for opcode 0x0c12
[ 1088.816458][T17963] kvm: emulating exchange as write
[ 1092.415724][T18029] 9pnet_fd: Insufficient options for proto=fd
[ 1092.478068][T18031] loop3: detected capacity change from 0 to 2048
[ 1092.546206][T18031]  loop3: p1 < > p3
[ 1092.568922][T18031] loop3: p3 size 134217728 extends beyond EOD, truncated
[ 1092.577881][   T29] audit: type=1326 audit(1722671197.094:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18038 comm="syz.0.3413" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9abef779f9 code=0x0
[ 1092.754331][T18046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3413'.
[ 1094.765937][T18063] loop2: detected capacity change from 0 to 2048
[ 1094.838740][T18063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1094.961734][T18063] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1094.998948][T18063] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1095.020515][T18056] loop0: detected capacity change from 0 to 32768
[ 1095.090355][T17526] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1095.158774][T18056] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1095.168937][T18056] XFS (loop0): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1095.257825][T18082] netlink: 'syz.4.3426': attribute type 3 has an invalid length.
[ 1095.267127][T18082] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.3426'.
[ 1095.316442][T18056] XFS (loop0): Quotacheck needed: Please wait.
[ 1095.417653][   T29] audit: type=1326 audit(1722671199.924:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.2.3427" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d92d779f9 code=0x0
[ 1095.568440][T18056] XFS (loop0): Quotacheck: Done.
[ 1095.595859][T18056] 9pnet_fd: Insufficient options for proto=fd
[ 1095.637227][T15921] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1098.335465][T18109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3433'.
[ 1098.345222][    C1] DEBUG: holding rtnl_mutex for 557 jiffies.
[ 1098.351297][    C1] task:syz.1.3415      state:R  running task     stack:24672 pid:18044 tgid:18044 ppid:17529  flags:0x00004006
[ 1098.363277][    C1] Call Trace:
[ 1098.366589][    C1]  <TASK>
[ 1098.369523][    C1]  __schedule+0x1800/0x4a60
[ 1098.374051][    C1]  ? __pfx___schedule+0x10/0x10
[ 1098.378955][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1098.384030][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1098.390004][    C1]  ? schedule+0x90/0x320
[ 1098.394312][    C1]  schedule+0x14b/0x320
[ 1098.398517][    C1]  synchronize_rcu_expedited+0x684/0x830
[ 1098.404170][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[ 1098.410377][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 1098.415712][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1098.421032][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1098.427069][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1098.433164][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1098.439557][    C1]  synchronize_rcu+0x11b/0x360
[ 1098.444434][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[ 1098.449785][    C1]  lockdep_unregister_key+0x4b7/0x540
[ 1098.455159][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[ 1098.461100][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1098.466352][    C1]  ? __qdisc_destroy+0x150/0x410
[ 1098.471301][    C1]  ? kfree+0x149/0x360
[ 1098.475422][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[ 1098.480982][    C1]  __qdisc_destroy+0x165/0x410
[ 1098.485809][    C1]  dev_shutdown+0x9b/0x450
[ 1098.490282][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[ 1098.496686][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1098.503505][    C1]  ? mark_lock+0x9a/0x360
[ 1098.507922][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1098.513936][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1098.520302][    C1]  ? __queue_work+0x199/0xf50
[ 1098.524984][    C1]  ? queue_delayed_work_on+0x1eb/0x390
[ 1098.530467][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1098.535719][    C1]  unregister_netdevice_queue+0x303/0x370
[ 1098.541466][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1098.547763][    C1]  __tun_detach+0x6b9/0x1600
[ 1098.552383][    C1]  tun_chr_close+0x108/0x1b0
[ 1098.557017][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[ 1098.562170][    C1]  __fput+0x24a/0x8a0
[ 1098.566222][    C1]  task_work_run+0x24f/0x310
[ 1098.570829][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1098.575980][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1098.581721][    C1]  syscall_exit_to_user_mode+0x168/0x370
[ 1098.587403][    C1]  do_syscall_64+0x100/0x230
[ 1098.592010][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1098.596726][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1098.602816][    C1] RIP: 0033:0x7f3f13d779f9
[ 1098.607357][    C1] RSP: 002b:00007ffd2457acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1098.615832][    C1] RAX: 0000000000000000 RBX: 000000000010ac40 RCX: 00007f3f13d779f9
[ 1098.623900][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1098.631894][    C1] RBP: 00007ffd2457add0 R08: 0000000000000001 R09: 00007ffd2457afdf
[ 1098.639886][    C1] R10: 00007f3f13c00000 R11: 0000000000000246 R12: 0000000000000032
[ 1098.647889][    C1] R13: 00007ffd2457adf0 R14: 00007ffd2457ae10 R15: ffffffffffffffff
[ 1098.655931][    C1]  </TASK>
[ 1098.658955][    C1] DEBUG: waiting rtnl_mutex for 589 jiffies.
[ 1098.664915][    C1] task:kworker/0:7     state:D stack:21232 pid:5281  tgid:5281  ppid:2      flags:0x00004000
[ 1098.675095][    C1] Workqueue: events linkwatch_event
[ 1098.680344][    C1] Call Trace:
[ 1098.683635][    C1]  <TASK>
[ 1098.686620][    C1]  __schedule+0x1800/0x4a60
[ 1098.691153][    C1]  ? __pfx___schedule+0x10/0x10
[ 1098.696049][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1098.702062][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1098.707145][    C1]  ? kick_pool+0x1bd/0x620
[ 1098.711596][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1098.716957][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1098.722180][    C1]  ? schedule+0x90/0x320
[ 1098.726458][    C1]  schedule+0x14b/0x320
[ 1098.730628][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1098.736125][    C1]  __mutex_lock+0x6a4/0xd70
[ 1098.740639][    C1]  ? __mutex_lock+0x527/0xd70
[ 1098.745347][    C1]  ? linkwatch_event+0xe/0x60
[ 1098.750036][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1098.755058][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1098.760011][    C1]  ? process_scheduled_works+0x945/0x1830
[ 1098.765773][    C1]  linkwatch_event+0xe/0x60
[ 1098.770291][    C1]  process_scheduled_works+0xa2c/0x1830
[ 1098.775342][ T5309] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1098.775883][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1098.789396][    C1]  ? assign_work+0x364/0x3d0
[ 1098.794011][    C1]  worker_thread+0x86d/0xd40
[ 1098.798715][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1098.804628][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1098.809703][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1098.814825][    C1]  kthread+0x2f0/0x390
[ 1098.818939][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1098.824082][    C1]  ? __pfx_kthread+0x10/0x10
[ 1098.828737][    C1]  ret_from_fork+0x4b/0x80
[ 1098.833194][    C1]  ? __pfx_kthread+0x10/0x10
[ 1098.837826][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1098.842590][    C1]  </TASK>
[ 1098.845641][    C1] 
[ 1098.845641][    C1] Showing all locks held in the system:
[ 1098.853379][    C1] 2 locks held by getty/4983:
[ 1098.858062][    C1]  #0: ffff88802b58f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1098.867855][    C1]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1098.878034][    C1] 3 locks held by kworker/0:7/5281:
[ 1098.883218][    C1]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1098.894290][    C1]  #1: ffffc9000439fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1098.905302][    C1]  #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 1098.914326][    C1] 6 locks held by kworker/0:8/5309:
[ 1098.919539][    C1]  #0: ffff88801d2fdd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1098.930874][    C1]  #1: ffffc9000447fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1098.942849][    C1]  #2: ffff888024a85190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 1098.951835][    C1]  #3: ffff888024af0518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[ 1098.961829][    C1]  #4: ffff88801a777f68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[ 1098.970143][ T5309] usb 1-1: Using ep0 maxpacket: 16
[ 1098.971912][    C1]  #5: ffffc90000007c00 ((&dsp_spl_tl)){+.-.}-{0:0}, at: srcu_read_lock+0x24/0x50
[ 1098.979539][ T5309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1098.986382][    C1] 2 locks held by syz.1.3415/18044:
[ 1098.986405][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1098.986471][    C1]  #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[ 1098.986535][    C1] 1 lock held by syz.3.3419/18053:
[ 1098.986548][    C1]  #0: ffffffff8fc81d48
[ 1099.002586][ T5309] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1099.002851][    C1]  (
[ 1099.012788][ T5309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.022662][    C1] rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1099.022721][    C1] 3 locks held by syz.4.3426/18082:
[ 1099.022736][    C1]  #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 1099.022800][    C1]  #1: ffff888058d8e678 (nlk_cb_mutex-GENERIC){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790
[ 1099.022864][    C1]  #2: ffffffff8fc81d48
[ 1099.034842][ T5309] usb 1-1: config 0 descriptor??
[ 1099.041177][    C1]  (rtnl_mutex){+.+.}-{3:3}, at: nl80211_prepare_wdev_dump+0x3fb/0x6c0
[ 1099.100177][    C1] 1 lock held by syz.2.3427/18088:
[ 1099.105321][    C1]  #0: ffff88802dc38868 (&pipe->mutex){+.+.}-{3:3}, at: pipe_write+0xd60/0x1a40
[ 1099.114429][    C1] 2 locks held by syz.2.3427/18089:
[ 1099.119681][    C1]  #0: ffff88802dc38868 (&pipe->mutex){+.+.}-{3:3}, at: splice_to_socket+0xee/0x10b0
[ 1099.129223][    C1]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1099.138708][    C1] 1 lock held by syz.0.3433/18108:
[ 1099.143834][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1099.153320][    C1] 4 locks held by syz.0.3433/18109:
[ 1099.158574][    C1]  #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 1099.166861][    C1]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[ 1099.176192][    C1]  #2: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[ 1099.186394][    C1]  #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1099.196344][    C1] 
[ 1099.198681][    C1] =============================================
[ 1099.198681][    C1] 
[ 1099.476907][T18110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1099.494139][T18110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1099.531471][ T5309] hid (null): unknown global tag 0xc
[ 1099.544355][ T5309] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1
[ 1099.552355][ T5309] hid-generic 0003:0158:0100.0009: unexpected long global item
[ 1099.560808][ T5309] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22
[ 1100.260355][    C1] DEBUG: waiting rtnl_mutex for 555 jiffies.
[ 1100.266441][    C1] task:syz.3.3419      state:D stack:24672 pid:18053 tgid:18053 ppid:17519  flags:0x00000004
[ 1100.276683][    C1] Call Trace:
[ 1100.279985][    C1]  <TASK>
[ 1100.282942][    C1]  __schedule+0x1800/0x4a60
[ 1100.287530][    C1]  ? __pfx___schedule+0x10/0x10
[ 1100.292419][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1100.297509][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[ 1100.303008][    C1]  ? schedule+0x90/0x320
[ 1100.307337][    C1]  schedule+0x14b/0x320
[ 1100.311528][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1100.317024][    C1]  __mutex_lock+0x6a4/0xd70
[ 1100.321539][    C1]  ? __mutex_lock+0x527/0xd70
[ 1100.326256][    C1]  ? tun_chr_close+0x3e/0x1b0
[ 1100.330954][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.336030][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1100.341000][    C1]  tun_chr_close+0x3e/0x1b0
[ 1100.345556][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[ 1100.350707][    C1]  __fput+0x24a/0x8a0
[ 1100.354695][    C1]  task_work_run+0x24f/0x310
[ 1100.359326][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1100.364440][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1100.370620][    C1]  syscall_exit_to_user_mode+0x168/0x370
[ 1100.376342][    C1]  do_syscall_64+0x100/0x230
[ 1100.380987][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1100.385710][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.391674][    C1] RIP: 0033:0x7fdc487779f9
[ 1100.396138][    C1] RSP: 002b:00007ffdc54d9818 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1100.404570][    C1] RAX: 0000000000000000 RBX: 00007fdc48907a80 RCX: 00007fdc487779f9
[ 1100.412599][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1100.420892][    C1] RBP: 00007fdc48907a80 R08: 0000000000000006 R09: 00007ffdc54d9aff
[ 1100.428905][    C1] R10: 00000000003ff808 R11: 0000000000000246 R12: 000000000010b418
[ 1100.436941][    C1] R13: 00007ffdc54d9910 R14: 00007ffdc54d9930 R15: ffffffffffffffff
[ 1100.444969][    C1]  </TASK>
[ 1100.448048][    C1] DEBUG: waiting rtnl_mutex for 516 jiffies.
[ 1100.454043][    C1] task:syz.4.3426      state:D stack:23800 pid:18082 tgid:18081 ppid:17512  flags:0x00004004
[ 1100.464254][    C1] Call Trace:
[ 1100.467571][    C1]  <TASK>
[ 1100.471030][    C1]  __schedule+0x1800/0x4a60
[ 1100.475608][    C1]  ? __pfx___schedule+0x10/0x10
[ 1100.480490][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1100.485563][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[ 1100.491077][    C1]  ? schedule+0x90/0x320
[ 1100.495383][    C1]  schedule+0x14b/0x320
[ 1100.499570][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1100.505025][    C1]  __mutex_lock+0x6a4/0xd70
[ 1100.509558][    C1]  ? __mutex_lock+0x527/0xd70
[ 1100.514230][    C1]  ? nl80211_prepare_wdev_dump+0x3fb/0x6c0
[ 1100.520063][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.525093][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1100.530055][    C1]  nl80211_prepare_wdev_dump+0x3fb/0x6c0
[ 1100.535740][    C1]  nl80211_dump_station+0x177/0x780
[ 1100.540982][    C1]  ? __pfx_nl80211_dump_station+0x10/0x10
[ 1100.546801][    C1]  ? __build_skb_around+0x245/0x3d0
[ 1100.552035][    C1]  ? __alloc_skb+0x28f/0x440
[ 1100.556702][    C1]  ? __pfx___alloc_skb+0x10/0x10
[ 1100.561672][    C1]  genl_dumpit+0x107/0x1a0
[ 1100.566182][    C1]  netlink_dump+0x647/0xd80
[ 1100.570733][    C1]  ? __pfx_netlink_dump+0x10/0x10
[ 1100.575921][    C1]  ? __asan_memset+0x23/0x50
[ 1100.580545][    C1]  ? genl_start+0x4a8/0x6d0
[ 1100.585087][    C1]  __netlink_dump_start+0x5a2/0x790
[ 1100.590331][    C1]  genl_rcv_msg+0x88c/0xec0
[ 1100.594841][    C1]  ? mark_lock+0x9a/0x360
[ 1100.599251][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1100.604304][    C1]  ? __pfx_genl_start+0x10/0x10
[ 1100.609177][    C1]  ? __pfx_genl_dumpit+0x10/0x10
[ 1100.614110][    C1]  ? __pfx_genl_done+0x10/0x10
[ 1100.618909][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1100.624019][    C1]  ? __pfx_nl80211_dump_station+0x10/0x10
[ 1100.629771][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1100.635061][    C1]  netlink_rcv_skb+0x1e3/0x430
[ 1100.639848][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1100.644877][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1100.650190][    C1]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1100.655708][    C1]  genl_rcv+0x28/0x40
[ 1100.659707][    C1]  netlink_unicast+0x7f6/0x990
[ 1100.664469][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[ 1100.669773][    C1]  ? __virt_addr_valid+0x183/0x530
[ 1100.674877][    C1]  ? __check_object_size+0x49c/0x900
[ 1100.680176][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1100.685329][    C1]  netlink_sendmsg+0x8e4/0xcb0
[ 1100.690120][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1100.695447][    C1]  ? __import_iovec+0x536/0x820
[ 1100.700317][    C1]  ? aa_sock_msg_perm+0x91/0x160
[ 1100.705293][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1100.710597][    C1]  ? security_socket_sendmsg+0x87/0xb0
[ 1100.716115][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1100.721427][    C1]  __sock_sendmsg+0x221/0x270
[ 1100.726266][    C1]  ____sys_sendmsg+0x525/0x7d0
[ 1100.731071][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1100.736433][    C1]  __sys_sendmsg+0x2b0/0x3a0
[ 1100.741045][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1100.746251][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1100.752610][    C1]  ? do_syscall_64+0x100/0x230
[ 1100.757441][    C1]  ? do_syscall_64+0xb6/0x230
[ 1100.762136][    C1]  do_syscall_64+0xf3/0x230
[ 1100.766661][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1100.771337][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.777275][    C1] RIP: 0033:0x7f058c5779f9
[ 1100.781711][    C1] RSP: 002b:00007f058d384048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1100.790171][    C1] RAX: ffffffffffffffda RBX: 00007f058c705f80 RCX: 00007f058c5779f9
[ 1100.798183][    C1] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 1100.806213][    C1] RBP: 00007f058c5e58ee R08: 0000000000000000 R09: 0000000000000000
[ 1100.814201][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1100.822239][    C1] R13: 000000000000000b R14: 00007f058c705f80 R15: 00007ffeb2bd7a88
[ 1100.830272][    C1]  </TASK>
[ 1100.833289][    C1] DEBUG: waiting rtnl_mutex for 524 jiffies.
[ 1100.839309][    C1] task:syz.2.3427      state:D stack:26112 pid:18089 tgid:18086 ppid:17526  flags:0x00004004
[ 1100.849558][    C1] Call Trace:
[ 1100.852858][    C1]  <TASK>
[ 1100.855838][    C1]  __schedule+0x1800/0x4a60
[ 1100.860401][    C1]  ? __pfx___schedule+0x10/0x10
[ 1100.865322][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1100.870380][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[ 1100.875888][    C1]  ? schedule+0x90/0x320
[ 1100.880150][    C1]  schedule+0x14b/0x320
[ 1100.884303][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1100.889783][    C1]  __mutex_lock+0x6a4/0xd70
[ 1100.894283][    C1]  ? __mutex_lock+0x527/0xd70
[ 1100.899001][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[ 1100.904132][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.909174][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1100.914120][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[ 1100.919096][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[ 1100.924231][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1100.929737][    C1]  ? ref_tracker_free+0x643/0x7e0
[ 1100.934787][    C1]  netlink_rcv_skb+0x1e3/0x430
[ 1100.939594][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1100.945076][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1100.950393][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1100.955638][    C1]  netlink_unicast+0x7f6/0x990
[ 1100.960431][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[ 1100.965756][    C1]  ? __virt_addr_valid+0x183/0x530
[ 1100.970889][    C1]  ? __check_object_size+0x49c/0x900
[ 1100.976228][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1100.981366][    C1]  netlink_sendmsg+0x8e4/0xcb0
[ 1100.986182][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1100.991571][    C1]  ? aa_sock_msg_perm+0x91/0x160
[ 1100.996548][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1101.001843][    C1]  ? security_socket_sendmsg+0x87/0xb0
[ 1101.007327][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1101.012621][    C1]  __sock_sendmsg+0x221/0x270
[ 1101.017350][    C1]  sock_sendmsg+0x134/0x200
[ 1101.021899][    C1]  ? __pfx_sock_sendmsg+0x10/0x10
[ 1101.026951][    C1]  ? iov_iter_bvec+0x4e/0x180
[ 1101.031624][    C1]  splice_to_socket+0xa13/0x10b0
[ 1101.036600][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1101.041652][    C1]  ? __pfx_splice_to_socket+0x10/0x10
[ 1101.047088][    C1]  ? __lock_acquire+0x1384/0x2050
[ 1101.052164][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[ 1101.057591][    C1]  ? security_file_permission+0x7f/0xa0
[ 1101.063167][    C1]  ? rw_verify_area+0x1d2/0x6b0
[ 1101.068062][    C1]  ? __pfx_splice_to_socket+0x10/0x10
[ 1101.073430][    C1]  do_splice+0xd77/0x1900
[ 1101.077811][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1101.082863][    C1]  ? pipe_clear_nowait+0x196/0x220
[ 1101.087995][    C1]  ? __pfx_do_splice+0x10/0x10
[ 1101.092758][    C1]  __se_sys_splice+0x331/0x4a0
[ 1101.097570][    C1]  ? __pfx___se_sys_splice+0x10/0x10
[ 1101.102963][    C1]  ? do_syscall_64+0x100/0x230
[ 1101.107759][    C1]  ? __x64_sys_splice+0x21/0xf0
[ 1101.112619][    C1]  do_syscall_64+0xf3/0x230
[ 1101.117167][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1101.121867][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.127956][    C1] RIP: 0033:0x7f2d92d779f9
[ 1101.132376][    C1] RSP: 002b:00007f2d93b97048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 1101.140830][    C1] RAX: ffffffffffffffda RBX: 00007f2d92f06130 RCX: 00007f2d92d779f9
[ 1101.148842][    C1] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000004
[ 1101.156859][    C1] RBP: 00007f2d92de58ee R08: 000000000004ffe6 R09: 0000000000000000
[ 1101.164855][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1101.172886][    C1] R13: 000000000000006e R14: 00007f2d92f06130 R15: 00007fffb8174e98
[ 1101.180922][    C1]  </TASK>
[ 1101.183938][    C1] DEBUG: holding rtnl_mutex for 841 jiffies.
[ 1101.190017][    C1] task:syz.1.3415      state:R  running task     stack:24672 pid:18044 tgid:18044 ppid:17529  flags:0x0000400e
[ 1101.201770][    C1] Call Trace:
[ 1101.205251][    C1]  <IRQ>
[ 1101.208101][    C1]  sched_show_task+0x506/0x6d0
[ 1101.212861][    C1]  ? report_rtnl_holders+0x2a5/0x400
[ 1101.218196][    C1]  ? __pfx__printk+0x10/0x10
[ 1101.222817][    C1]  ? __pfx_sched_show_task+0x10/0x10
[ 1101.228143][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1101.234038][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1101.240392][    C1]  report_rtnl_holders+0x327/0x400
[ 1101.245554][    C1]  call_timer_fn+0x18e/0x650
[ 1101.250178][    C1]  ? call_timer_fn+0xc0/0x650
[ 1101.254877][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1101.260556][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1101.265717][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1101.271396][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1101.277108][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1101.282765][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1101.288012][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1101.293234][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1101.298920][    C1]  __run_timer_base+0x66a/0x8e0
[ 1101.303832][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1101.309296][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1101.315692][    C1]  run_timer_softirq+0xb7/0x170
[ 1101.320544][    C1]  handle_softirqs+0x2c4/0x970
[ 1101.325438][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 1101.330297][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1101.335711][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1101.340933][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 1101.345585][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1101.350846][    C1]  irq_exit_rcu+0x9/0x30
[ 1101.355111][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1101.360807][    C1]  </IRQ>
[ 1101.363765][    C1]  <TASK>
[ 1101.366753][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1101.372785][    C1] RIP: 0010:synchronize_rcu+0x0/0x360
[ 1101.378227][    C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[ 1101.397894][    C1] RSP: 0018:ffffc900034e7838 EFLAGS: 00000206
[ 1101.403966][    C1] RAX: dffffc0000000000 RBX: 1ffff9200069cf10 RCX: ffffffff94f2f903
[ 1101.411965][    C1] RDX: 0000000000000001 RSI: ffffffff8c0ae240 RDI: ffffffff8c607c40
[ 1101.419960][    C1] RBP: ffffc900034e7918 R08: ffffffff94f1dd8f R09: 1ffffffff29e3bb1
[ 1101.427986][    C1] R10: dffffc0000000000 R11: fffffbfff29e3bb2 R12: ffffffff94f1aeb8
[ 1101.435999][    C1] R13: 1ffff9200069cf0c R14: 0000000000000207 R15: ffffc900034e7880
[ 1101.443972][    C1]  lockdep_unregister_key+0x4b7/0x540
[ 1101.449397][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[ 1101.455347][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1101.460581][    C1]  ? __qdisc_destroy+0x150/0x410
[ 1101.465571][    C1]  ? kfree+0x149/0x360
[ 1101.469670][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[ 1101.475771][    C1]  __qdisc_destroy+0x165/0x410
[ 1101.480527][    C1]  dev_shutdown+0x9b/0x450
[ 1101.484930][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[ 1101.491332][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1101.498151][    C1]  ? mark_lock+0x9a/0x360
[ 1101.502478][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1101.508492][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1101.514836][    C1]  ? __queue_work+0x199/0xf50
[ 1101.519529][    C1]  ? queue_delayed_work_on+0x1eb/0x390
[ 1101.524977][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1101.530195][    C1]  unregister_netdevice_queue+0x303/0x370
[ 1101.535961][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1101.542220][    C1]  __tun_detach+0x6b9/0x1600
[ 1101.546858][    C1]  tun_chr_close+0x108/0x1b0
[ 1101.551458][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[ 1101.556581][    C1]  __fput+0x24a/0x8a0
[ 1101.560564][    C1]  task_work_run+0x24f/0x310
[ 1101.565157][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1101.570337][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1101.576125][    C1]  syscall_exit_to_user_mode+0x168/0x370
[ 1101.581778][    C1]  do_syscall_64+0x100/0x230
[ 1101.586403][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1101.591094][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.597022][    C1] RIP: 0033:0x7f3f13d779f9
[ 1101.601469][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.621115][    C1] RSP: 002b:00007ffd2457acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1101.629557][    C1] RAX: 0000000000000000 RBX: 000000000010ac40 RCX: 00007f3f13d779f9
[ 1101.637549][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1101.645552][    C1] RBP: 00007ffd2457add0 R08: 0000000000000001 R09: 00007ffd2457afdf
[ 1101.653533][    C1] R10: 00007f3f13c00000 R11: 0000000000000246 R12: 0000000000000032
[ 1101.661520][    C1] R13: 00007ffd2457adf0 R14: 00007ffd2457ae10 R15: ffffffffffffffff
[ 1101.669558][    C1]  </TASK>
[ 1101.673026][    C1] DEBUG: waiting rtnl_mutex for 890 jiffies.
[ 1101.679017][    C1] task:kworker/0:7     state:D stack:21232 pid:5281  tgid:5281  ppid:2      flags:0x00004000
[ 1101.689224][    C1] Workqueue: events linkwatch_event
[ 1101.694446][    C1] Call Trace:
[ 1101.697746][    C1]  <TASK>
[ 1101.700668][    C1]  __schedule+0x1800/0x4a60
[ 1101.705208][    C1]  ? __pfx___schedule+0x10/0x10
[ 1101.710092][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1101.716141][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1101.721275][    C1]  ? kick_pool+0x1bd/0x620
[ 1101.725741][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1101.730959][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1101.736231][    C1]  ? schedule+0x90/0x320
[ 1101.740490][    C1]  schedule+0x14b/0x320
[ 1101.744644][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1101.750123][    C1]  __mutex_lock+0x6a4/0xd70
[ 1101.754618][    C1]  ? __mutex_lock+0x527/0xd70
[ 1101.759315][    C1]  ? linkwatch_event+0xe/0x60
[ 1101.763983][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1101.769048][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1101.774002][    C1]  ? process_scheduled_works+0x945/0x1830
[ 1101.779746][    C1]  linkwatch_event+0xe/0x60
[ 1101.784238][    C1]  process_scheduled_works+0xa2c/0x1830
[ 1101.789816][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1101.795841][    C1]  ? assign_work+0x364/0x3d0
[ 1101.800482][    C1]  worker_thread+0x86d/0xd40
[ 1101.805066][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1101.810994][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1101.816066][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1101.821200][    C1]  kthread+0x2f0/0x390
[ 1101.825299][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1101.830438][    C1]  ? __pfx_kthread+0x10/0x10
[ 1101.835048][    C1]  ret_from_fork+0x4b/0x80
[ 1101.839524][    C1]  ? __pfx_kthread+0x10/0x10
[ 1101.844118][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1101.848906][    C1]  </TASK>
[ 1101.851916][    C1] 
[ 1101.851916][    C1] Showing all locks held in the system:
[ 1101.859653][    C1] 2 locks held by kworker/u8:1/12:
[ 1101.864767][    C1]  #0: ffff8880b923ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1101.874738][    C1]  #1: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590
[ 1101.884244][    C1] 2 locks held by getty/4983:
[ 1101.888930][    C1]  #0: ffff88802b58f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1101.898713][    C1]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1101.908878][    C1] 3 locks held by kworker/0:7/5281:
[ 1101.914062][    C1]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1101.925045][    C1]  #1: ffffc9000439fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1101.936051][    C1]  #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 1101.945069][    C1] 3 locks held by syz.1.3415/18044:
[ 1101.950272][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1101.959299][    C1]  #1: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[ 1101.969457][    C1]  #2: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1101.979346][    C1] 1 lock held by syz.3.3419/18053:
[ 1101.984478][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1101.993522][    C1] 3 locks held by syz.4.3426/18082:
[ 1101.998754][    C1]  #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 1102.007004][    C1]  #1: ffff888058d8e678 (nlk_cb_mutex-GENERIC){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790
[ 1102.017568][    C1]  #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_prepare_wdev_dump+0x3fb/0x6c0
[ 1102.027731][    C1] 1 lock held by syz.2.3427/18088:
[ 1102.032825][    C1]  #0: ffff88802dc38868 (&pipe->mutex){+.+.}-{3:3}, at: pipe_write+0xd60/0x1a40
[ 1102.041915][    C1] 2 locks held by syz.2.3427/18089:
[ 1102.047141][    C1]  #0: ffff88802dc38868 (&pipe->mutex){+.+.}-{3:3}, at: splice_to_socket+0xee/0x10b0
[ 1102.056666][    C1]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1102.066138][    C1] 1 lock held by syz.0.3433/18108:
[ 1102.071228][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1102.080672][    C1] 2 locks held by syz.0.3433/18109:
[ 1102.085916][    C1]  #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 1102.094129][    C1]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[ 1102.103425][    C1] 
[ 1102.105783][    C1] =============================================
[ 1102.105783][    C1] 
[ 1102.273903][T18089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3427'.
[ 1102.312018][T18089] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1102.320844][T18089] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1102.329637][T18089] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1102.338551][T18089] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1102.347848][T18089] vxlan0: entered promiscuous mode
[ 1102.415781][T17640] usb 1-1: USB disconnect, device number 28
[ 1102.817362][   T29] audit: type=1326 audit(1722671207.324:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18139 comm="syz.0.3447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9abef779f9 code=0x0
[ 1102.972718][T18149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3447'.
[ 1103.155811][T18124] loop3: detected capacity change from 0 to 32768
[ 1103.200520][T18124] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[ 1103.211811][T18124] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1103.235357][ T5309] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1103.261386][T18124] XFS (loop3): Quotacheck needed: Please wait.
[ 1103.374689][T18124] XFS (loop3): Quotacheck: Done.
[ 1103.416479][T18124] 9pnet_fd: Insufficient options for proto=fd
[ 1103.425485][ T5309] usb 2-1: Using ep0 maxpacket: 8
[ 1103.439776][ T5309] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1103.475062][ T5309] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1103.519258][ T5309] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1103.529697][T17519] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1103.555273][ T5309] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1103.568984][ T5309] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1103.578289][ T5309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1103.939778][ T5309] usb 2-1: usb_control_msg returned -71
[ 1103.972117][ T5309] usbtmc 2-1:16.0: can't read capabilities
[ 1104.011458][ T5309] usb 2-1: USB disconnect, device number 37
[ 1104.916272][T18179] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1108.424455][T18215] loop4: detected capacity change from 0 to 256
[ 1108.459166][T18216] loop3: detected capacity change from 0 to 256
[ 1108.688514][   T29] audit: type=1326 audit(1722671213.194:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18222 comm="syz.3.3472" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc487779f9 code=0x0
[ 1108.844766][T18227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3472'.
[ 1108.888947][T18227] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.897798][T18227] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.906597][T18227] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.915374][T18227] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1109.018318][T18227] vxlan0: entered promiscuous mode
[ 1109.721207][T18212] loop0: detected capacity change from 0 to 32768
[ 1109.802633][T18212] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1109.820708][T18212] XFS (loop0): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1109.822680][T18245] loop1: detected capacity change from 0 to 512
[ 1109.848875][T18245] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[ 1109.909486][T18212] XFS (loop0): Quotacheck needed: Please wait.
[ 1110.019925][T18212] XFS (loop0): Quotacheck: Done.
[ 1110.110425][T18212] 9pnet_fd: Insufficient options for proto=fd
[ 1110.191909][T15921] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1110.405428][T18261] netlink: 'syz.3.3481': attribute type 5 has an invalid length.
[ 1110.659615][T18267] hub 6-0:1.0: USB hub found
[ 1110.664640][T18267] hub 6-0:1.0: 1 port detected
[ 1112.066801][T18282] loop3: detected capacity change from 0 to 512
[ 1112.098894][T18282] EXT4-fs: Ignoring removed nobh option
[ 1112.162928][T18286] loop0: detected capacity change from 0 to 512
[ 1112.186615][T18282] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[ 1112.219095][T18282] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.3488: attempt to clear invalid blocks 2 len 1
[ 1112.266533][T18282] EXT4-fs (loop3): Remounting filesystem read-only
[ 1112.276696][T18286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1112.311139][T18282] EXT4-fs (loop3): 1 truncate cleaned up
[ 1112.339290][T18286] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1112.371157][T18282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1112.460544][T15921] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1112.657786][T17519] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.985443][T18298] loop4: detected capacity change from 0 to 32768
[ 1114.022096][T18278] loop1: detected capacity change from 0 to 65536
[ 1114.064796][T18329] loop0: detected capacity change from 0 to 512
[ 1114.090479][T18298] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[ 1114.099360][T18329] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1114.122344][T18298] XFS (loop4): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1114.139788][T18329] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent
[ 1114.183640][T18278] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1114.196428][T18298] XFS (loop4): Quotacheck needed: Please wait.
[ 1114.310107][T18329] loop0: detected capacity change from 0 to 128
[ 1114.337039][T18329] vfat: Unknown parameter 'Oocharset'
[ 1114.506111][T18278] XFS (loop1): Ending clean mount
[ 1114.520727][T18278] XFS (loop1): Quotacheck needed: Please wait.
[ 1114.527090][T18298] XFS (loop4): Quotacheck: Done.
[ 1114.545429][T18348] loop2: detected capacity change from 0 to 512
[ 1114.556219][T18348] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1114.565369][T18348] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 1114.605695][T18348] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[ 1114.613800][T18348] System zones: 0-2, 18-18, 34-34
[ 1114.641316][T18348] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1114.662153][T18348] EXT4-fs (loop2): 1 truncate cleaned up
[ 1114.668640][T18348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1114.700082][ T7174] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x333/0x12c0, inode 0x25 dinode
[ 1114.711869][   T29] audit: type=1800 audit(1722671219.204:474): pid=18348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3504" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1114.734583][T18348] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1114.762471][ T7174] XFS (loop1): Unmount and run xfs_repair
[ 1114.768656][ T7174] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[ 1114.779700][ T7174] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00  IN..............
[ 1114.790691][ T7174] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1114.801758][ T7174] 00000020: 34 f7 58 68 7a bb 44 4d 34 f7 58 68 7a bb 44 4d  4.Xhz.DM4.Xhz.DM
[ 1114.812824][ T7174] 00000030: 34 f7 58 68 7a bb 44 4d 00 00 00 00 00 00 00 27  4.Xhz.DM.......'
[ 1114.823287][ T7174] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1114.832368][ T7174] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 0c 44 49 b4  .............DI.
[ 1114.841610][ T7174] 00000060: ff ff ff ff f1 fd ce d1 00 00 00 00 00 00 00 02  ................
[ 1114.850788][ T7174] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[ 1114.952906][T18278] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[ 1115.045867][T17512] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1115.078335][T17529] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1115.133422][T17529] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[ 1115.338588][T17526] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1116.068080][T18364] loop3: detected capacity change from 0 to 1024
[ 1116.178390][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.466186][ T1173] hfsplus: b-tree write err: -5, ino 4
[ 1116.562042][T18376] loop2: detected capacity change from 0 to 256
[ 1119.578297][T18403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3520'.
[ 1119.984467][T18415] loop4: detected capacity change from 0 to 1024
[ 1120.081329][T18415] hfsplus: invalid catalog btree flag
[ 1120.087669][T18415] hfsplus: failed to load catalog file
[ 1120.109815][ T5281] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 1120.128594][T18383] loop2: detected capacity change from 0 to 32768
[ 1120.195556][T18383] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[ 1120.222213][T18383] XFS (loop2): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1120.325305][ T5281] usb 1-1: Using ep0 maxpacket: 8
[ 1120.332768][ T5281] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1120.405302][ T5281] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1120.438366][T18383] XFS (loop2): Quotacheck needed: Please wait.
[ 1120.463475][ T5281] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1120.473705][ T5281] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1120.487038][ T5281] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1120.503269][ T5281] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1120.794393][ T5281] usb 1-1: GET_CAPABILITIES returned 0
[ 1120.803711][T18383] XFS (loop2): Quotacheck: Done.
[ 1120.821327][ T5281] usbtmc 1-1:16.0: can't read capabilities
[ 1120.905558][T17526] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1120.997829][ T5281] usb 1-1: USB disconnect, device number 29
[ 1121.199730][T18438] loop3: detected capacity change from 0 to 1024
[ 1121.317398][T18438] input: syz0 as /devices/virtual/input/input54
[ 1121.395075][ T7165] hfsplus: b-tree write err: -5, ino 4
[ 1121.582341][T18442] loop3: detected capacity change from 0 to 2048
[ 1121.676764][T18442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1121.768953][T18442] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1121.941489][T18442] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1121.986072][T18442] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[ 1122.845443][T18442] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1122.845443][T18442] 
[ 1122.870197][T18442] EXT4-fs (loop3): Total free blocks count 0
[ 1122.878267][T18442] EXT4-fs (loop3): Free/Dirty block details
[ 1122.884260][T18442] EXT4-fs (loop3): free_blocks=2415919104
[ 1122.892284][T18442] EXT4-fs (loop3): dirty_blocks=32
[ 1122.909528][T18442] EXT4-fs (loop3): Block reservation details
[ 1122.916479][T18442] EXT4-fs (loop3): i_reserved_data_blocks=2
[ 1122.975930][   T29] audit: type=1326 audit(1722671227.474:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18455 comm="syz.0.3537" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9abef779f9 code=0x0
[ 1123.645589][   T29] audit: type=1326 audit(1722671228.144:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18470 comm="syz.0.3541" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9abef779f9 code=0x0
[ 1124.424273][T18474] loop2: detected capacity change from 0 to 1024
[ 1124.494739][T18480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3541'.
[ 1124.604141][T18474] input: syz0 as /devices/virtual/input/input55
[ 1124.732685][ T2935] hfsplus: b-tree write err: -5, ino 4
[ 1124.885322][    T9] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1125.003755][T18463] loop4: detected capacity change from 0 to 32768
[ 1125.077606][T18463] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[ 1125.091168][T18463] XFS (loop4): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1125.118514][    T9] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1125.137887][    T9] usb 2-1: can't read configurations, error -61
[ 1125.159020][T18463] XFS (loop4): Quotacheck needed: Please wait.
[ 1125.946258][    T9] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1126.002754][T18463] XFS (loop4): Quotacheck: Done.
[ 1126.088320][T17512] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1126.131256][   T29] audit: type=1326 audit(1722671230.644:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18518 comm="syz.3.3555" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc487779f9 code=0x0
[ 1126.206322][    T9] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1126.213907][    T9] usb 2-1: can't read configurations, error -61
[ 1126.236248][    T9] usb usb2-port1: attempt power cycle
[ 1126.283409][T18523] loop0: detected capacity change from 0 to 1024
[ 1126.428592][T18523] input: syz0 as /devices/virtual/input/input56
[ 1126.512885][ T7142] hfsplus: b-tree write err: -5, ino 4
[ 1126.684208][    T9] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1126.739356][T18524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3555'.
[ 1126.749580][    T9] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1126.757581][    T9] usb 2-1: can't read configurations, error -61
[ 1126.915432][    T9] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1126.967956][    T9] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1126.982042][    T9] usb 2-1: can't read configurations, error -61
[ 1126.989532][    T9] usb usb2-port1: unable to enumerate USB device
[ 1127.834680][T18543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3544'.
[ 1127.902650][T18546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3544'.
[ 1127.942835][T18546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3544'.
[ 1127.987810][T18546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3544'.
[ 1128.194385][T18552] loop4: detected capacity change from 0 to 512
[ 1128.207904][T18552] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1128.217611][T18552] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1128.340469][T18552] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[ 1128.348749][T18552] System zones: 0-2, 18-18, 34-34
[ 1128.357275][T18552] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1128.376057][T18552] EXT4-fs (loop4): 1 truncate cleaned up
[ 1128.382997][T18552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1128.425778][   T29] audit: type=1800 audit(1722671232.934:478): pid=18552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3562" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1128.490802][T18552] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1129.697556][T17512] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1129.745158][T18564] loop1: detected capacity change from 0 to 1024
[ 1129.991674][T18551] loop0: detected capacity change from 0 to 32768
[ 1130.083372][T18551] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1130.100607][T18551] XFS (loop0): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[ 1130.141839][T18564] input: syz0 as /devices/virtual/input/input57
[ 1130.214734][T18551] XFS (loop0): Quotacheck needed: Please wait.
[ 1130.267452][ T7165] hfsplus: b-tree write err: -5, ino 4
[ 1130.355910][T18551] XFS (loop0): Quotacheck: Done.
[ 1130.423797][   T29] audit: type=1326 audit(1722671234.934:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18585 comm="syz.4.3574" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058c5779f9 code=0x0
[ 1130.461476][T17660] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1130.775450][T17660] usb 4-1: Using ep0 maxpacket: 8
[ 1130.835666][T17660] usb 4-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice=13.13
[ 1130.940861][T15921] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1130.950435][T17660] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.006686][T18591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3574'.
[ 1131.093323][T17660] usb 4-1: config 0 descriptor??
[ 1131.193448][T17660] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input58
[ 1131.242312][T18591] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1131.251260][T18591] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1131.260267][T18591] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1131.270274][T18591] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1131.285105][T18591] vxlan0: entered promiscuous mode
[ 1132.388735][T18594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1132.460988][   T29] audit: type=1326 audit(1722671236.974:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.4.3579" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058c5779f9 code=0x0
[ 1133.383068][ T4665] bcm5974 4-1:0.0: could not read from device
[ 1133.437569][ T5278] usb 4-1: USB disconnect, device number 28
[ 1134.034560][ T5278] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1134.056929][T16028] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1134.613239][ T5278] usb 4-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 1134.623344][ T5278] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1134.662882][ T5278] usb 4-1: Product: syz
[ 1134.667369][ T5278] usb 4-1: Manufacturer: syz
[ 1134.672095][ T5278] usb 4-1: SerialNumber: syz
[ 1134.689051][ T5278] usb 4-1: config 0 descriptor??
[ 1134.704486][ T5278] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 1134.724564][T16028] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1134.775604][T16028] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[ 1134.787506][T16028] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1134.819339][T18636] loop2: detected capacity change from 0 to 164
[ 1134.836001][T18636] iso9660: Unknown parameter '000000000000000000000008'
[ 1134.857351][T16028] usb 1-1: config 0 descriptor??
[ 1134.878793][T16028] go7007 1-1:0.0: probe with driver go7007 failed with error -12
[ 1136.819341][T18644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1136.836826][ T5278] usb 4-1: USB disconnect, device number 29
[ 1136.913046][ T5334] usb 1-1: USB disconnect, device number 30
[ 1137.347093][T18660] loop1: detected capacity change from 0 to 32768
[ 1139.000394][ T5309] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1139.008367][T17660] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1139.115326][    T9] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 1139.608799][ T5309] usb 3-1: Using ep0 maxpacket: 16
[ 1139.638350][ T5281] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1139.841221][ T5309] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1139.860592][T17660] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1139.885461][ T5309] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1139.902369][T17660] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1139.915710][ T5309] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1139.930319][T17660] usb 2-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1139.940084][ T5309] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1139.955311][    T9] usb 1-1: Using ep0 maxpacket: 16
[ 1139.962051][T17660] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.974295][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1139.987698][ T5281] usb 4-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 1139.997012][ T5309] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1140.006916][ T5281] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1140.019603][T17660] usb 2-1: config 0 descriptor??
[ 1140.025574][ T5309] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1140.032398][ T5281] usb 4-1: Product: syz
[ 1140.040498][ T5281] usb 4-1: Manufacturer: syz
[ 1140.045419][ T5309] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1140.056918][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.40
[ 1140.066874][ T5281] usb 4-1: SerialNumber: syz
[ 1140.074031][ T5309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.083814][ T5281] usb 4-1: config 0 descriptor??
[ 1140.088964][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1140.100862][ T5281] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 1140.109588][    T9] usb 1-1: Product: syz
[ 1140.113949][    T9] usb 1-1: Manufacturer: syz
[ 1140.120672][    T9] usb 1-1: SerialNumber: syz
[ 1140.126635][ T5309] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[ 1140.166049][    T9] usbhid 1-1:1.0: couldn't find an input interrupt endpoint
[ 1140.175242][    C0] hrtimer: interrupt took 68609 ns
[ 1140.273341][T18684] loop1: detected capacity change from 0 to 64
[ 1140.335924][T17660] usb 2-1: string descriptor 0 read error: -71
[ 1140.346789][ T5309] scsi host1: usb-storage 3-1:1.0
[ 1140.358559][T17660] smsusb:smsusb_probe: board id=8, interface number 0
[ 1140.369676][ T5334] usb 1-1: USB disconnect, device number 31
[ 1140.373866][T17660] smsusb:smsusb_probe: Device initialized with return code -19
[ 1140.404453][T18708] loop4: detected capacity change from 0 to 4096
[ 1140.412890][T18708] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1140.425741][T17660] usb 2-1: USB disconnect, device number 42
[ 1140.450824][T18708] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[ 1140.867545][T18712] ntfs3: loop4: ino=1b, "file0" attr_set_size
[ 1140.875855][T18712] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[ 1141.270954][T18717] virtio-fs: tag <(null)> not found
[ 1141.444796][T11635] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1142.105511][T11635] sd 1:0:0:0: Attached scsi generic sg1 type 0
[ 1142.742833][T18726] loop0: detected capacity change from 0 to 32768
[ 1142.852197][ T5278] usb 4-1: USB disconnect, device number 30
[ 1142.972298][T18709] sddr09: could not read card info
[ 1142.984080][T16028] usb 3-1: USB disconnect, device number 39
[ 1143.058104][ T2935] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[ 1143.066133][ T2935] sd 1:0:0:0: [sdb] 0-byte physical blocks
[ 1143.073613][ T2935] sd 1:0:0:0: [sdb] Write Protect is off
[ 1143.082150][ T2935] sd 1:0:0:0: [sdb] Asking for cache data failed
[ 1143.090796][ T2935] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[ 1143.954114][ T2935] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[ 1144.186081][T18750] virtio-fs: tag <(null)> not found
[ 1144.294671][T18760] loop1: detected capacity change from 0 to 1024
[ 1144.310571][T18760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1144.449441][T17660] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1145.141005][T18760] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1145.214521][T18768] loop3: detected capacity change from 0 to 1024
[ 1145.249768][T18768] hfsplus: failed to load root directory
[ 1145.273851][T18768] loop3: detected capacity change from 0 to 128
[ 1145.286287][T18768] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1145.305512][T18768] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1145.371472][T16028] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1146.110462][T17660] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1146.131173][T17660] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1146.166382][T17660] usb 5-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1146.167225][T17529] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1146.224609][T17660] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1146.243225][T17660] usb 5-1: config 0 descriptor??
[ 1146.296073][T16028] usb 3-1: Using ep0 maxpacket: 16
[ 1146.309801][T16028] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1146.339801][T16028] usb 3-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.40
[ 1146.349369][T16028] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1146.357520][T16028] usb 3-1: Product: syz
[ 1146.361900][T16028] usb 3-1: Manufacturer: syz
[ 1146.366644][T16028] usb 3-1: SerialNumber: syz
[ 1146.377340][T16028] usbhid 3-1:1.0: couldn't find an input interrupt endpoint
[ 1146.524368][T18752] loop4: detected capacity change from 0 to 64
[ 1146.563037][T17660] usb 5-1: string descriptor 0 read error: -71
[ 1146.571727][T17660] smsusb:smsusb_probe: board id=8, interface number 0
[ 1146.578960][T17660] smsusb:smsusb_probe: Device initialized with return code -19
[ 1146.638248][T16028] usb 3-1: USB disconnect, device number 40
[ 1146.639910][T17660] usb 5-1: USB disconnect, device number 52
[ 1146.765008][T18791] loop3: detected capacity change from 0 to 8
[ 1146.803805][T18791] netlink: 'syz.3.3635': attribute type 11 has an invalid length.
[ 1146.812599][T18791] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3635'.
[ 1147.036490][ T5278] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1147.263152][ T5278] usb 1-1: Using ep0 maxpacket: 16
[ 1147.302570][ T5278] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1147.335017][ T5278] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1147.345555][   T29] audit: type=1326 audit(1722671251.844:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18793 comm="syz.4.3636" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058c5779f9 code=0x0
[ 1147.425700][ T5278] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1147.450041][ T5278] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1147.488562][ T5278] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1147.507224][T18798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3636'.
[ 1147.512418][ T5278] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1147.547883][ T5278] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1147.584285][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1147.616947][ T5278] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[ 1147.882409][ T5278] scsi host1: usb-storage 1-1:1.0
[ 1147.994058][T18806] loop2: detected capacity change from 0 to 4096
[ 1148.009469][T18806] nilfs2: Unknown parameter 'vlan0'
[ 1149.097334][ T2935] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1149.139722][ T2935] sd 1:0:0:0: Attached scsi generic sg1 type 0
[ 1149.269974][T18838] loop4: detected capacity change from 0 to 512
[ 1149.285737][T18838] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1149.300854][T18838] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[ 1149.465042][T18811] sddr09: could not read card info
[ 1150.302687][    C0] eth0: bad gso: type: 1, size: 1408
[ 1150.825382][   T29] audit: type=1326 audit(1722671255.324:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18851 comm="syz.4.3654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058c5779f9 code=0x0
[ 1150.985988][T18858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3654'.
[ 1151.236818][ T5281] usb 1-1: USB disconnect, device number 32
[ 1151.275462][ T7165] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[ 1151.289308][ T7165] sd 1:0:0:0: [sdb] 0-byte physical blocks
[ 1151.316862][ T7165] sd 1:0:0:0: [sdb] Write Protect is off
[ 1151.322776][ T7165] sd 1:0:0:0: [sdb] Asking for cache data failed
[ 1151.346837][ T7165] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[ 1151.386998][ T7165] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[ 1152.329074][T18863] loop0: detected capacity change from 0 to 4096
[ 1152.387088][T18863] nilfs2: Unknown parameter 'vlan0'
[ 1153.000256][    C0] eth0: bad gso: type: 1, size: 1408
[ 1153.063204][T18897] loop0: detected capacity change from 0 to 512
[ 1153.076901][T18897] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1153.090965][T18897] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent
[ 1154.274561][ T5309] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1154.282762][    T9] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1154.538939][ T5309] usb 3-1: Using ep0 maxpacket: 16
[ 1154.967406][    T9] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1154.983181][ T5309] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1155.092807][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1155.105834][ T5309] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1155.118126][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1155.127823][ T5309] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1155.199061][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.215519][ T5309] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1155.247145][ T5309] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1155.258266][    T9] usb 2-1: config 0 descriptor??
[ 1155.287842][    T9] smsusb:smsusb_probe: board id=8, interface number 0
[ 1155.305650][ T5309] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1155.319523][ T5309] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1155.329449][    T9] smsusb:smsusb_probe: Device initialized with return code -19
[ 1155.351134][ T5309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.375553][ T5309] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[ 1155.498609][T18902] loop1: detected capacity change from 0 to 64
[ 1155.569748][    T9] usb 2-1: USB disconnect, device number 43
[ 1155.584917][ T5309] scsi host1: usb-storage 3-1:1.0
[ 1155.656136][T18933] loop3: detected capacity change from 0 to 1024
[ 1155.690847][T18933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1155.708485][T18933] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1156.535833][T17519] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1156.660344][T11635] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1156.708213][T11635] sd 1:0:0:0: Attached scsi generic sg1 type 0
[ 1156.795498][ T5278] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1156.924085][T18931] sddr09: could not read card info
[ 1156.932171][T17640] usb 3-1: USB disconnect, device number 41
[ 1156.966336][ T5278] usb 5-1: device descriptor read/64, error -71
[ 1156.987848][   T61] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[ 1156.999714][   T61] sd 1:0:0:0: [sdb] 0-byte physical blocks
[ 1157.006086][   T61] sd 1:0:0:0: [sdb] Write Protect is off
[ 1157.012037][   T61] sd 1:0:0:0: [sdb] Asking for cache data failed
[ 1157.018508][   T61] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[ 1157.041208][   T61] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[ 1157.775377][ T5278] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1157.945311][ T5278] usb 5-1: device descriptor read/64, error -71
[ 1158.075782][ T5278] usb usb5-port1: attempt power cycle
[ 1158.486172][ T5278] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1158.509332][T18982] loop2: detected capacity change from 0 to 1024
[ 1158.531950][T18982] hfsplus: failed to load root directory
[ 1158.537786][ T5278] usb 5-1: device descriptor read/8, error -71
[ 1158.568915][T18982] loop2: detected capacity change from 0 to 128
[ 1158.594952][T18982] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1158.609164][T18982] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1159.493718][ T5278] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1159.582150][ T5278] usb 5-1: device descriptor read/8, error -71
[ 1159.679599][T18998] tipc: Started in network mode
[ 1159.687962][T18998] tipc: Node identity 36bbabebe1b1, cluster identity 4711
[ 1159.695661][T18998] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1159.790965][ T5278] usb usb5-port1: unable to enumerate USB device
[ 1159.844732][T18998] syzkaller0: entered promiscuous mode
[ 1159.865781][T18998] syzkaller0: entered allmulticast mode
[ 1159.875555][    T9] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1159.894035][T18998] tipc: Resetting bearer <eth:syzkaller0>
[ 1160.049985][T18996] tipc: Resetting bearer <eth:syzkaller0>
[ 1160.091662][T19010] loop0: detected capacity change from 0 to 1024
[ 1160.203963][T19013] input: syz0 as /devices/virtual/input/input59
[ 1160.235034][    T9] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1160.246077][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1160.261754][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1160.302344][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1160.330730][    T9] usb 3-1: config 0 descriptor??
[ 1160.342177][    T9] smsusb:smsusb_probe: board id=8, interface number 0
[ 1160.361923][    T9] smsusb:smsusb_probe: Device initialized with return code -19
[ 1160.380434][ T7165] hfsplus: b-tree write err: -5, ino 4
[ 1160.525689][T19025] loop0: detected capacity change from 0 to 164
[ 1160.532630][T19025] iso9660: Unknown parameter '000000000000000000000008'
[ 1160.577589][T18997] loop2: detected capacity change from 0 to 64
[ 1160.619089][ T5278] usb 3-1: USB disconnect, device number 42
[ 1160.777061][T17640] tipc: Node number set to 3607800811
[ 1160.815312][ T5309] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1161.049072][ T5309] usb 4-1: Using ep0 maxpacket: 16
[ 1161.130016][ T5309] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1161.208083][ T5309] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1161.375254][ T5309] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1161.424139][ T5309] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1161.465077][ T5309] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1161.525565][ T5309] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1161.572199][ T5309] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1161.616846][ T5309] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.798795][ T5309] ums-sddr09 4-1:1.0: USB Mass Storage device detected
[ 1162.028223][ T5309] scsi host1: usb-storage 4-1:1.0
[ 1163.011634][T17640] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1163.090297][ T2935] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1163.232218][T19049] loop4: detected capacity change from 0 to 512
[ 1163.237127][ T2935] sd 1:0:0:0: Attached scsi generic sg1 type 0
[ 1163.248644][T19049] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1163.258058][T17640] usb 1-1: device descriptor read/64, error -71
[ 1163.264935][T19049] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[ 1164.066432][T17640] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1164.335463][T13760] Bluetooth: hci5: command 0x0406 tx timeout
[ 1164.346494][T13760] Bluetooth: hci4: command 0x0406 tx timeout
[ 1164.688526][T17640] usb 1-1: device descriptor read/64, error -71
[ 1164.839652][T17640] usb usb1-port1: attempt power cycle
[ 1165.543160][    C1] DEBUG: holding rtnl_mutex for 549 jiffies.
[ 1165.549286][    C1] task:syz.1.3691      state:R  running task     stack:24672 pid:18996 tgid:18996 ppid:17529  flags:0x0000400e
[ 1165.561168][    C1] Call Trace:
[ 1165.564499][    C1]  <IRQ>
[ 1165.567441][    C1]  sched_show_task+0x506/0x6d0
[ 1165.572293][    C1]  ? report_rtnl_holders+0x2a5/0x400
[ 1165.577769][    C1]  ? __pfx__printk+0x10/0x10
[ 1165.582424][    C1]  ? __pfx_sched_show_task+0x10/0x10
[ 1165.587812][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1165.593786][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1165.600246][    C1]  report_rtnl_holders+0x327/0x400
[ 1165.605507][    C1]  call_timer_fn+0x18e/0x650
[ 1165.610198][    C1]  ? call_timer_fn+0xc0/0x650
[ 1165.614939][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1165.620751][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1165.625959][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1165.631611][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1165.637291][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1165.642955][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1165.648196][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1165.653406][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1165.659088][    C1]  __run_timer_base+0x66a/0x8e0
[ 1165.663952][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1165.669423][    C1]  run_timer_softirq+0xb7/0x170
[ 1165.674356][    C1]  handle_softirqs+0x2c4/0x970
[ 1165.679234][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 1165.684092][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1165.689521][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1165.694825][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 1165.699532][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1165.704832][    C1]  irq_exit_rcu+0x9/0x30
[ 1165.709151][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1165.714804][    C1]  </IRQ>
[ 1165.717771][    C1]  <TASK>
[ 1165.720708][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1165.726740][    C1] RIP: 0010:synchronize_rcu+0x0/0x360
[ 1165.732245][    C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[ 1165.751984][    C1] RSP: 0018:ffffc90002df7838 EFLAGS: 00000206
[ 1165.758095][    C1] RAX: dffffc0000000000 RBX: 1ffff920005bef10 RCX: ffffffff94f2f903
[ 1165.766109][    C1] RDX: 0000000000000001 RSI: ffffffff8c0ae240 RDI: ffffffff8c607c40
[ 1165.774131][    C1] RBP: ffffc90002df7918 R08: ffffffff94f25f4f R09: 1ffffffff29e4be9
[ 1165.782146][    C1] R10: dffffc0000000000 R11: fffffbfff29e4bea R12: ffffffff94f22ec8
[ 1165.790247][    C1] R13: 1ffff920005bef0c R14: 0000000000000a06 R15: ffffc90002df7880
[ 1165.798271][    C1]  lockdep_unregister_key+0x4b7/0x540
[ 1165.803728][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[ 1165.809661][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1165.814873][    C1]  ? __qdisc_destroy+0x150/0x410
[ 1165.819879][    C1]  ? kfree+0x149/0x360
[ 1165.823971][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[ 1165.829585][    C1]  __qdisc_destroy+0x165/0x410
[ 1165.834370][    C1]  dev_shutdown+0x9b/0x450
[ 1165.838845][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[ 1165.845252][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1165.852115][    C1]  ? __asan_memset+0x23/0x50
[ 1165.856756][    C1]  ? skb_queue_purge_reason+0x2de/0x500
[ 1165.862319][    C1]  ? __asan_memset+0x23/0x50
[ 1165.866956][    C1]  ? skb_queue_purge_reason+0x2de/0x500
[ 1165.872535][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1165.877814][    C1]  unregister_netdevice_queue+0x303/0x370
[ 1165.883556][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1165.889850][    C1]  __tun_detach+0x6b9/0x1600
[ 1165.894483][    C1]  tun_chr_close+0x108/0x1b0
[ 1165.899122][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[ 1165.904255][    C1]  __fput+0x24a/0x8a0
[ 1165.908327][    C1]  task_work_run+0x24f/0x310
[ 1165.912962][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1165.919726][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1165.925569][    C1]  syscall_exit_to_user_mode+0x168/0x370
[ 1165.931388][    C1]  do_syscall_64+0x100/0x230
[ 1165.936037][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1165.940735][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.946689][    C1] RIP: 0033:0x7f3f13d779f9
[ 1165.951126][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1165.970786][    C1] RSP: 002b:00007ffd2457acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1165.979262][    C1] RAX: 0000000000000000 RBX: 00007f3f13f07a80 RCX: 00007f3f13d779f9
[ 1165.987278][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1165.995332][    C1] RBP: 00007f3f13f07a80 R08: 00007f3f13ef2000 R09: 00007ffd2457afdf
[ 1166.003343][    C1] R10: 00000000003ff008 R11: 0000000000000246 R12: 000000000011b4df
[ 1166.011532][    C1] R13: 00007ffd2457adf0 R14: 00007ffd2457ae10 R15: ffffffffffffffff
[ 1166.019565][    C1]  </TASK>
[ 1166.022683][    C1] DEBUG: waiting rtnl_mutex for 570 jiffies.
[ 1166.028786][    C1] task:syz.3.3697      state:D stack:24504 pid:19018 tgid:19017 ppid:17519  flags:0x00004006
[ 1166.038989][    C1] Call Trace:
[ 1166.042277][    C1]  <TASK>
[ 1166.045262][    C1]  __schedule+0x1800/0x4a60
[ 1166.049821][    C1]  ? __pfx___schedule+0x10/0x10
[ 1166.054693][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1166.059759][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[ 1166.065273][    C1]  ? schedule+0x90/0x320
[ 1166.069528][    C1]  schedule+0x14b/0x320
[ 1166.073697][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1166.079204][    C1]  __mutex_lock+0x6a4/0xd70
[ 1166.083724][    C1]  ? __mutex_lock+0x527/0xd70
[ 1166.088438][    C1]  ? __tun_chr_ioctl+0x48f/0x2400
[ 1166.093495][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1166.098584][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1166.103543][    C1]  __tun_chr_ioctl+0x48f/0x2400
[ 1166.108468][    C1]  ? __pfx___tun_chr_ioctl+0x10/0x10
[ 1166.113801][    C1]  ? __fget_files+0x3f6/0x470
[ 1166.118522][    C1]  ? __fget_files+0x29/0x470
[ 1166.123126][    C1]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1166.128106][    C1]  ? security_file_ioctl+0x87/0xb0
[ 1166.133229][    C1]  ? __pfx_tun_chr_ioctl+0x10/0x10
[ 1166.138376][    C1]  __se_sys_ioctl+0xfc/0x170
[ 1166.142981][    C1]  do_syscall_64+0xf3/0x230
[ 1166.147522][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1166.152213][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1166.158146][    C1] RIP: 0033:0x7fdc487779f9
[ 1166.162577][    C1] RSP: 002b:00007fdc49511048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1166.171065][    C1] RAX: ffffffffffffffda RBX: 00007fdc48905f80 RCX: 00007fdc487779f9
[ 1166.179078][    C1] RDX: 00000000200000c0 RSI: 00000000400454ca RDI: 0000000000000006
[ 1166.187093][    C1] RBP: 00007fdc487e58ee R08: 0000000000000000 R09: 0000000000000000
[ 1166.195082][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1166.203086][    C1] R13: 000000000000000b R14: 00007fdc48905f80 R15: 00007ffdc54d96b8
[ 1166.211106][    C1]  </TASK>
[ 1166.214134][    C1] 
[ 1166.214134][    C1] Showing all locks held in the system:
[ 1166.221889][    C1] 4 locks held by kworker/u8:5/1173:
[ 1166.227205][    C1]  #0: ffff888018299148 ((wq_completion)async){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1166.238137][    C1]  #1: ffffc900048dfd00 ((work_completion)(&entry->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1166.250013][    C1]  #2: ffff88806bf62378 (&dev->mutex){....}-{3:3}, at: __device_attach_async_helper+0xfc/0x300
[ 1166.260420][    C1]  #3: ffff888023ec0680 (&q->limits_lock){+.+.}-{3:3}, at: sd_revalidate_disk+0xeaa/0xb6a0
[ 1166.270496][    C1] 2 locks held by getty/4983:
[ 1166.275224][    C1]  #0: ffff88802b58f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1166.285062][    C1]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1166.295235][    C1] 3 locks held by syz-executor/5210:
[ 1166.300557][    C1]  #0: ffff888021a9bdf0 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0
[ 1166.310868][    C1]  #1: ffff8880306e2518 (sb_pagefaults){++++}-{0:0}, at: ext4_page_mkwrite+0x1f0/0xdf0
[ 1166.320652][    C1]  #2: ffff8880306e6958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110
[ 1166.330399][    C1] 6 locks held by kworker/1:5/17640:
[ 1166.335717][    C1]  #0: ffff88801d2fdd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1166.347248][    C1]  #1: ffffc90003597d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1166.359222][    C1]  #2: ffff888024a85190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 1166.368160][    C1]  #3: ffff888024af0518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[ 1166.378220][    C1]  #4: ffff88801a777f68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[ 1166.387939][    C1]  #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30
[ 1166.398444][    C1] 3 locks held by syz.1.3691/18996:
[ 1166.403662][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1166.412718][    C1]  #1: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[ 1166.422884][    C1]  #2: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1166.432803][    C1] 1 lock held by syz.3.3697/19018:
[ 1166.437953][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48f/0x2400
[ 1166.447320][    C1] 1 lock held by usb-storage/19037:
[ 1166.452532][    C1]  #0: ffff88806d3f4d38 (&us_interface_key[i]){+.+.}-{3:3}, at: usb_stor_control_thread+0x15e/0xa50
[ 1166.463379][    C1] 1 lock held by syz.4.3704/19058:
[ 1166.468539][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1166.477997][    C1] 1 lock held by syz.4.3704/19062:
[ 1166.483114][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1166.492580][    C1] 1 lock held by syz.4.3704/19063:
[ 1166.497729][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[ 1166.506621][    C1] 3 locks held by syz.2.3705/19065:
[ 1166.511903][    C1]  #0: ffff88802d568d18 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0
[ 1166.522252][    C1]  #1: ffff8880306e2518 (sb_pagefaults){++++}-{0:0}, at: ext4_page_mkwrite+0x1f0/0xdf0
[ 1166.531992][    C1]  #2: ffff8880306e6958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110
[ 1166.541715][    C1] 3 locks held by syz-executor/19067:
[ 1166.547124][    C1]  #0: ffff88805d6e4808 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0
[ 1166.557458][    C1]  #1: ffff8880306e2518 (sb_pagefaults){++++}-{0:0}, at: ext4_page_mkwrite+0x1f0/0xdf0
[ 1166.567163][    C1]  #2: ffff8880306e6958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110
[ 1166.576899][    C1] 
[ 1166.579234][    C1] =============================================
[ 1166.579234][    C1] 
[ 1166.596056][T17640] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1166.758143][T19070] loop2: detected capacity change from 0 to 1024
[ 1166.819540][T17640] usb 1-1: device not accepting address 35, error -71
[ 1166.950662][T19070] input: syz0 as /devices/virtual/input/input60
[ 1167.070092][T11635] hfsplus: b-tree write err: -5, ino 4
[ 1167.099338][T19074] loop0: detected capacity change from 0 to 4096
[ 1167.117081][T19074] nilfs2: Unknown parameter 'vlan0'
[ 1167.162498][T19078] loop2: detected capacity change from 0 to 164
[ 1167.198249][T19078] iso9660: Unknown parameter '000000000000000000000008'
[ 1167.280679][T19080] loop0: detected capacity change from 0 to 1024
[ 1167.302445][T19080] hfsplus: failed to load root directory
[ 1167.615700][    C1] DEBUG: holding rtnl_mutex for 757 jiffies.
[ 1167.621828][    C1] task:syz.1.3691      state:D stack:24672 pid:18996 tgid:18996 ppid:17529  flags:0x00004006
[ 1167.632039][    C1] Call Trace:
[ 1167.635351][    C1]  <TASK>
[ 1167.638299][    C1]  __schedule+0x1800/0x4a60
[ 1167.642838][    C1]  ? __pfx___schedule+0x10/0x10
[ 1167.647751][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1167.652812][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1167.658774][    C1]  ? schedule+0x90/0x320
[ 1167.663036][    C1]  schedule+0x14b/0x320
[ 1167.667234][    C1]  synchronize_rcu_expedited+0x684/0x830
[ 1167.672879][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[ 1167.679161][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 1167.684454][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1167.689782][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1167.695800][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1167.701902][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1167.708380][    C1]  synchronize_rcu+0x11b/0x360
[ 1167.713248][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[ 1167.718584][    C1]  lockdep_unregister_key+0x4b7/0x540
[ 1167.724002][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[ 1167.729946][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1167.735322][    C1]  ? __qdisc_destroy+0x150/0x410
[ 1167.740287][    C1]  ? kfree+0x149/0x360
[ 1167.744375][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[ 1167.749964][    C1]  __qdisc_destroy+0x165/0x410
[ 1167.754834][    C1]  dev_shutdown+0x9b/0x450
[ 1167.759290][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[ 1167.765665][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1167.772450][    C1]  ? __asan_memset+0x23/0x50
[ 1167.777185][    C1]  ? skb_queue_purge_reason+0x2de/0x500
[ 1167.782756][    C1]  ? __asan_memset+0x23/0x50
[ 1167.787394][    C1]  ? skb_queue_purge_reason+0x2de/0x500
[ 1167.792960][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1167.798206][    C1]  unregister_netdevice_queue+0x303/0x370
[ 1167.803954][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1167.810394][    C1]  __tun_detach+0x6b9/0x1600
[ 1167.815128][    C1]  tun_chr_close+0x108/0x1b0
[ 1167.819771][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[ 1167.824901][    C1]  __fput+0x24a/0x8a0
[ 1167.828946][    C1]  task_work_run+0x24f/0x310
[ 1167.833556][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1167.838701][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1167.844440][    C1]  syscall_exit_to_user_mode+0x168/0x370
[ 1167.850121][    C1]  do_syscall_64+0x100/0x230
[ 1167.854733][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1167.859480][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1167.865421][    C1] RIP: 0033:0x7f3f13d779f9
[ 1167.869847][    C1] RSP: 002b:00007ffd2457acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1167.878292][    C1] RAX: 0000000000000000 RBX: 00007f3f13f07a80 RCX: 00007f3f13d779f9
[ 1167.886309][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1167.894377][    C1] RBP: 00007f3f13f07a80 R08: 00007f3f13ef2000 R09: 00007ffd2457afdf
[ 1167.902392][    C1] R10: 00000000003ff008 R11: 0000000000000246 R12: 000000000011b4df
[ 1167.910396][    C1] R13: 00007ffd2457adf0 R14: 00007ffd2457ae10 R15: ffffffffffffffff
[ 1167.918435][    C1]  </TASK>
[ 1167.921480][    C1] DEBUG: waiting rtnl_mutex for 760 jiffies.
[ 1167.927494][    C1] task:syz.3.3697      state:D stack:24504 pid:19018 tgid:19017 ppid:17519  flags:0x00004006
[ 1167.937697][    C1] Call Trace:
[ 1167.940987][    C1]  <TASK>
[ 1167.943936][    C1]  __schedule+0x1800/0x4a60
[ 1167.948499][    C1]  ? __pfx___schedule+0x10/0x10
[ 1167.953388][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1167.958476][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[ 1167.963969][    C1]  ? schedule+0x90/0x320
[ 1167.968249][    C1]  schedule+0x14b/0x320
[ 1167.972504][    C1]  schedule_preempt_disabled+0x13/0x30
[ 1167.978000][    C1]  __mutex_lock+0x6a4/0xd70
[ 1167.982515][    C1]  ? __mutex_lock+0x527/0xd70
[ 1167.987276][    C1]  ? __tun_chr_ioctl+0x48f/0x2400
[ 1167.992348][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1167.997411][    C1]  ? get_rtnl_holder+0x144/0x190
[ 1168.002358][    C1]  __tun_chr_ioctl+0x48f/0x2400
[ 1168.007273][    C1]  ? __pfx___tun_chr_ioctl+0x10/0x10
[ 1168.012563][    C1]  ? __fget_files+0x3f6/0x470
[ 1168.017263][    C1]  ? __fget_files+0x29/0x470
[ 1168.021861][    C1]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1168.026832][    C1]  ? security_file_ioctl+0x87/0xb0
[ 1168.031947][    C1]  ? __pfx_tun_chr_ioctl+0x10/0x10
[ 1168.037082][    C1]  __se_sys_ioctl+0xfc/0x170
[ 1168.041679][    C1]  do_syscall_64+0xf3/0x230
[ 1168.046304][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1168.050983][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1168.056910][    C1] RIP: 0033:0x7fdc487779f9
[ 1168.061330][    C1] RSP: 002b:00007fdc49511048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1168.070306][    C1] RAX: ffffffffffffffda RBX: 00007fdc48905f80 RCX: 00007fdc487779f9
[ 1168.078371][    C1] RDX: 00000000200000c0 RSI: 00000000400454ca RDI: 0000000000000006
[ 1168.086510][    C1] RBP: 00007fdc487e58ee R08: 0000000000000000 R09: 0000000000000000
[ 1168.094491][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1168.102503][    C1] R13: 000000000000000b R14: 00007fdc48905f80 R15: 00007ffdc54d96b8
[ 1168.110538][    C1]  </TASK>
[ 1168.113567][    C1] 
[ 1168.113567][    C1] Showing all locks held in the system:
[ 1168.121325][    C1] 4 locks held by kworker/u8:5/1173:
[ 1168.126648][    C1]  #0: ffff888018299148 ((wq_completion)async){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1168.137575][    C1]  #1: ffffc900048dfd00 ((work_completion)(&entry->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1168.149474][    C1]  #2: ffff88806bf62378 (&dev->mutex){....}-{3:3}, at: __device_attach_async_helper+0xfc/0x300
[ 1168.160084][    C1]  #3: ffff888023ec0680 (&q->limits_lock){+.+.}-{3:3}, at: sd_revalidate_disk+0xeaa/0xb6a0
[ 1168.170168][    C1] 2 locks held by getty/4983:
[ 1168.174846][    C1]  #0: ffff88802b58f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1168.184632][    C1]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1168.194866][    C1] 6 locks held by kworker/1:5/17640:
[ 1168.200181][    C1]  #0: ffff88801d2fdd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1168.211531][    C1]  #1: ffffc90003597d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1168.223408][    C1]  #2: ffff888024a85190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 1168.232338][    C1]  #3: ffff888024af0518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[ 1168.242395][    C1]  #4: ffff88801a777f68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[ 1168.252098][    C1]  #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30
[ 1168.262582][    C1] 2 locks held by syz.1.3691/18996:
[ 1168.267814][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 1168.276928][    C1]  #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[ 1168.287869][    C1] 1 lock held by syz.3.3697/19018:
[ 1168.292995][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48f/0x2400
[ 1168.302354][    C1] 1 lock held by usb-storage/19037:
[ 1168.307575][    C1]  #0: ffff88806d3f4d38 (&us_interface_key[i]){+.+.}-{3:3}, at: usb_stor_control_thread+0x15e/0xa50
[ 1168.318579][    C1] 1 lock held by syz.4.3704/19058:
[ 1168.323697][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1168.333237][    C1] 1 lock held by syz.4.3704/19062:
[ 1168.338373][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[ 1168.347813][    C1] 1 lock held by syz.4.3704/19063:
[ 1168.352923][    C1]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[ 1168.361750][    C1] 2 locks held by syz.2.3710/19081:
[ 1168.367051][    C1]  #0: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[ 1168.377177][    C1]  #1: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1168.387141][    C1] 
[ 1168.389467][    C1] =============================================
[ 1168.389467][    C1] 
[ 1168.642011][T19083] loop0: detected capacity change from 0 to 128
[ 1168.696036][T19083] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1168.761728][T19083] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1169.271710][T19093] loop0: detected capacity change from 0 to 1024
[ 1169.306701][T19093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1169.347116][T19093] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[ 1169.455205][    C1] DEBUG: holding rtnl_mutex for 941 jiffies.
[ 1169.461280][    C1] task:syz.1.3691      state:R  running task     stack:24672 pid:18996 tgid:18996 ppid:17529  flags:0x00004006
[ 1169.473122][    C1] Call Trace:
[ 1169.476429][    C1]  <TASK>
[ 1169.479362][    C1]  __schedule+0x1800/0x4a60
[ 1169.483882][    C1]  ? __pfx___schedule+0x10/0x10
[ 1169.488769][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1169.493978][    C1]  ? mark_lock+0x9a/0x360
[ 1169.498394][    C1]  preempt_schedule_irq+0xfb/0x1c0
[ 1169.503592][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1169.509471][    C1]  irqentry_exit+0x5e/0x90
[ 1169.514023][    C1]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1169.519577][    C1] RIP: 0010:synchronize_rcu+0x0/0x360
[ 1169.525007][    C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[ 1169.544731][    C1] RSP: 7880:0000000000000a07 EFLAGS: 1ffff920005bef0c
[ 1169.551593][    C1] ==================================================================
[ 1169.559657][    C1] BUG: KASAN: stack-out-of-bounds in __show_regs+0xa6/0x610
[ 1169.566957][    C1] Read of size 8 at addr ffffc90002df77d8 by task kworker/u8:4/61
[ 1169.574771][    C1] 
[ 1169.577095][    C1] CPU: 1 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1169.587245][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1169.597305][    C1] Workqueue: bat_events batadv_nc_worker
[ 1169.602939][    C1] Call Trace:
[ 1169.606215][    C1]  <IRQ>
[ 1169.609056][    C1]  dump_stack_lvl+0x241/0x360
[ 1169.613725][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1169.618918][    C1]  ? __pfx__printk+0x10/0x10
[ 1169.623503][    C1]  ? _printk+0xd5/0x120
[ 1169.627650][    C1]  print_report+0x169/0x550
[ 1169.632150][    C1]  ? __virt_addr_valid+0xbd/0x530
[ 1169.637161][    C1]  ? __show_regs+0xa6/0x610
[ 1169.641699][    C1]  kasan_report+0x143/0x180
[ 1169.646190][    C1]  ? __show_regs+0xa6/0x610
[ 1169.650682][    C1]  __show_regs+0xa6/0x610
[ 1169.655023][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1169.660654][    C1]  ? wq_watchdog_touch+0xef/0x180
[ 1169.665679][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1169.671305][    C1]  show_trace_log_lvl+0x3d4/0x520
[ 1169.676328][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[ 1169.681601][    C1]  sched_show_task+0x506/0x6d0
[ 1169.686350][    C1]  ? report_rtnl_holders+0x2a5/0x400
[ 1169.691630][    C1]  ? __pfx__printk+0x10/0x10
[ 1169.696208][    C1]  ? __pfx_sched_show_task+0x10/0x10
[ 1169.701475][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1169.707460][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1169.713809][    C1]  report_rtnl_holders+0x327/0x400
[ 1169.718934][    C1]  call_timer_fn+0x18e/0x650
[ 1169.723534][    C1]  ? call_timer_fn+0xc0/0x650
[ 1169.728202][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1169.733839][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1169.738941][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1169.744597][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1169.750230][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1169.755853][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1169.761046][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1169.766239][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1169.771864][    C1]  __run_timer_base+0x66a/0x8e0
[ 1169.776799][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1169.782165][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1169.788487][    C1]  run_timer_softirq+0xb7/0x170
[ 1169.793341][    C1]  handle_softirqs+0x2c4/0x970
[ 1169.798098][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 1169.802851][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1169.808130][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1169.813342][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 1169.817927][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1169.823111][    C1]  irq_exit_rcu+0x9/0x30
[ 1169.827342][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1169.832982][    C1]  </IRQ>
[ 1169.835904][    C1]  <TASK>
[ 1169.838821][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1169.844789][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 1169.850151][    C1] Code: 2b 00 74 08 4c 89 f7 e8 4a 9f 8b 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1169.869751][    C1] RSP: 0018:ffffc900015cf980 EFLAGS: 00000206
[ 1169.875811][    C1] RAX: 0000000000000001 RBX: 1ffff920002b9f3c RCX: 065183183be08b00
[ 1169.883779][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c607c40
[ 1169.891741][    C1] RBP: ffffc900015cfad0 R08: ffffffff93737807 R09: 1ffffffff26e6f00
[ 1169.899715][    C1] R10: dffffc0000000000 R11: fffffbfff26e6f01 R12: 1ffff920002b9f38
[ 1169.908034][    C1] R13: dffffc0000000000 R14: ffffc900015cf9e0 R15: 0000000000000246
[ 1169.916007][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1169.921026][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1169.926836][    C1]  ? __local_bh_enable_ip+0x168/0x200
[ 1169.932201][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1169.937215][    C1]  ? batadv_nc_purge_paths+0x312/0x3b0
[ 1169.942668][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 1169.948031][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_decoding+0x10/0x10
[ 1169.955044][    C1]  ? __pfx_batadv_nc_sniffed_purge+0x10/0x10
[ 1169.961026][    C1]  batadv_nc_process_nc_paths+0xd6/0x3a0
[ 1169.966665][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1169.972467][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1169.978270][    C1]  batadv_nc_worker+0x52c/0x610
[ 1169.983115][    C1]  ? process_scheduled_works+0x945/0x1830
[ 1169.988835][    C1]  process_scheduled_works+0xa2c/0x1830
[ 1169.994411][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1170.000407][    C1]  ? assign_work+0x364/0x3d0
[ 1170.004990][    C1]  worker_thread+0x86d/0xd40
[ 1170.009597][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1170.015495][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1170.020599][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1170.025704][    C1]  kthread+0x2f0/0x390
[ 1170.029849][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1170.034988][    C1]  ? __pfx_kthread+0x10/0x10
[ 1170.039566][    C1]  ret_from_fork+0x4b/0x80
[ 1170.043969][    C1]  ? __pfx_kthread+0x10/0x10
[ 1170.048547][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1170.053304][    C1]  </TASK>
[ 1170.056312][    C1] 
[ 1170.058622][    C1] The buggy address belongs to the virtual mapping at
[ 1170.058622][    C1]  [ffffc90002df0000, ffffc90002df9000) created by:
[ 1170.058622][    C1]  copy_process+0x5d1/0x3d90
[ 1170.076337][    C1] 
[ 1170.078655][    C1] The buggy address belongs to the physical page:
[ 1170.085076][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807d2c6e88 pfn:0x7d2c6
[ 1170.095177][    C1] memcg:ffff88802cf9ad02
[ 1170.099430][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1170.106549][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 1170.115133][    C1] raw: ffff88807d2c6e88 0000000000000000 00000001ffffffff ffff88802cf9ad02
[ 1170.123712][    C1] page dumped because: kasan: bad access detected
[ 1170.130128][    C1] page_owner tracks the page as allocated
[ 1170.135839][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 17529, tgid 17529 (syz-executor), ts 1159541591524, free_ts 1159190090763
[ 1170.154755][    C1]  post_alloc_hook+0x1f3/0x230
[ 1170.159519][    C1]  get_page_from_freelist+0x2e4c/0x2f10
[ 1170.165135][    C1]  __alloc_pages_noprof+0x256/0x6c0
[ 1170.170329][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1170.176036][    C1]  __vmalloc_node_range_noprof+0x971/0x1460
[ 1170.181923][    C1]  dup_task_struct+0x444/0x8c0
[ 1170.186669][    C1]  copy_process+0x5d1/0x3d90
[ 1170.191244][    C1]  kernel_clone+0x226/0x8f0
[ 1170.195727][    C1]  __x64_sys_clone+0x258/0x2a0
[ 1170.200469][    C1]  do_syscall_64+0xf3/0x230
[ 1170.205127][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.211528][    C1] page last free pid 18979 tgid 18977 stack trace:
[ 1170.218088][    C1]  free_unref_folios+0x103a/0x1b00
[ 1170.223382][    C1]  folios_put_refs+0x76e/0x860
[ 1170.228129][    C1]  free_pages_and_swap_cache+0x2ea/0x690
[ 1170.233741][    C1]  tlb_flush_mmu+0x3a3/0x680
[ 1170.238315][    C1]  tlb_finish_mmu+0xd4/0x200
[ 1170.242887][    C1]  exit_mmap+0x44f/0xc80
[ 1170.247131][    C1]  __mmput+0x115/0x390
[ 1170.251190][    C1]  exit_mm+0x220/0x310
[ 1170.255243][    C1]  do_exit+0x9b2/0x27f0
[ 1170.259388][    C1]  do_group_exit+0x207/0x2c0
[ 1170.263955][    C1]  get_signal+0x16a1/0x1740
[ 1170.268438][    C1]  arch_do_signal_or_restart+0x96/0x830
[ 1170.273963][    C1]  syscall_exit_to_user_mode+0xc9/0x370
[ 1170.279498][    C1]  do_syscall_64+0x100/0x230
[ 1170.284067][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.289941][    C1] 
[ 1170.292245][    C1] Memory state around the buggy address:
[ 1170.297867][    C1]  ffffc90002df7680: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 00 f3 f3 f3
[ 1170.305924][    C1]  ffffc90002df7700: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[ 1170.313971][    C1] >ffffc90002df7780: f1 f1 f1 f1 00 f2 f2 f2 00 f3 f3 f3 00 00 00 00
[ 1170.322013][    C1]                                                     ^
[ 1170.328931][    C1]  ffffc90002df7800: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[ 1170.337061][    C1]  ffffc90002df7880: 00 f2 f2 f2 00 f3 f3 f3 00 00 00 00 00 00 00 00
[ 1170.345100][    C1] ==================================================================
[ 1170.353272][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1170.360564][    C1] CPU: 1 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1170.370787][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1170.380841][    C1] Workqueue: bat_events batadv_nc_worker
[ 1170.386511][    C1] Call Trace:
[ 1170.389774][    C1]  <IRQ>
[ 1170.392616][    C1]  dump_stack_lvl+0x241/0x360
[ 1170.397280][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1170.402464][    C1]  ? __pfx__printk+0x10/0x10
[ 1170.407046][    C1]  ? vscnprintf+0x5d/0x90
[ 1170.411358][    C1]  panic+0x349/0x870
[ 1170.415244][    C1]  ? check_panic_on_warn+0x21/0xb0
[ 1170.420338][    C1]  ? __pfx_panic+0x10/0x10
[ 1170.424742][    C1]  ? mark_lock+0x9a/0x360
[ 1170.429058][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 1170.434937][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1170.440899][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1170.447239][    C1]  ? print_report+0x502/0x550
[ 1170.451899][    C1]  check_panic_on_warn+0x86/0xb0
[ 1170.456822][    C1]  ? __show_regs+0xa6/0x610
[ 1170.461308][    C1]  end_report+0x77/0x160
[ 1170.465533][    C1]  kasan_report+0x154/0x180
[ 1170.470017][    C1]  ? __show_regs+0xa6/0x610
[ 1170.474502][    C1]  __show_regs+0xa6/0x610
[ 1170.478814][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1170.484436][    C1]  ? wq_watchdog_touch+0xef/0x180
[ 1170.489446][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1170.495059][    C1]  show_trace_log_lvl+0x3d4/0x520
[ 1170.500073][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[ 1170.505351][    C1]  sched_show_task+0x506/0x6d0
[ 1170.510120][    C1]  ? report_rtnl_holders+0x2a5/0x400
[ 1170.515394][    C1]  ? __pfx__printk+0x10/0x10
[ 1170.519969][    C1]  ? __pfx_sched_show_task+0x10/0x10
[ 1170.525243][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1170.531136][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1170.537450][    C1]  report_rtnl_holders+0x327/0x400
[ 1170.542548][    C1]  call_timer_fn+0x18e/0x650
[ 1170.547123][    C1]  ? call_timer_fn+0xc0/0x650
[ 1170.551781][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1170.557399][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1170.562490][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1170.568107][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1170.573724][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1170.579341][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1170.584527][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1170.589721][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[ 1170.595343][    C1]  __run_timer_base+0x66a/0x8e0
[ 1170.600182][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1170.605552][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1170.611975][    C1]  run_timer_softirq+0xb7/0x170
[ 1170.616899][    C1]  handle_softirqs+0x2c4/0x970
[ 1170.621661][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 1170.626408][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1170.631674][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1170.636857][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 1170.641430][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1170.646644][    C1]  irq_exit_rcu+0x9/0x30
[ 1170.650868][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1170.656670][    C1]  </IRQ>
[ 1170.659583][    C1]  <TASK>
[ 1170.662494][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1170.668458][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 1170.674163][    C1] Code: 2b 00 74 08 4c 89 f7 e8 4a 9f 8b 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1170.694047][    C1] RSP: 0018:ffffc900015cf980 EFLAGS: 00000206
[ 1170.700104][    C1] RAX: 0000000000000001 RBX: 1ffff920002b9f3c RCX: 065183183be08b00
[ 1170.708090][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c607c40
[ 1170.716045][    C1] RBP: ffffc900015cfad0 R08: ffffffff93737807 R09: 1ffffffff26e6f00
[ 1170.724001][    C1] R10: dffffc0000000000 R11: fffffbfff26e6f01 R12: 1ffff920002b9f38
[ 1170.731962][    C1] R13: dffffc0000000000 R14: ffffc900015cf9e0 R15: 0000000000000246
[ 1170.739928][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1170.744944][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1170.750767][    C1]  ? __local_bh_enable_ip+0x168/0x200
[ 1170.756128][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1170.761139][    C1]  ? batadv_nc_purge_paths+0x312/0x3b0
[ 1170.766587][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 1170.771943][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_decoding+0x10/0x10
[ 1170.778949][    C1]  ? __pfx_batadv_nc_sniffed_purge+0x10/0x10
[ 1170.784912][    C1]  batadv_nc_process_nc_paths+0xd6/0x3a0
[ 1170.790533][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1170.796347][    C1]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 1170.802165][    C1]  batadv_nc_worker+0x52c/0x610
[ 1170.807030][    C1]  ? process_scheduled_works+0x945/0x1830
[ 1170.812753][    C1]  process_scheduled_works+0xa2c/0x1830
[ 1170.818303][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1170.824275][    C1]  ? assign_work+0x364/0x3d0
[ 1170.828854][    C1]  worker_thread+0x86d/0xd40
[ 1170.833432][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1170.839614][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1170.844627][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1170.849744][    C1]  kthread+0x2f0/0x390
[ 1170.853797][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1170.858901][    C1]  ? __pfx_kthread+0x10/0x10
[ 1170.863492][    C1]  ret_from_fork+0x4b/0x80
[ 1170.867908][    C1]  ? __pfx_kthread+0x10/0x10
[ 1170.872492][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1170.877256][    C1]  </TASK>
[ 1170.880531][    C1] Kernel Offset: disabled
[ 1170.884848][    C1] Rebooting in 86400 seconds..