last executing test programs:

3m30.044028722s ago: executing program 4 (id=34):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)

3m29.52965884s ago: executing program 4 (id=36):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000340), 0x0, 0x528, &(0x7f0000001280)="$eJzs3UFoZGcdAPD/vGQ26XbbpFqoitq1VldZdmaTraH0VBEUKQWxePKQxmQ2hEwyITOpTVxocvQuWPAg6sWzguCh0JMnEb3prZcqCFEXpREKjrw3M8kkmUnSzWRmN/P7wWO+731v3v/7dnjvm/3vzvsCGFrXI2I7Iq5ExOsRMdHcn2tu8XJjS4/74P69+b379+ZzUa+/9s9c1p7ui7b3pB5vnnM8Ir79jYjv5Y7HrW5uLc+Vy6X1Zr1YW1krVje3bi2tzC2WFkur09MzUzO3X7zTaN7+Wg/G+uzKr3a/vvTKd9757Wfe/9P2l3+Qdutas619HL3UGHp+P05qNCJeuYhgAzDSHM+VQXeEB5JExMci4rns+p+IkezTPJsOlzUA8Aio1yeiPtFeBwAuuyTLgeWSQjMXcC2SpFBo5PCejqtJuVKt3bxb2VhdaOTKJiOf3F0ql243c4WTkc+l9am30vJBfToO1+9ExFMR8aOxx7J6Yf7seQYAoLcePzL//2esMf8DAJfc+GkHzPanHwBA/5w6/wMAl475HwCGj/kfAIaP+R8Aho/5HwCGzXut+X9k0D0BAPriW6++mm71vebzrxfe2NxYrrxxa6FUXS6sbMwX5ivra4XFSmWxXCrM1+v/y54a1P185UplbeqF2HizWCtVa8Xq5tbsSmVjtTabPdd7tpTv49gAgM6eevbdv+QiYvulx7It2tZyMFfD5ZYMugPAwMj5w/DyFG4YXv6OD5y2lmfX/yL89gMEq7/1AG8Ceu3GJ+X/YVgd5P+t4A7DRv4fhpf8Pwyvej03tl88vjRwp/0AwCNOjh8457//d/wZwa/P2ScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB42F3Ltsm2epIUChFPRMRk5HN3l8ql2xHxZET8eSw/ltanBtpjAOD8kr/nmut/3Zh4/trR1iu5/2brA1+JiO//5LUfvzlXq61Ppfv/tb+/9nZz//Sht/6wf2MAAE7Smqdb83jLB/fvzbe2fvZn96uNxUXTuHvNrdEyGqPpyx/HIx8RV/+da9Sb0u8rIz2Iv70TEZ/oNP5clhuZbK58ejR+GvuJvsZPDsVPsrbGa/pn8fFjZx7rGvPwSGB4vZvef17udP0lcT17He+4+PF4doc6v9b9b+/Y/S+J0Q8bkUa63P+unzXGC7/75tF9rYzv7k7Ep0Y7xW/FG89idYr//Bnjv/fpzz7Xra3+s4gb0Tl+e6xibWWtWN3curW0MrdYWiytTk/PTM3cfvHOV6aLWY662MpUH/ePl24+2S3+7i8jrnaJP37K+L9w4qjr+zfgn3/4+nc/1y3+TsSXPt/583/6hPjpnPjFE+MfmLv6m67Ld6fxFxrj3/mon//NM8Z//69bC2c8FADog+rm1vJcuVxa72khHz0+YVshd0F9ftQKyS8iHoJutBV+/7eHohvdCun38fOe55lmyqzjMX/46TvPpI0DH2lPCgO+MQEX7uCiH3RPAAAAAAAAAAAAAACAbi7850TJoEcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAZfb/AAAA//8v2s3U")
openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x4)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000240)='./bus\x00', 0x1a7102, 0x63)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mknod$loop(&(0x7f0000000780)='./bus\x00', 0x1000, 0x1)

3m27.374915771s ago: executing program 4 (id=46):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)="711f664eb50cd5279c17da770c", 0xd}, 0x1, 0x0, 0x0, 0x805}, 0x240448c4)
recvmmsg(r2, &(0x7f0000002e40)=[{{0x0, 0xffffffffffffff22, 0x0, 0x0, 0x0, 0x3b}}], 0x40000000000019e, 0x142, 0x0)
recvmmsg(r2, &(0x7f00000023c0)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x40002120, 0x0)

3m26.960576028s ago: executing program 4 (id=50):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file1\x00', 0x1a00400, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,iocharset=default,anchor=00000000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c706172746974696f6e3d30303030303030303030303030303030303030322c756e64656c6574652c706172746974696f6e3d30303030303030303030303030303030303030312c756e686964652c001e066340c987db28915dbe6892bc3dce41ae76eaf528dc889820692d753009e30e567403a6c30e933de68a0a923eec1dccf226b58adb7d968bafe76628bceade8672fb893f87dc88", @ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRES8], 0x1, 0xc5a, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcVy9S+mYhXOqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeTEojUKpGhgNEXQI9O6QHLxocipJ6KFjaDogSkCBCgQMJjZt+KSIm3ZJCVK/nxs8js7897sezPrGZrgmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvv3Th5Km0xYYDD6AxAMB9cWnsKydPb3X/BwAeWVe2+/9/AAAAAAAAAAAAAABgv0hRxOORYvbSapqoXnfVL3YGbt0eHxndutqhVNU8UJUvv+qnTp85+4Xnhs/18mJn+j3q77ZPxStjVy40Xpy5OTvXnp9vTzbGpzvXZibb97yHndbf7Hh1ABo3X701ef36fOP0s2c2bL499O7gY0eHzg8/feKpXtnxkdHRsfUi9f7ytQ/dkK7tRngcjCJORIpnvvuT1IqIInZ+LOr399xvdqjqxPGqE+Mjo1VHpjqt6YVy4+XegSgiGn2Vmr1jtPW5iNrAfe3D9poRi2XzywYfL7s3Ntuaa12dajcut+YWOgudmenLqdvasj+NKOJciliKiJXBu3c3EEXUIsW3j6ymq/mpH9Vx+Hw1MHj7dhR72Md7ULazMRCxVDwE52wfG4wiXo4UP3vrWFzL15nqWvO5iJfL/H7EG2W+EJHKD8bZiHe2+BzxcKpFEX9Rnv/zq2myuh70risXv9r48vT1mb6yvevKB7w/3HWleED3h0Ob8v7Y59emehTRqq74q+nD/7ADAAAAAAAAAAAAAAAAwG47FEV8MlK89B9/XI0rjmpc+pHzw38w9Kv9Y8affJ/9lGWfjYjF4t7G5B7MAwMvp8spPeCxxB9l9SjiT/L4v2++T1mnCQAAAAAAAAAAAAAAAAAAYC8V8eNI8fzbx9JS9M8p3pm+0bjSujrVnRW2N/dvb870tbW1tUbqZjPnRM7FnEs5l3Ou5Iwi18/ZzDmRczHnUs7lnCs540Cun7OZcyLnYs6lnMs5V3JGLdfP2cw5kXMx51LO5ZwrOWOfzN0LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAoKaKIX0SKb319NUWKiGbERHRzefBBtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2mIr4XKRp/2LyzrhYRqfq361j57Ww0D5b58WgOl/lCNC/kbFVZa37zAbSfnRlIRfwoUgzW37xzwvP5H+i+uvMxiDe+sf7qU7VuHuhtHHp38LGjR84Pj37mye2W01YNOH6xM33rdmN8ZHR0rG91Lb/7x/vWDeX3LXan60TE/Guvv9qamvqbn0ZUC+25vObeF8qPwAev9TAupNpHpacWqoWo7YtmPJi+b1B/UBco9lR5/38nUvzu2//Zu+F37//1+JXuqzt3+Pj5n67f/5/fvKN7vP/XNtfL9//ynr7V/f/xvnXP559GBmoR9YWbswNHI+rzr71+onOzdaN9oz199uTJLw4Pf/HMyYGDEfXrnal239KuHC4AAAAAAAAAAAAAAACA+ycV8aVI0frRampExO1qvNbQ+eGnTzx1IA5U4602jNt+ZezKhcaLMzdn59rz8+3Jxvh059rMZPte365eDfcaHxndk868r0N73P5D9RdnZl+b69z4o4Uttx+uX7g6vzDXurb15jgURUSzf83xqsHjI6NVo6c6remq6uUtB9N/cAOpiP+KFNfONtJn87o8/n/zCP8N4/8XN+9oF8f/f+bw+vi/j/UVLd8zpSJ+Hil+5y+fjM9W7Twcdx2zXO7vIsXxc5/O5eJgWa7Xhu5zBbojA8uyP40U//SLjWV74yEfXy976gMd3IdAef6PRIrv/fl34jfzuo3Pf9j6/B/evKM9ev7DE33rDq8/r6A9N7/jrpPP/4lI8cLjb8ZvVWv+/z2f/9F79saxbuH153Ps0fn/9b51Q/l9f3u3Og8AAAAAAAAAAPAQG0hF/H2k+MFoLT2X193L3/9Nbt7RHv391yf61k1u+Pu/vVvY8UEFAAAAgH1iIBXx40hxY+HNO2OoN47/7hv/+Xvr4z9H0qat1e/5fq16bsBu/v6v31B+34mddxsAAAAAAAAAAAAAAAAAAAD2lZSKeC7Ppz5Rjeef3HY+9eVI8dL/PJPLpaNlud488EPV9/qlmekTF6amZuqx0Lo61W6Mzbautcu6T0SK1b/9dK77pWp+9d5889053tfnYp+LFKP/0CvbnYu9Nzf5E+tlT5VlPxYp/vsfN5bNU1PnuaOrsqfLsn8dKb72L72ya2vl1l7Zo+tlz5RlvxMpfvi1Rm+/h8v99p6P+on1ss9emyl2/6QAAAAAAAAAAAAAAAAAAADwkTOQivizSPG/N5fujOXP8/8P9L2svPGNvvn+N7ldzfM/VM3/v93yh5n/v3quwOJ27woAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+mFEW8HilmL62m5cHydVf9Ymf61u3xkdGtqx1KVc0DVfnyq37q9JmzX3hu+Fwv37v+bvtkvDJ25ULjxZmbs3Pt+fn2ZGN8unNtZrJ9z3vYaf3NjlcHoHHz1VuT16/PN04/e2bD5ttD7w4+dnTo/PDTJ55ajIiy7PjI6OhYX5nawId+97ukbdYfjCL+KlI8892fpB8MRhSx82PxPp+dvXao6sTxqhPjI6NVR6Y6remFcuPl3oEoIhp9lZq9Y5TP216eix1pRpSfl6Js8PGye2OzrbnW1al243JrbqGz0JmZvpy6rS3704gizqWIpYhYGbx7dwNRxKuR4ttHVtO/DkYc6B2Hz18a+8rJ09u3o9jDPt6Dsp2NgYil4iE4Z/vYYBTxz5HiZ28di38bjKhF9ys+F/Fymd+PeCO65zuVH4yzEe9s8Tni4VSLIv6vPP/nV9Nbg+X1oHddufjVxpenr8/0le1dVx76+8P9tM+vTfUo4ofVFX81/bv/rgEAAAAAAAAAAAAAAAD2kSJ+I1I8//axVI0PvjOmuDN9o3GldXWqO6yvN/avN2Z6bW1trZG62cw5kXMx51LO5ZwrOaPI9XM2y6yvrU3k14s5l3Iu51zJGQdy/ZzNnBM5F3Mu5VzOuZIzarl+zmbOiZyLOZdyLudcyRn7ZOweAAAAAAAAAAAAAAAAAADwaCmqf1J86+uraW2wO7/0RHRz2Xygj7xfBgAA//8XrPrB")
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

3m26.11302692s ago: executing program 4 (id=56):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfd, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3m24.919632178s ago: executing program 4 (id=58):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000017c0)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x8, 0x1, @local}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)

3m24.506151173s ago: executing program 32 (id=58):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000017c0)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x8, 0x1, @local}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)

3m15.928028089s ago: executing program 0 (id=99):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)

3m15.683202923s ago: executing program 0 (id=101):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

3m15.494759205s ago: executing program 0 (id=104):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x3, 0x0, "", {{}, [{{0x9, 0x5, 0x82, 0x2, 0x48, 0x1, 0x4, 0x5}}]}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
fanotify_init(0x200, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40008333}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
link(0x0, 0x0)

3m13.218734009s ago: executing program 0 (id=116):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
open(&(0x7f0000000040)='./bus\x00', 0x861c1, 0x91)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0xc1800, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x141842, 0x0)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r2, 0x0, 0x9)

3m12.44636364s ago: executing program 0 (id=119):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x9, 0x5}, 0x8)
socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$hidraw(&(0x7f0000002300), 0x243c2917, 0x14a042)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000380)={'lo\x00', &(0x7f0000000280)=@ethtool_drvinfo={0x3, "415aa54427757dac6136af5577288936123e80b3051aa70dedccdf2b5de73f4e", "b42d9e30fb8e99a1a6821859c9f1fca7aebfc1fe17ec23199310a4b7d083fafc", "f466f03831910438a18b0a09e5b02c35f067ba010000000000000058a73604a6", "e1947edd53440fbfa862c9dedbe4906f32593f52e4c20d64150e87a50b55baf6", "030013e7b3f51ec89057773ef6be4a4d906df0734ab09d12dfdfc3490b7f4fab", "29632b9dc45e8c07e424c304", 0x5, 0xfff, 0x4, 0x1, 0x4}})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)

3m11.892379998s ago: executing program 2 (id=121):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x80002, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x8, 0x10101, 0x7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r2}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=0x0, @ANYBLOB="022100000000000014000300766c616e30000000000000000000000008000a00", @ANYBLOB="14001680100001"], 0x50}}, 0x0)

3m11.78951554s ago: executing program 0 (id=122):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(r0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x100000e, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6c9ecbf09d6dd7be5a06dfd645630500c1a303434a36bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffdc0fb243c3111dda42112650cc", 0x0, 0x48)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffa000/0x3000)=nil, 0x3000})

3m11.217323338s ago: executing program 33 (id=122):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(r0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x100000e, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6c9ecbf09d6dd7be5a06dfd645630500c1a303434a36bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffdc0fb243c3111dda42112650cc", 0x0, 0x48)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffa000/0x3000)=nil, 0x3000})

3m11.184240699s ago: executing program 2 (id=125):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = dup(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x4002, 0x0)
close(r2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r3, &(0x7f0000006380)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

3m10.901422503s ago: executing program 2 (id=126):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

3m10.501528519s ago: executing program 2 (id=128):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f00000000c0)={[{@nojournal_checksum}, {@nodiscard}, {@quota}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32], 0x0, 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

3m9.467654694s ago: executing program 2 (id=131):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz0\x00', 0x1c})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000280)=""/44, 0x2c)
ioctl$KDMKTONE(r2, 0x4b30, 0x8000000000000001)

3m8.737227245s ago: executing program 2 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x7f, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e1850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

3m8.3338077s ago: executing program 34 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x7f, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e1850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

1m16.820013446s ago: executing program 3 (id=736):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f00000017c0)="a2", 0x1}], 0x1, 0xc)
close(r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r2, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r2, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="11", 0x1}], 0x1}}], 0x1, 0x4008440)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)

1m16.052842588s ago: executing program 3 (id=738):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f0000000080))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r0}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={0x0, r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r4, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0)

1m15.775304501s ago: executing program 3 (id=739):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r0=>0x0})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x2000000000000}, 0x700)
shutdown(r1, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x404}, 0x0)

1m15.100418001s ago: executing program 3 (id=747):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1001a, &(0x7f0000000280)={[{@quota}, {@nolazytime}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x1, 0x436, &(0x7f0000000e80)="$eJzs28tPXNUfAPDvvQP0QfuDX62P0qpoNRIfUGjVLtxoNHFjYqKLukSgDTItpmBiG6JojFvTxL1xaeLCtSvdGHVl4tY/wDRpDJtWV2PuzL3ADMNjcGCq8/kktz3nnjOc8+WeM3PuPUwAXWs4+yeJOBIRv0XEQC1bX2G49t+dlaWpP1eWppKoVN74I6nWu72yNFVULV7Xn2dG0oj0kyRONml34dr1uclyeeZqnh9bvPzu2MK168/MXp68NHNp5srE+fPnzo4//9zEs22JM+vT7aEP5k+dePWtG69NXbjx9k9fJ0X8DXG0yfBWhY9XKm1urrOOrksnPR3sCC0pRUR2uXqr838gSrF28QbilY872jlgT1UqlUr/5sXLFeA/LIlO9wDojOKDPrv/LY59WnrcFW69WLsByuK+kx+1kp5I8zq9Dfe37TQcEReW//oiO2JvnkMAANT5Llv/PN1s/ZfGfevq/S/fGxqMiP9HxLGIuCcijkfEvRHVuvdHxAMttt+4SbJx/ZPe3FVgO5St/17I97bq13/F6i8GS3nuaDX+3uTibHnmTHqwWjgSvQey/PgWbXz/8q+fbVa2fv2XHVn7xVow78fNngP1r5meXJzcfcT1bn0UMdTTLP5kdScgiYgTETG0yzZmn/zq1GZl28e/hTbsM1W+jHiidv2XoyH+QrL1/uTYwSjPnBmrjoqmbfz8y6evb9b+P4q/DbLrf7jp+F+NfzBZv1+70NrPP7BN+W7Hf1/yZjXdl597f3Jx8ep4RN9c/aConp/YmC/qZ/GPnG4+/4/F2m/iZERkg/jBiHgoIh7O+/5IRDwaEae3iPHHlx57Z/fx760s/umWrv9aoi8azzRPlOZ++Lau0cFW4s+u/7lqaiQ/s5P3v530q/XRDAAAAP9OaUQciST9ZjWdpqOjtb+XPx6H0/L8wuJTF+ffuzJd+47AYPSmxZOugXXPQ8fz2/oiP9GQP5s/N/68dKiaH52aL093Onjocv35/B9tmP+Z30ud7h2w53xfC7qX+Q/dy/yH7mX+Q/dqMv8PdaIfwP5r9vn/YQf6Aey/hvlv2w+6iPt/6F7mP3Qv8x+60sKh2P5L8hISGxKR3hXdkNijRKffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrj7wAAAP//AKHlGQ==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r1, 0xc, 0x1)
getdents64(r1, 0x0, 0x0)

1m13.83911446s ago: executing program 3 (id=754):
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000300)={0x1f, 0xffef, 0x3}, 0x6)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x1000000000000, 0x1000000000000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
fchdir(r0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x5, &(0x7f0000000440)=0x2, 0x4)
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
r4 = shmat(r3, &(0x7f0000fed000/0x3000)=nil, 0x400c)
shmdt(r4)

1m13.177120619s ago: executing program 3 (id=755):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mincore(&(0x7f00003b8000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/131)
mkdir(0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r2, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x40, 0x101)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))

1m12.521989149s ago: executing program 35 (id=755):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mincore(&(0x7f00003b8000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/131)
mkdir(0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r2, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x40, 0x101)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))

7.304903423s ago: executing program 1 (id=1151):
signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x4]}, 0x8, 0x80000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_FLAGS={0x8, 0x8, 0x702}]}, 0x34}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

6.995814398s ago: executing program 1 (id=1154):
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

6.054606211s ago: executing program 1 (id=1159):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

5.884021754s ago: executing program 5 (id=1161):
keyctl$session_to_parent(0x12)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f00000002c0)={'fscrypt:', @desc4}, &(0x7f0000000300)={0x0, "f7012bb95f73f81dbff7fd3c68cc0526f0f991ea303272ace7cc14b3b81960a158a9e3d089bc33ee2e81e34ff3577974e96c8068e33a8fda9ae8dd09abdfc38b", 0x39}, 0x48, 0xfffffffffffffffd)
add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000140)={0x0, "fa972048c82fe233ed4c8bec463d08546b2b6ba369f39119dc74bb11906593bc1e38332c53bb285556289de63914ea75188985613c42f8d8dd1e512654e470f6", 0x36}, 0x48, r2)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
fsmount(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
keyctl$session_to_parent(0x12)

5.726758007s ago: executing program 1 (id=1162):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r2, r0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x28b}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.672537707s ago: executing program 7 (id=1163):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x6, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r4}, 0xc)

5.638849108s ago: executing program 5 (id=1164):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4f3, &(0x7f00000012c0)="$eJzs3F1oXFUeAPD/nXz2a5vd7Xa33e5uut1lwxaTNq02D4JUFHxQECuojyFJS23aSJOCLVWmIPVRCr6Lj7764Kv6UsQnwdf6KEihSF/aCuLInbl3vjKTNJNkxpjfD27mnHtn7jnnnnvunHtO5gawbY2mf5JK+E5E7I2IQvMbRisvD+9fn3l0//pMFEulMz8m5Y89SOOZbDexK4uMFSIK7yW1DXUWr167MD0/P3c5i08sXXxrYvHqtSfOD2drpqaS/g4L1SK9tFwPDr67cOjAC2/cemmmuuc8tfpybJTRGG2VlbL/bnRiPbanLtxxvdF16fmfVtdAuf3vjb5YqfKKXcwZsNlKpVJpqP3mYqnZjWVrgC0rhnudA6A38i/69P43X1p1BAY3p/vRc/dOV26A0nI/zJaIf5VX5uMgA033txtpNCJeL/70UbrEJo1DAADU++J03hNs6v+NVGZGfr5y+5n09Q/ZHMpIRPwxIv4UEX+OiH0R8ZeI2B8Rf42IvzXtvy8iSiukP9oUr6ZfnYQq3N2goraU9v+ezua20qU291UNjfRlsT0ReYd57lh2TMZiYOjs+fm54yuk8eVz337Qblt9/y9d0jzkfcEsH3f7mwboZqeXpjsr7XL3bkQc7K+Vv9L/TfojkupMQBIRByLi4Br2O1IXPv//Tw5VIwON71u9/GWllvNoGzDPVPo44n+V+i9GtfzRMImYNMxPXpw+N3du7tLk1NTJE8dPPTX55MRwzM8dm0jPgmMt0/j6m5svt0t/1fJ/9n3zR54/9fmZrGWtX1r/O+vO/8jnb2vlH0kikup87eLa07j53ftt72k6Pf8Hk1fL4fy+9O3ppaXLxyMGkxeXr5+sfTaPp69RrJR/7Ejz+V9Ot3yNy4/E3yMiPYn/ERH/jModYpr3wxHx74g4skL5v3r2P292Xv7NlZZ/NhrLX6n5hvqvzde3CyTZ3GDDpsFIA30XDt951Obi8Xj1f7IcGsvWtL7+JQ2XiHY5zb/t0jW/rPvoAQAAwNZQiIjddWNJu6NQGB+vjAHti52F+YXFpaNnF65cmk23RYzEQCEf6aqMBw8k+fjnSF18sil+Ihs3/rBvRzk+PrMwP9vTkgO7ym0+KYxHvNZX1/5TP2zMEDPwW+b3WrB9rdT+0078/ltdzAzQVY///X/7nU3NCNB1de2/3S/8ix383xewBbj/B2pWf9CPawZsfSVtGba1NbX/ox4CCL8n/fFKNVzoaU6AbtP/h21p1d/1rytQGmq9aTiWvzmGV95hX3SWjR0t0upJIO1Z9ST1HZ18Kn+aQtv3RGFtOxyKxjWDHdbp2XUejeLlxXP7ayd//myRdR7nUva/8htdg592pZ22CnT9UgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALApfg0AAP//XhrXwA==")
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x3829410, 0x0)
r1 = open(&(0x7f0000000240)='./bus\x00', 0x187102, 0x1)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000003200)={[{@delalloc}, {@data_err_abort}, {@noload}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@data_writeback}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x10400, &(0x7f0000001bc0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303038303030342c757466382c696f636861727365743d63703835372c616c6c6f775f7574696d653d30303030343030303030303030303030303030303430312c7569643d707a8d5aeaca46500653ce26e6c9e1747111695a56add9f2c5e3c166b0b29917299bd9f783c746baad30874a1eb99c717e772c21354bf77f7f59b338a1cd592cc065a161b99ed975f831a9d4c2527b973e1607fedd07b3", @ANYRESHEX, @ANYBLOB=',sys_tz,gid=', @ANYRESHEX=0x0, @ANYBLOB=',utf8,errors=continue,fmask=00000000000000000000326,umask=01777777777777777777776,dmask=00000000000000000000001,gid=', @ANYRESHEX=0x0, @ANYBLOB=',rootcontext=unconfined_u,smackfshat=errors=continue,uid>', @ANYRESDEC=0x0, @ANYBLOB="2c7375626a5f757365723d2c6f626a5f747970653d002c7063723d30303030303030303030303030303030303031352c66736e616d653d2b405bb22c7b7d5d2c2e2c7065726d69745f646972656374696f2c736d61636b66736861743d5c2c726f6f74636f6e746578743d757365725f752c00"], 0x1, 0x1517, &(0x7f0000000680)="$eJzs3Au8TtXWMPAx5pxLm6QnyX2OORZPcpkkSS4JuSRJkiS5JSRJkoTkllsSkpB7yD0kt5Dc7/d7khxJkoSEJPP7qc5xztc5X73vOd/rPWeP/+83955jrzXmM9Yz9n6etdZv7/112wEVa1cqV5OZ4Z+Cv3zqAgApANAbAK4FgAgAimYsmvHS9rQau/xzDyL+tR6acqUrEFeS9D91k/6nbtL/1E36n7pJ/1M36X/qJv3/z5P2v7Cv9F+I1GzL1GzX/TxC5+v+MpeRasYfv//v/t+b5f7/vyF5//+P9Yd+0qT/qZv0P3WT/qdu0v/UAv/uGYH0P3WT/qdu0v/UTfovRGp2pe8//xuMPz9VV7qO3xnRfyvvyn73CSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYRILc6FywwA/Hl+pesSQgghhBBCCCHEv0646kpXIIQQQgghhBBCiP//EMBoMNGf47SQDq6G9HANZIBrIQHXQUa4HjLBDZAZskBWyAbZIQfkBAsEDhhiyAW5IQk3Qh64CfJCPsgPBcBDQSgEN0NhuAWKwK1QFGYtALgdikMJKAml4A4oDXdCGSgL5eAuKA8VoCJUgruhMtwDVeBeqAr3QTW4H6rDA1ADHoSa8BDUgoehNjwCdeBRqAv1oD40gIb/rfwXoSO8BJ2gM3SBrtANXobu0AN6Qi/oDa9AH3gV+sJr0A/6wwB4HQbCGzAI3oTBMASGwlswDIbDCBgJo2A0jIG3YSyMg/HwDkyAiTAJJsMUmArT4F2YDjNgJrwHs+B9mA1zYC7Mg/nwASyAhbAIPoTF8BEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO2Am7YHfZPfAx7IVPYB98Cvvhs/9i/ln42/x2CAioUKFBg2kwDaZgCqbDdJge02MGzIAJTGBGzIiZMBNmxsyYFbNidsyOOTEnEhIyMubCXJjEJObBPJgX82J+zI8ePRbCQlgYb8EiWASLYlEshsWwOJbAElgKS2FpLI1lsAyWu30OAJbHilgR78a78R6sglWwKlbFalgNq2N1rIE1sCbWxFpYC2tjbayDdbAu1sX6WB8bYkNshI2wMTbGptgUm2EzbI7NsQW2wJbYElthK2yNrbENtsG22BbbYXtsjy/ii/gSvoSdsbzqit2wG3bH7tgTe2EvfAX74Kv4Kr6G/bA/DsDX8XV8AwfhGRyMQ3AoDsXSajiOwJHIajSOwTE4FsfieByPE3AiTsTJOAWn4jSchtNxBs7A93AWvo/v4xycg/NwPs7HBbgQF+EiXIxncQkuxWW4HFfgSlyBq3ENrsZ1uB7X4UbciJtxM27Frbgdt+NO3Im7cTd+jB/jJ/gJ9sP9uB8P4AE8iAfxEB7Cw3gYj+CRrVcD4DE8hsfxOJ7Ak3gKT+JpPI1n8Cyew3N4Hs/jBXw++5e1dudb2w/UJUYZlUalUSkqRaVT6VR6lV5lUBlUQiVURpVRZVKZVGaVWWVVWVV2lV3lVDkVKVKsYpVL5VJJlVR5VB6VV+VV+VV+5ZVXhVQhVVgVVkVUEVVU3aaKqdtVcVVCNfGlVClVWjX1ZVRZVU6VU+VVBVVRVVKVVGVVWVVRVVRVVVVVU9VUdfWAqqG6Yk98SF3qTG3VH+uoAVhX1VP1VQP1Bj6mGqlB2Fg1UU3VE2oIDsbmqpFvoZ5WLdUIbKWeVSPxOdVGjca26gXVTrVXHdSLqqNq7AN2VhOwq+qmJmN31UP1VL3UdKygLnWsonpN9VP91QD1upqHb6hB6k01WA1RQ9VbapgarkaokWqUGq3GqLfVWDVOjVfvqAlqopqkJqspaqqapt5V09UMNVO9p2ap99VsNUfNVfPUfPWBWqAWqkXqQ7VYfaSWqKVqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapvarnaonWqX2q32qI/VXvWJ2qc+VfvVZ+qA+pM6qD5Xh9QX6rD6Uh1RX6mj6mt1TH2jjqvO6oQ6qU6p79Rp9b06o86qc+oHdV79qC6on9RFFRRo1EprbXSk0+irdIpOq9Ppq3V6fY3OoK/VCX2dzqiv15n0DTqzzqKz6mw6u86hc2qrSTvNOta5dG6d1DfqPPomnVfn0/l1Ae11QV1I36wL61t0EX2rLqpv08X07bq4LqFL6lL6Dl1a36nL6LK6nL5Ll9cVdEVdSd+tK+t7dBV9r66q79PV9P26un5A19AP6pr6IV1LP6xr60d0Hf2orqvr6fq6gW6oH9ON9OO6sW6im+ondDP9pG6un9It9NO6pX5Gt9LP6tb6Od1GP6/b6hd0O91ed9A/6Ys66E66s+6iu+pu+mXdXffQPXUv3Vu/ovvoV3Vf/Zrup/vrAfp1PVC/oQfpN/VgPUQP1W/pYXq4HqFH6lF6tB6j39Zj9Tg9Xr+jJ+iJepKerKfoqbrnryvN/AP54/5Oft+fH32z3qK36m16u96hd+pderfeo/fovXqv3qf36f16vz6gD+iD+qA+pA/pw/qwPqKP6KP6qD6mj+nj+rg+oU/qH/R3+rT+Xp/RZ/VZ/YM+r8/rC78+B2DQKKONMZFJY64yKSatSWeuNunNNSaDudYkzHUmo7neZDI3mMwmi8lqspnsJofJaawh4wyb2OQyuU3S3GjymJtMXpPP5DcFjDcFTSFz8z+d/w/qWz7pl5MV09A0NI1MI9PYNDZNTVPTzDQzzU1z08K0MC1NS9PKtDKtTWvTxrQxbU1b0860Mx1MB9PRdDSdEEwX08V0My+b7qaH6Wl6md7mFdPH9DF9TV/Tz/QzA8wAM9AMNIPMIDPYDDYGAIaZYWaEGWFGmVFmjBljxpqxZrwZbyaYCWaSmWSmmClmmplmppvpZqaZaWaZWWa2mW3mmrlmvplvFpgFZpFZZBabxWaJWWqWmuVmuVlpVprVZrVZa9aa9Wa92Wg2miVmi9litpltZofZYXaZXWaP2WP2mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+aEOWFOmVPmtDltzpgz5pw5Z86b8+aCuWAumosGIohUpCITmShNlCZKiVKidFG6KH2UPsoQZYgSUSLKGGWMMkU3RJmjLFHWKFuUPcoR5YxsRJGLOIqjXFHuKBndGOWJboryRvmi/FGByEcFo0LRzVHh6JaoSHRrVDS6LSoW3R4Vj0pEJaNS0R1R6ejOqExUNioX3RWVjypEFaNK0d1R5eieqEp0b1Q1ui+qFt0fVY8eiGpED0Y1o4eiWtHDUe3okahO9GhUN6oX1Y8aRA3/peuHcCbL476T7Wyvgq62m33Zdrc9bE/by/a2r9g+9lXb175m+9n+doB93Q60b9hB9k072A6xQ+1bdpgdbkfYkXaUHW3H2LftWDvOjrfv2Al2op1kJ9spdqqdZt+10+0MO9O+Z2fZ9+1sO8fOtfPsfPuBXWAX2kX2Q7vYfmSX2KV2mV1uV9iVdpVdbdfYtXadXW832I12k91st9itdpvdbnfYnXaX3W332I/tXvuJ3Wc/tfvtZ/aATfn1fP4Le9h+aY/Yr+xR+7U9Zr+xx+239oQ9aU/Z7+xp+709Y8/ac/YHe97+aC/Yn+xFGy6d3F96eydDhtJQGkqhFEpH6Sg9pacMlIESlKCMlJEyUSbKTJkpK2Wl7JSdclJOuoSJKRfloiQlKQ/lobyUl/JTfvLkqRAVosJUmIpQESpKRakYFaPiVJxKUkm6g+6gO+lOKktl6S66iypQBapElagyVaYqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapP9akhNaRG1IgaU2NqSk2pGTWj5tScWlALakktqRW1otbUmtpQG2pLbakdtaMO1IE6UkfqRJ2oC3WhbtSNulN36kk9qTf1pj7Uh/pSX+pH/WgADaCBNJAG0SAaTENoKL1Fw2g4jaCRNIpG0xgaQ2NpLI2n8TSBJtAkmkRTaApNo2k0nabTTJpJs2gWzabZNJfm0nyaTwtoAS2iRbSYFtMSWkLLaBmtoBW0ilbRGlpD62gdbaANtIk20RbaQttoG+2gHbSLdtEe2kN7aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkGn6BSdptN0hs7QOTpH5+lHukA/0UUKlOLSunTuapfeXeMyuGvd/x1nddlcdpfD5XTWZXZZ/iYm51xel8/ldwWcdwVdIXfzb+LiroQr6Uq5O1xpd6cr85u48podv/wiurvPVXJ3u8ruHlfF3euquvtcNXe/q+4ecTXco66mq+dquQautnvE1XGPurqunqvvGrhm7knX3D3lWrinXUv3zG/iBW6hW+PWunVuvdvrPnHn3A/uqPvanXc/uk6us+vtXnF93Kuur3vN9XP9fxMPdW+5YW64G+FGulFu9G/iSW6ym+KmumnuXTfdzfhNPN994Ga5RW62m+Pmunk/x5dqWuQ+dIvdR26JW+qWueVuhVvpVrnVf6l1udvoNrnNbo/72G1z290Ot9Ptcrt/ji8dxz73qdvvPnNH3FfuoPvcHXLH3GH35c/xpeM75r5xx9237oQ76U6579xp9707487+fPyXjv0795O76IIDRlas2XDEafgqTuG0nI6v5vR8DWfgaznB13FGvp4z8Q2cmbNwVs7G2TkH52TLxI6ZY87FuTnJN3Ievonzcj7OzwXYc0EuxDdzYb6Fi/CtXJRv42J8OxfnElySS/EdXJrv5DJclsvxXVyeK3BFrsR3c2W+h6vwvVyV7+NqfD9X5we4Bj/INfkhrsUPc21+hOvwo1yX63F9bsAN+TFuxI9zY27CTfkJbsZP/vJyWBi4JT/DrfhZbs3PcRt+ntvyC9yO23MHfpE78kvciTtzF+7K3fhl7s49uCf34t78CvfhV7kvv8b9uD8P4Nd5IL/Bg/hNHsxDeCi/xcN4OI/gkTyKR/MYfpvH8jgez+/wBJ7Ik3gyT+GpPI3f5ek8g2fyezyL3+fZPIfn8jyezx/wAl7Ii/hDXswf8RJeyst4Oa/glbyKV/MaXsvreD1v4I28iTfzFt7K23g7I+/kXbyb9/DHvJc/4X38Ke/nz/gA/4kP8ud8iL/gw5zm1/eCr/kYf8PH+Vs+wSf5FH/Hp/l7PsNn+Rz/wOf5R77AP/FFDgwxxirWsYmjOE18VZwSp43TxVfH6eNr4gzxtXEivi7OGF8fZ4pviDPHWeKscbY4e5wjzhnbmGIXcxzHueLccTK+Mc4T3xTnjfPF+eMCsY8LxoXim+PC8S1xkfjWuGh8W1wsvj0uHpeIH7mvVHxHXDq+My4Tl43LxXfF5eMKccW4Unx3XDm+J64S3xtXje+Li8T3x9XjB+Ia8YNxzfihuFb8cFw7fiSuEz8a143rxfXjBnHD+LG4Ufx43DhuEjeNn4ibxU/GzeOn4hbx03HL+Jnf3d4l7hp3i1+OX45DuFfPTc5Lzk9+kFyQXJhclPwwuTj5UXJJcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzMoRKV4FHr7z2xkc+jb/Kp/i0Pp2/2qf31/gM/lqf8Nf5jP56n8nf4DP7LD6rz+az+xw+p7eevPPsY5/L5/ZJf6PP42/yeX0+n98X8N4X9IV8A9/QN/SN/OO+sW/im/on/BP+Sf+kf8o/5Z/2Lf0zvpV/1rf2z/k2/nn/vH/Bt/PtfQf/ou/oX/KdfGffxXfx3Xw339139z19T9/b9/Z9fB/f1/f1/Xw/P8AP8AP9QD/ID/KD/WA/1A/1w/wwP8KP8KP8KD/Gj/Fj/Vg/3o/3E/wEP8lP8lP8FD/NT/PT/XQ/08/0s/LO8rP9bD/Xz/Xz/Xy/wC/wi/wiv9gv9kv8Er/ML/Mr/Aq/yq/ya/wav86v8xv8Br/Jb/Jb/Ba/zW/zO/wOv8vv8nv8Hr/X7/X7/D6/3+/3B/yBc8Ef9If8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5iz74MYm3E2MT4xLjE+8kJiQmJiYlJiemJKYmpiXeTUxPzEjMTLyXmJV4PzE7MScxNzEvMT/xQWJBYmFiUeLDxOLER4kliaWJZYnliRWJlYkQcmyLQ66QOyTDjSFPuCnkDflC/lAg+FAwFAo3h8LhllAk3BqKhttCsXB7KB5KhJLh0VA31Av1Q4PQMDwWGoXHQ+PQJDQNT4Rm4cnQPDwVWoSnQ8vwTGgVng2tw3OhTXg+tA0vhHahfegQXgwdw0uhU9ChS+gauoWXQ/fQI/QMvULv8EroE14NfcNroV/oHwaE18PA8EYYFN4Mg8OQMDS8FYaF4WFEGBlGhdFhTHg7jA3jwvjwTpgQJoZJYXKYEqaGaeHdMD3MCDPDe2FWeD/MDnPC3DAvzA8fhAVhYVgUPgyLw0dhSVgaloXlAVJWhlVhdVgT1oZ1YX3YEDaGTWFz2BK2hm1he9gRdoZdYXfYEz4Oe8MnYV/4NOwPn4UD4U/hYPg8HApfhMPhy3AkfBWOhq/DsfBNOB6+DSfCyXAqfBdOh+/DmXA2nAs/hPPhx3Ah/BQuyt+sCSGEEEL8IeN+Z3vXv4nUXz6qX7/SDQCu2Z7t8F/vpQFgQ+Zf5j1U9mYJAHi6c9uH/jzKl+/Spcuv+y7REOWeAwCJy/k/X63+Gi+FpvAktIAmUPjv1tdDtT/Pv7N+8jaAdH+VkwKX48vr3/IP1h8+63fXnwOQN/flnLRwOb68fpHfrB39vH6WRr+zftrPxwA0/qu89HA5vrx+IXgcnoEWf7OnEEIIIYQQQgjxix6qZOvfu769dH2e3VzOuQoux793fS6EEEIIIYQQQogr77m0ANCiRZPWz7Xv8NRjv52U/cebZJJaJmn+d5Txbz8B+F9Rxh+bXOlXJiGEEEIIIcS/2uWT/itdiRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkXr9T/w7sSt9jEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcSV9n8CAAD//7wcLDM=")
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0)

5.593076388s ago: executing program 1 (id=1165):
socket(0x23, 0x4, 0xfff)
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55a"], 0x4, 0x259, &(0x7f0000000680)="$eJzs3cFLVGsUAPBzdUSf8BgXD+RJ0I32gxrtlVCQBopkFrVKUikcExKEWqitWrdqU/9CbYK2QYto2z8QQVjQRlu5CCZ01NHxTio1M5G/32YO851zv+/eucw3s5gzN8/Mz00vLM5ubKxFT0/SlRuJlwObSfRFR3RG1WoAAH+TzUol1itV7V4LANAa9n8AOH1q+39yaP9PVvc+E1xt/coAgGbx/R8ATp/J6zcujxaLY9fW056I+UdLpaVS9bE6Pjobd6IcMzEY+fgeUdlTjZ9MFMcG0y2f+6I0v7JTv7JU6jxYPxT56DtcPz5RHBtKqw7Wd0XvTv2H3piJ4cjHf9n1w1n1XRFxft/8hcjH+1uxEOWYjq3aWv3yUJpeulKsm797Ow8AAAAAAAAAAAAAAAAAAAAAAJqh0LHdOqfSnaaZ/XsKhXRX3Xi1fn9/oH8y+gON7/UHqu/vk4uBXHvPHQAAAAAAAAAAAAAAAAAAAP4Ui/cfzE2VyzP3fhbcfff8zVE5xwySnXkzc7oj4tenOGbw77lPTxvnPDzJ9fm9weuzLZ5067KftOrt2u3/Lyz2X2yUE7mmrbnjiBcll3U6X/NNu7Ve7AYj345MfjzZqju8s/6Z/mcjU6+WP3457nHa+KYEAAAAAAAAAAAAAAAAAACnVO1Hv+1eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0T+3//xsESTQc2h8kkWwfL2Notd3nCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAP//2U2ffQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x10002, 0x176)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
io_uring_setup(0x3eae, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x2184c2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc1}})

5.306430692s ago: executing program 7 (id=1168):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x3b, 0x9c}, [@call={0x25, 0x0, 0x0, 0x98000000}], {0x95, 0x0, 0xd00}}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd5, 0xb7, 0xeb, 0x20, 0xa5c, 0x2033, 0x392b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0x0, 0x2f, 0x38, 0xa6}}]}}]}}, 0x0)

5.284663103s ago: executing program 1 (id=1170):
fsopen(&(0x7f0000000200)='iso9660\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000010c0)={0x8, "99bdb1b0c7251b0894d3f0230a74bd856e3c10db57c3f7484d9ed4190dbc00f3"})
madvise(&(0x7f000003e000/0x3000)=nil, 0x3000, 0x14)

4.994437267s ago: executing program 6 (id=1171):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = epoll_create(0x3d325564)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000200)={0x2003})
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000001300)=[{r2, 0x1114}, {r1, 0x14}], 0x2, 0x0, 0x0, 0x0)
close(r0)

4.994282877s ago: executing program 5 (id=1172):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x3}}, 0x10)
bind$tipc(r1, &(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0xfffffffe}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

4.240359108s ago: executing program 5 (id=1173):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00b96fa236bfd596c74e808dd7b85a97c6ab3f6173849702311b635ac7a4e02bb352424c"], 0x1, 0x46f, &(0x7f00000009c0)="$eJzs299PW2Ucx/HPc2i7M0a0MIZuWUwTE0cwAgUZbKgJDjHGDeZY8cYsYVCwrlBCwcCyKLf7A3alN14sMV4si//DovEP0LhkXuj0xpvezSs153BOz2npBlra0u39SqCnp9+e85znx3m+T9MKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIb78z1p80jS4FAACop8npS/0DzP8AADxTLrP+BwAAeJYYWfpNRu/PFMwF9/k2+3xmeX0jNT5R+W2HjfvOFjfe+bOTA4OvD50eHvEfn/z+/XZcU9OXxxLncksrq+l8Pj2fSC1n5nLz6T0fodr3l+txKyCxdG19fmEhnxjoHSx5eSP+x6EjXfHR0zOppB+bGp+YmA7FRKL/++w7PC7Dj8nSmzLqs++YSUmWqq+LXfpOrR12L6LHvYjU+IR7IdnM7PKa86LxK8IqrZOYX0d1aIuqWJJTLhPbnzVbVJZekdEPnQUzJanFr4dX3Q+G91SeRog4S1dJ3WqCNjvADsnSFRnd64vrolevbvvHpBuNLhxqLiJLd2R06q2C+cC9Hzjjybltnp9JvLe8kAvFGuONqGafH+rpgN+bbFmadEd8wVxqdGFQd06ylJZRavRTN6+Qm5c+Pzp8oufDcIbxwi7HcWJ7vcG1lzk5GkodTINyCEi2sfRQRo9+tt3n3f4cIG3909iioR6Mpfsyyq0X3KVReF3aElrfFzX73F/b8h+2z+VWNlczix+vVXy91R67ml9bnZ2r/PL22rXkdrjbOrZKUWPpCxl99e7XxfN6a4BIeeztN4Ky2d75i8Vw+81z259n+HPI8YHO8HbFIv+H/Mj2zttS3SUjxHj3/4UrL3pr/1bt6INe3DEZfXTrpBdnxZwgv5PE3f/2Qiab7ndi/5ZRx/d+rPsxk3Nk19EgNunErsro5r3S2CNebGcQO+DE/iSjBz9Wjj0WxA46sRsyyj9I+LGtTuxLXmxXENs7l8vO16yCDzhn/H8no0/6EsZvy9LxH4y22zeC8b5VfqDHjPlqx388tG/L64e/e/01skt/vSmjzT9P+tfj9hX/ttLu/g/6a1ZG394qjfUXih1BbHLPFdsknPaPyKh96G6xbrw68J4GrRZu/xPlvaNG7d8e2hf3zhvbn0uHpPzm9Wuz2Wx6lQ022GCjuNHoOxPqwZn//5LRrz33i/mON/+3bT8L8r9HnwXz/9nyA9Vo/u8I7TvrZSPRiGSvLa1EuyQ7v3n9tczS7GJ6Mb08PDhyZmjwTHIkGvNzu2Cr6qp6KjntPyuj1NQ3xfVZaf5XOf9vLT9Qjdr/aGhfa0m+UvWlw2v/hIw2Ht4trqOflP/766zul7cfi+OzRu3fGdoX987btj+XDgAAAAAAAAAAAAAAAABNLWos/SKji1cjxv9t1F6+/7fjB1M1+v5XV2jffJ1+r1B1pQIAAAAAAAAAADSQJUtfyuiUCuZzZ0ebdCH8iKfavwEAAP//M8EfQQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)
sync()

4.027674692s ago: executing program 8 (id=1175):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000640)=[0x0, 0x0], 0x42af})

4.027029352s ago: executing program 6 (id=1176):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x80004}, 0x1c)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a04000800ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

3.897257143s ago: executing program 6 (id=1177):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x20000000})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
dup3(r3, r4, 0x0)

3.032822436s ago: executing program 8 (id=1178):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000006200)='./bus\x00', &(0x7f0000000000), 0x4002, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
chown(&(0x7f0000000140)='./file0\x00', 0xee01, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

2.971995837s ago: executing program 6 (id=1179):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

2.971613647s ago: executing program 7 (id=1180):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@ra={0x94, 0x4, 0x1}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0)
syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0)

2.866899158s ago: executing program 5 (id=1181):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000009f62920781d8d00", @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48)
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f0000000100)=0x5, 0x4)
listen(r0, 0xfffffffe)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f00000002c0)={0x84, @loopback, 0x4e20, 0x0, 'fo\x00', 0x2a, 0x7ffc, 0x43}, 0x2c)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b06, 0x0)
close(0xffffffffffffffff)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

2.798250419s ago: executing program 7 (id=1182):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = getpid()
lchown(&(0x7f0000000500)='./file0\x00', 0x0, 0x0)
lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='user.incfs.id\x00')
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

2.797309559s ago: executing program 8 (id=1183):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil)

1.646294016s ago: executing program 8 (id=1184):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x4, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r3}, 0x38)

1.529310538s ago: executing program 7 (id=1185):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})

596.461681ms ago: executing program 8 (id=1186):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f00000002c0), &(0x7f0000000200)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x7, &(0x7f0000000100)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_timeval(r4, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r2, 0x2, &(0x7f00000004c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r4, &(0x7f0000000140)="01", 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x8, 0x1, r3, 0x0, 0x0, 0x7}])
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @desc2}})

347.578155ms ago: executing program 5 (id=1187):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
unshare(0xc020680)
syz_clone3(&(0x7f0000000240)={0x42000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127b, &(0x7f00000011c0)="$eJzs3c1rI2UcB/Bf2vR17Yu6ru6C+KAXRYjbHjx5KbILYkGpdkEFYdamGpompQmFiNh68iT4Z4h69CaI/0AvXjwLgkgvHvcgjqTJrk2Tdt3tm8jnc5mHZ57v88x0mIEp8yN7r3y5vrbaKK1mzRgqFKK4MRLFOylSDMVwdOzEC7d+/uXpt9559/WFxcUbSyndXHh77uWU0vQzP7z3ybfP/ti8dOu76e/HYnf2/b0/5n/dvbJ7de+vb6LSSJVGqtWbKUu36/VmdrtaTiuVxloppTer5axRTpVao7zZs3+1Wt/YaKWstjI1ubFZbjRSVmultXIrNQupudlK2YdZpZZKpVKamgxOYvnrO3meR+T5SIxGnuf5REzGpXgkpmI6ZmI2Ho3H4vG4HE/ElXgyhiL2R130cQMAAAAAAAAAAAAAAAAAAMD/y33q/wu99f9PxVX1/wAAAAAAAAAAAAAAAAAAAHDqDtf/FyPu1f8XihHq/wEAAAAAAAAAAAAAAAAAAODs3ef3/w/V/7+o/h8AAAAAAAAAAAAAAAAAAADOwnhns5TSeMT651vLW8udbad/YTUqUY1yXI+Z+DP2q/87Ou2bry3euJ72zcZL69vd/PbW8nBvfm5kJmYLA/NznXzqzY/F5MH8fMzE5cHrzw/Mj8fzz7Xzn3XypZiJnz6IelRjJaLQPfv9/KdzKb36xuJEb/5ae9yRhs/4sgAAAMBpKqV7+t/fd7qDBu7v7Oq+n6fuyMIx/x849H5ejGvFizpr7mq0Pl7LqtXy5kM2Ro+eZ/RkM/c1ChGRxcGe6cnfltqLn9oSD9sYPtdFR44fc4JrGsX/wB9zYGPogVK/f3WgZzzO+VC7t0RWbT8//10qdvL8pKsPHbfWwJtx7LgJj35mtG/E7XN4NnH2/rnoF30kAAAAAAAAAAAAPIiBX/9NRETf94Af9fXc/Ty8N94/89Grf3EOZwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+CgAA////TtAs")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r1, 0x2007ff3)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r2, &(0x7f0000005f40)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x80000001, @mcast1, 0x6}, 0x1c, 0x0}}, {{&(0x7f0000000480)={0xa, 0x4e22, 0xffffffff, @loopback={0x97}, 0x7}, 0x1c, 0x0}}], 0x2, 0x4040845)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000440)=0x4)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000400)={0x2, 0x0, 0x1, 0x1b, 0x170, &(0x7f0000000000)="cc28c9544f6a7cafd95200fd7ba20f2a57c25ac9a992cfd42b8190c81c3f1ee5e06d74c31daa2365f7f9decec23f0326898f61cd700187a4674f7bc110751879ef43b02bd59d81e2f41410946a8bb7ec30d7e36247b635b91e90d8936f8cbe20474a74d4dc4181ec3448ac0ddeb79b3e8e6598e8b353f6d34ac55faed55edb952ea0cff638d65c38a923aa666a89496c5814eb38f24709b58fdd0ccf8cda3ff1dcbf0e2e619bec3dfd1f5732fc254c330dbcb38d44f4aef96a70f6b07e643d2ec830762c9379a98cc3f2bd4068dfa757f5ebc65edce9043d75d8c8d5fe9b4ff2aa2056d001b28cf3845e19d2999730f81ac282677100537b3c786317752ca3256c97ce2b96f1e13228f4d5bbc238b425a6b98d0194f19121d3eb89fcf73b2671e616db27caaa9de2056400c92b980b668549b9a03660bc4368b4766c4144f12525bd483b90a6a3d2b769b075e3816a09ab98850be6d322fa7664435f0dca1b90e6f030ff19c30da9f121821e72a52b241ef74e245daa15a624facf5bcb5416c8be2b7bc7a04bd888fffeb3f3742584b7306c349785c6eabb8af8c375c00158b00c06831757a2d3a1f5e86bcb99f6d8cdcc308ac3f89eb2bd17bf62b18acdaad70c6eae8c0ffd556d86abaad53e6fc0b7fdf821ccd60539ffa51aa26208ba6e6c4f76d1cb6c4396bbd83b5477ce37c966a9112a9d3dc3c29e6a7b95e31f61f5ef2503e5a6fe5157242e8a26a8e64f846df508ba6597977c891d9035656a5e6e8d4dd96db5b27f45fee851c3f37762ef042a7a39fca5bad5530f7c3bafd4cafebafefecac349a98478aeae1242bb5384cded2991c6ca195090d02dbc8cdc6df0373174ecd5766283fc4d7661bf011df5725241bada91e897382b82ea9e5d918b0b9293ba6bcf810f0ca002c8929bcf7a9f571ff8ecc828ef3fd77bbfc3698c9f74fbe098093406a8decf9a8c2d0077ed8987ef69cace8d5bf231cd7bda5758161f17410466057a8be706c3cc4068260b383ca45761df05d1a032e6597f331a05ee57ccee5aa3323de22250810dec5127c6803aaec31275f82698e50be1520d29a626b7408c392900bfbdc1ae91096b9502acd9902a9bad4ac194243ba50c247d4c9d6b354ede40233f7bdad19e4412b5647813374a9fb6bdbad6b027c18fc6559a25804a3aaf31ad59b2284fd54605c3197d81663bc49d25c1f011c6886e5f79f064bb5527b8ab4b7885a5e87ec4909296f0bf7681c7078457e7d67258fb278edc892d6884842fcb9d9c2b4b153768f810544b33f0cb8bc478c1166f0ad68cf49f5da05a89926bfaa6a988f0a345d3964a0c80ec7fdd57001e4213fa9af81b08d37ab8ef828ddb364c13b4ebee80827c3516656661101b20afe1d61f97957eeeca64b86bf8adb88ed09ee5d9cea5b8d1355b8b6373208deec8dbe5c5420e450233"})

232.892877ms ago: executing program 6 (id=1188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0)

206.846287ms ago: executing program 8 (id=1189):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000040))
close(r1)
r2 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000000c0)='\x00', &(0x7f00000004c0)='!', 0x1)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/161, 0xd8}], 0x1)
tkill(r2, 0xb)

180.38µs ago: executing program 6 (id=1190):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x3b, 0x9c}, [@call={0x25, 0x0, 0x0, 0x98000000}], {0x95, 0x0, 0xd00}}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd5, 0xb7, 0xeb, 0x20, 0xa5c, 0x2033, 0x392b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0x0, 0x2f, 0x38, 0xa6}}]}}]}}, 0x0)

0s ago: executing program 7 (id=1191):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1c000000}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1000000}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

kernel console output (not intermixed with test programs):

loop0): using sha256 (sha256-avx2) checksum algorithm
[  109.974457][ T4412] device bridge_slave_0 left promiscuous mode
[  109.991194][ T4412] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.995700][ T4608] BTRFS info (device loop0): force clearing of disk cache
[  110.029012][ T4608] BTRFS info (device loop0): force zlib compression, level 3
[  110.053516][ T4608] BTRFS info (device loop0): enabling auto defrag
[  110.077791][ T4608] BTRFS info (device loop0): max_inline at 0
[  110.107643][ T4608] BTRFS info (device loop0): enabling disk space caching
[  110.119150][ T4412] device veth1_macvtap left promiscuous mode
[  110.130849][ T4608] BTRFS info (device loop0): disk space caching is enabled
[  110.151226][ T4412] device veth0_macvtap left promiscuous mode
[  110.168098][ T4412] device veth1_vlan left promiscuous mode
[  110.188573][ T4412] device veth0_vlan left promiscuous mode
[  110.377963][ T4608] BTRFS info (device loop0): enabling ssd optimizations
[  110.399309][ T4608] BTRFS info (device loop0): rebuilding free space tree
[  110.611483][ T4608] BTRFS info (device loop0): disabling free space tree
[  110.629553][ T4608] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  110.656672][ T4608] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  111.305341][ T4254] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  111.346272][ T4412] team0 (unregistering): Port device team_slave_1 removed
[  111.405218][ T4412] team0 (unregistering): Port device team_slave_0 removed
[  111.480903][ T4412] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.615330][ T4257] Bluetooth: hci1: command 0x041b tx timeout
[  111.742902][ T4412] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.291159][ T4412] bond0 (unregistering): Released all slaves
[  113.469289][ T4644] netlink: 'syz.1.82': attribute type 1 has an invalid length.
[  113.489788][ T4647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.82'.
[  113.621778][ T4572] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.638811][ T4572] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.670640][ T4572] device bridge_slave_0 entered promiscuous mode
[  113.690919][ T4257] Bluetooth: hci1: command 0x040f tx timeout
[  113.704312][ T4572] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.742457][ T4572] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.783970][ T4572] device bridge_slave_1 entered promiscuous mode
[  113.925645][ T4572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.968122][ T4572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.062000][ T4572] team0: Port device team_slave_0 added
[  114.102298][ T4572] team0: Port device team_slave_1 added
[  114.177540][ T4688] loop0: detected capacity change from 0 to 128
[  114.222168][ T4572] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.235999][ T4688] FAT-fs (loop0): Invalid FSINFO signature: 0x00615252, 0x61417272 (sector = 1)
[  114.248323][ T4572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.305897][ T4572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.341394][ T4572] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.370415][ T4572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.442163][ T4572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.598204][ T4695] netlink: 24 bytes leftover after parsing attributes in process `syz.3.100'.
[  114.673863][ T4572] device hsr_slave_0 entered promiscuous mode
[  114.688445][ T4572] device hsr_slave_1 entered promiscuous mode
[  114.723155][ T4572] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  114.751714][ T4572] Cannot create hsr debugfs directory
[  115.131649][ T4257] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  115.144035][ T4257] Bluetooth: hci4: Injecting HCI hardware error event
[  115.154892][ T4264] Bluetooth: hci4: hardware error 0x00
[  115.284659][   T14] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  115.333381][ T4572] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  115.379030][ T4572] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  115.409282][ T4572] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  115.452278][ T4572] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  115.516344][   T14] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  115.589438][   T14] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  115.629521][   T14] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 72
[  115.727904][   T14] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  115.770782][ T4257] Bluetooth: hci1: command 0x0419 tx timeout
[  115.784449][   T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.828572][   T14] usb 1-1: Product: syz
[  115.864000][ T4572] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.873565][   T14] usb 1-1: Manufacturer: syz
[  115.894686][   T14] usb 1-1: SerialNumber: syz
[  115.956014][ T4707] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  115.971574][ T4572] 8021q: adding VLAN 0 to HW filter on device team0
[  116.009637][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.054669][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.080134][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  116.107527][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.131465][ T4412] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.139380][ T4412] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.202777][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  116.219252][   T14] usblp 1-1:1.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  116.240623][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  116.268161][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.285707][ T4412] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.293998][ T4412] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.303842][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  116.329660][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  116.348042][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  116.360643][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  116.384188][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  116.402520][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  116.415558][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  116.437008][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  116.470812][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.495887][    T7] usb 1-1: USB disconnect, device number 2
[  116.518211][ T4572] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  116.538560][    T7] usblp0: removed
[  116.545220][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  116.564368][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  116.576984][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.209632][ T4264] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  117.218158][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  117.262143][ T4745] loop0: detected capacity change from 0 to 512
[  117.262725][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  117.299022][ T4746] netlink: 4 bytes leftover after parsing attributes in process `syz.2.115'.
[  117.453445][ T4751] netlink: 12 bytes leftover after parsing attributes in process `syz.1.117'.
[  117.467638][ T4745] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  117.467784][ T4745] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.611802][   T26] audit: type=1800 audit(1749277574.147:2): pid=4745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.116" name="file1" dev="loop0" ino=15 res=0 errno=0
[  117.701079][ T4752] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.116: corrupted xattr block 33
[  117.709045][ T4752] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #15: block 37: comm syz.0.116: lblock 0 mapped to illegal pblock 37 (length 1)
[  117.711122][ T4752] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #15: block 37: comm syz.0.116: lblock 0 mapped to illegal pblock 37 (length 1)
[  117.712010][   T26] audit: type=1800 audit(1749277574.247:3): pid=4752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.116" name="file1" dev="loop0" ino=15 res=0 errno=0
[  117.736116][ T4745] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.116: corrupted xattr block 33
[  117.737009][   T26] audit: type=1800 audit(1749277574.267:4): pid=4745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.116" name="file1" dev="loop0" ino=15 res=0 errno=0
[  117.751826][ T4745] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #15: block 37: comm syz.0.116: lblock 0 mapped to illegal pblock 37 (length 1)
[  117.799272][ T4746] device hsr_slave_1 left promiscuous mode
[  117.897942][ T4254] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[  118.077769][ T4254] EXT4-fs (loop0): unmounting filesystem.
[  118.104057][ T4572] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.110823][ T4254] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5914: Corrupt filesystem
[  118.134368][ T4254] EXT4-fs error (device loop0): ext4_quota_off:7120: inode #3: comm syz-executor: mark_inode_dirty error
[  118.162014][ T4254] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5914: Corrupt filesystem
[  118.214924][ T4254] EXT4-fs error (device loop0): ext4_quota_off:7120: inode #4: comm syz-executor: mark_inode_dirty error
[  118.681798][ T4594] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.768652][ T4763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.121'.
[  118.801480][ T4763] device vlan0 entered promiscuous mode
[  118.872811][ T4763] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  119.010324][ T4594] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.159257][ T4594] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.351089][ T4594] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.514345][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  119.536362][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  119.626459][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  119.646604][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  119.693223][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  119.706831][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  119.732692][ T4572] device veth0_vlan entered promiscuous mode
[  119.882514][ T4572] device veth1_vlan entered promiscuous mode
[  120.074900][ T4777] loop2: detected capacity change from 0 to 512
[  120.102251][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  120.125983][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  120.137896][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  120.148934][ T4257] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  120.164811][ T4257] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  120.174589][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  120.184370][ T4273] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  120.197076][ T4273] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  120.207568][ T4273] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  120.217566][ T4273] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  120.308136][ T4572] device veth0_macvtap entered promiscuous mode
[  120.335937][ T4777] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  120.348059][ T4777] ext4 filesystem being mounted at /28/file1/bus/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.379714][ T4572] device veth1_macvtap entered promiscuous mode
[  120.516912][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  120.544211][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  120.635608][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.669675][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.702720][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.755780][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.776684][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.788555][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.808258][ T4572] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.830522][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  120.860411][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  120.906098][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  120.980796][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.019423][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.049460][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.069393][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.089542][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.119479][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.147443][ T4572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.181321][ T4572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.225660][ T4572] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.429578][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  121.449851][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  121.530830][ T4572] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.560214][ T4572] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.582630][ T4572] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.600104][ T4572] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.249769][ T4264] Bluetooth: hci2: command 0x0409 tx timeout
[  122.406386][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.437463][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.615388][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  122.696661][ T4779] chnl_net:caif_netlink_parms(): no params data found
[  122.740969][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.784632][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.881456][ T4758] Set syz1 is full, maxelem 65536 reached
[  122.950063][ T2965] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  122.998441][ T4264] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  123.030750][ T4264] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  123.051102][ T4264] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  123.070207][ T4264] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  123.080834][ T4264] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  123.089418][ T4264] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  123.187669][ T4594] device hsr_slave_0 left promiscuous mode
[  123.220457][ T4594] device hsr_slave_1 left promiscuous mode
[  123.240177][ T4594] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.249021][ T4594] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.264460][ T4594] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.281335][ T4594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.296242][ T4594] device bridge_slave_1 left promiscuous mode
[  123.314523][ T4594] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.337475][ T4594] device bridge_slave_0 left promiscuous mode
[  123.345743][ T4594] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.421657][ T4594] device veth1_macvtap left promiscuous mode
[  123.439170][ T4594] device veth0_macvtap left promiscuous mode
[  123.446805][ T4594] device veth1_vlan left promiscuous mode
[  123.453282][ T4594] device veth0_vlan left promiscuous mode
[  124.018137][ T4812] loop5: detected capacity change from 0 to 2048
[  124.069714][ T4812] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  124.285572][ T4815] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  124.310101][ T4815] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 206 with error 28
[  124.330130][ T4273] Bluetooth: hci2: command 0x041b tx timeout
[  124.330689][ T4815] EXT4-fs (loop5): This should not happen!! Data will be lost
[  124.330689][ T4815] 
[  124.390453][ T4815] EXT4-fs (loop5): Total free blocks count 0
[  124.429656][ T4815] EXT4-fs (loop5): Free/Dirty block details
[  124.437632][ T4815] EXT4-fs (loop5): free_blocks=2415919104
[  124.483099][ T4815] EXT4-fs (loop5): dirty_blocks=208
[  124.489253][ T4815] EXT4-fs (loop5): Block reservation details
[  124.509164][ T4815] EXT4-fs (loop5): i_reserved_data_blocks=13
[  124.799880][ T4594] team0 (unregistering): Port device team_slave_1 removed
[  124.820211][   T56] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  124.944233][ T4594] team0 (unregistering): Port device team_slave_0 removed
[  125.019924][ T4819] Driver unsupported XDP return value 0 on prog  (id 34) dev N/A, expect packet loss!
[  125.102269][ T4594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.129529][ T4257] Bluetooth: hci3: command 0x0409 tx timeout
[  125.287930][ T4594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.326894][ T4594] bond0 (unregistering): Released all slaves
[  126.410672][ T4257] Bluetooth: hci2: command 0x040f tx timeout
[  126.465648][ T4801] device vlan3 entered promiscuous mode
[  126.472689][ T4801] device vlan2 entered promiscuous mode
[  126.481066][ T4801] device gretap0 entered promiscuous mode
[  126.513681][ T4828] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  126.528939][ T4838] bridge0: port 3(gretap0) entered blocking state
[  126.543560][ T4838] bridge0: port 3(gretap0) entered disabled state
[  126.558394][ T4838] device gretap0 entered promiscuous mode
[  126.570429][ T4838] bridge0: port 3(gretap0) entered blocking state
[  126.578299][ T4838] bridge0: port 3(gretap0) entered forwarding state
[  126.595156][ T4839] device gretap0 left promiscuous mode
[  126.602030][ T4839] bridge0: port 3(gretap0) entered disabled state
[  126.734904][ T4779] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.743495][ T4779] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.756477][ T4779] device bridge_slave_0 entered promiscuous mode
[  126.798974][ T4779] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.839831][ T4779] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.859238][ T4779] device bridge_slave_1 entered promiscuous mode
[  126.880974][ T4845] binder: 4844:4845 ioctl c0306201 200000000440 returned -14
[  126.976409][ T4850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.147'.
[  127.061358][ T4779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.099709][ T4779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.148459][ T4852] loop5: detected capacity change from 0 to 4096
[  127.210020][ T4257] Bluetooth: hci3: command 0x041b tx timeout
[  127.285448][ T4779] team0: Port device team_slave_0 added
[  127.321634][ T4858] syz.1.150 (4858) used greatest stack depth: 20640 bytes left
[  127.346407][ T4779] team0: Port device team_slave_1 added
[  127.403016][   T22] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  127.470383][ T4779] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.478096][ T4779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.552669][ T4779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.585088][ T4779] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.603165][ T4779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.658047][ T4779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.664931][   T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.706963][   T22] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  127.724962][   T22] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  127.736149][   T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.756031][   T22] usb 4-1: config 0 descriptor??
[  127.784040][   T22] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  127.794017][ T4796] chnl_net:caif_netlink_parms(): no params data found
[  127.897011][ T4779] device hsr_slave_0 entered promiscuous mode
[  127.908413][ T4779] device hsr_slave_1 entered promiscuous mode
[  127.920914][ T4779] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.934118][ T4779] Cannot create hsr debugfs directory
[  127.996539][ T4594] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.139429][   T22] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  128.156283][ T4594] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.183830][ T4796] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.201033][ T4796] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.218740][ T4796] device bridge_slave_0 entered promiscuous mode
[  128.288255][ T4594] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.313969][ T4796] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.339472][   T22] usb 6-1: Using ep0 maxpacket: 16
[  128.349456][ T4796] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.372151][   T22] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  128.403537][ T4796] device bridge_slave_1 entered promiscuous mode
[  128.415984][   T22] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  128.464299][   T22] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  128.479173][ T4594] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.491736][   T22] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.503462][ T4257] Bluetooth: hci2: command 0x0419 tx timeout
[  128.510983][   T22] usb 6-1: Product: syz
[  128.516789][   T22] usb 6-1: Manufacturer: syz
[  128.523830][   T22] usb 6-1: SerialNumber: syz
[  128.653387][ T4796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.683311][ T4796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.754971][   T22] usb 6-1: 0:2 : does not exist
[  128.770091][   T22] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  128.814313][ T4870] dccp_close: ABORT with 56 bytes unread
[  128.843055][ T4796] team0: Port device team_slave_0 added
[  128.857531][   T22] usb 6-1: USB disconnect, device number 2
[  128.876526][ T4796] team0: Port device team_slave_1 added
[  128.974110][ T4796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.986616][ T4796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.032624][ T4796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.046533][ T4796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.061106][ T4796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.097685][ T4796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.283347][ T4796] device hsr_slave_0 entered promiscuous mode
[  129.290886][ T4257] Bluetooth: hci3: command 0x040f tx timeout
[  129.304468][ T4796] device hsr_slave_1 entered promiscuous mode
[  129.312150][ T4796] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  129.322560][ T4796] Cannot create hsr debugfs directory
[  129.328689][ T4779] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  129.390553][ T4779] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  129.444926][ T4779] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  129.503688][ T4779] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  129.870717][ T4779] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.981131][ T4779] 8021q: adding VLAN 0 to HW filter on device team0
[  129.994510][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  130.025159][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  130.063490][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  130.095168][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  130.111669][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.123721][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.188363][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  130.208367][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  130.214930][ T4304] usb 4-1: USB disconnect, device number 2
[  130.261744][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  130.308889][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.317945][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.377972][ T4889] syz.1.162 uses obsolete (PF_INET,SOCK_PACKET)
[  130.732578][ T4890] loop3: detected capacity change from 0 to 32768
[  130.775673][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  130.810374][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  130.830310][ T4890] XFS (loop3): Mounting V5 Filesystem
[  130.916893][ T4796] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  130.955616][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  131.005186][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  131.014387][ T4890] XFS (loop3): Ending clean mount
[  131.038121][ T4890] XFS (loop3): Quotacheck needed: Please wait.
[  131.061149][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  131.090473][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  131.105819][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  131.135911][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  131.170315][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  131.218851][ T4890] XFS (loop3): Quotacheck: Done.
[  131.280644][   T26] audit: type=1800 audit(1749277587.817:5): pid=4890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.161" name="file1" dev="loop3" ino=9286 res=0 errno=0
[  131.370020][ T4257] Bluetooth: hci3: command 0x0419 tx timeout
[  131.372564][   T26] audit: type=1800 audit(1749277587.857:6): pid=4890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.161" name="file2" dev="loop3" ino=9287 res=0 errno=0
[  131.480005][ T4796] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  131.579049][ T4796] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  131.614634][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  131.644575][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  131.681278][ T4594] device hsr_slave_0 left promiscuous mode
[  131.720675][ T4594] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  131.739434][ T4594] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.763642][ T4594] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.808229][ T4594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.827412][ T4259] XFS (loop3): Unmounting Filesystem
[  131.847641][ T4594] device bridge_slave_1 left promiscuous mode
[  131.860987][ T4594] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.899766][ T4594] device bridge_slave_0 left promiscuous mode
[  131.908426][ T4594] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.003734][ T4594] device veth1_macvtap left promiscuous mode
[  132.016482][ T4594] device veth0_macvtap left promiscuous mode
[  132.028531][ T4594] device veth1_vlan left promiscuous mode
[  132.896770][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  132.908072][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  133.058719][ T4594] team0 (unregistering): Port device team_slave_1 removed
[  133.154005][ T4594] team0 (unregistering): Port device team_slave_0 removed
[  133.484834][ T4594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.505668][ T4922] xt_TPROXY: Can be used only with -p tcp or -p udp
[  133.727246][ T4594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.648993][ T4594] bond0 (unregistering): Released all slaves
[  134.736879][ T4779] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  134.752325][ T4796] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  134.772348][ T4912] netlink: 12 bytes leftover after parsing attributes in process `syz.3.166'.
[  134.869482][ T4915] Zero length message leads to an empty skb
[  135.153529][ T4796] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.228478][ T4796] 8021q: adding VLAN 0 to HW filter on device team0
[  135.252530][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.280312][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.354704][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.375146][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.401224][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.409043][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.451189][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  135.481960][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.504164][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.519166][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.527635][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.541388][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.585739][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.613653][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  135.648358][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  135.653036][ T4943] loop5: detected capacity change from 0 to 2048
[  135.674657][ T4941] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  135.684529][ T4941] IPv6: NLM_F_CREATE should be set when creating new route
[  135.734184][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  135.753217][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  135.796992][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  135.825833][ T4945] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.835614][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  135.857804][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  135.877355][ T4796] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  135.919237][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  135.935012][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  136.000083][ T4779] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.036620][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  136.048576][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  136.106974][ T4945] NILFS (loop5): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  136.166098][ T4945] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=2)
[  136.215956][ T4945] Remounting filesystem read-only
[  136.249138][ T4943] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[  136.479543][ T4959] loop3: detected capacity change from 0 to 128
[  136.562193][ T4959] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  136.582575][ T4959] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.794358][ T4505] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  136.828983][ T4505] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  136.885930][ T4796] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.992469][ T4259] EXT4-fs (loop3): unmounting filesystem.
[  137.374525][ T4985] loop3: detected capacity change from 0 to 64
[  137.553039][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  137.578638][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  137.638596][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  137.658300][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  137.698059][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  137.735878][ T4312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  137.770229][ T4779] device veth0_vlan entered promiscuous mode
[  137.966417][ T4996] device syzkaller0 entered promiscuous mode
[  138.002926][ T4779] device veth1_vlan entered promiscuous mode
[  139.571674][ T5018] overlayfs: failed to clone upperpath
[  140.224170][ T5033] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  140.224170][ T5033] The task syz.5.199 (5033) triggered the difference, watch for misbehavior.
[  142.633494][ T5059] 9pnet_fd: Insufficient options for proto=fd
[  144.330305][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  144.349951][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  144.408569][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  144.440427][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  144.461928][ T4779] device veth0_macvtap entered promiscuous mode
[  144.647953][ T5081] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82
[  144.670662][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  144.691571][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  144.731472][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  144.793517][ T4779] device veth1_macvtap entered promiscuous mode
[  144.864175][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  144.917504][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  144.930359][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  144.946811][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  144.956741][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  144.976845][ T5085] loop3: detected capacity change from 0 to 512
[  144.991351][ T5085] EXT4-fs: Mount option(s) incompatible with ext2
[  144.993681][ T4796] device veth0_vlan entered promiscuous mode
[  145.028873][ T4779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.070308][ T4779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.116413][ T4779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.129035][ T4779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.147389][ T4779] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.226020][ T4796] device veth1_vlan entered promiscuous mode
[  145.245949][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  145.469224][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  145.480537][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  145.515157][ T4779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.582673][ T4779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.583252][ T5091] loop3: detected capacity change from 0 to 2048
[  145.611374][ T5091] UDF-fs: bad mount option "01777777777777777777777" or missing value
[  145.630755][ T4779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.656182][ T4779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.683341][ T4779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.705606][ T4779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.732677][ T4779] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.769270][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  145.807809][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  145.873514][ T4779] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.894682][ T4779] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.913932][ T4779] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.928502][ T4779] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.019858][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  146.048386][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  146.208031][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.223870][ T4796] device veth0_macvtap entered promiscuous mode
[  146.253113][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.350296][ T4594] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.376616][ T4594] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.447653][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  146.493372][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  146.525450][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  146.545275][ T4796] device veth1_macvtap entered promiscuous mode
[  146.555473][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  146.605545][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.628959][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.647565][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.664746][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.682335][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.695275][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.721239][ T4796] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.760907][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  146.802849][ T4594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  146.848291][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.886113][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.913498][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.941073][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.968392][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.006365][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.032501][ T4796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.105890][ T4796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.126716][ T4796] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.189484][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.207895][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  147.227027][ T4796] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.249974][ T4796] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.266194][ T4796] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.276293][ T4796] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.501626][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.582722][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.640764][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  147.680797][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.727157][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.797871][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  148.286260][ T5129] netlink: 72 bytes leftover after parsing attributes in process `syz.1.235'.
[  149.345036][ T5145] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.520420][ T5148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  149.671452][ T5148] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.317189][ T5182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.252'.
[  151.435348][ T5186] netlink: 32 bytes leftover after parsing attributes in process `syz.7.254'.
[  151.468071][ T5186] netlink: 32 bytes leftover after parsing attributes in process `syz.7.254'.
[  152.774860][ T5202] capability: warning: `syz.6.259' uses deprecated v2 capabilities in a way that may be insecure
[  152.778344][ T5191] loop7: detected capacity change from 0 to 8
[  152.826489][ T5191] unable to read inode lookup table
[  152.979446][ T5206] netlink: 'syz.5.260': attribute type 33 has an invalid length.
[  152.999126][ T5206] netlink: 152 bytes leftover after parsing attributes in process `syz.5.260'.
[  153.166581][ T5211] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.201844][   T14] wlan1: authenticate with 08:02:11:00:00:00
[  153.243910][   T14] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  153.258707][ T5214] loop6: detected capacity change from 0 to 128
[  153.284137][ T5211] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.285541][ T5197] wlan1: authenticated
[  153.331673][ T5214] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  153.358947][   T14] mac80211_hwsim hwsim17 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP
[  153.388556][ T5219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.402046][ T5214] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.415630][ T5197] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  153.443801][ T5197] wlan1: associated
[  153.982139][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  154.575993][    C1] Unknown status report in ack skb
[  155.426480][ T5252] netlink: 4 bytes leftover after parsing attributes in process `syz.7.276'.
[  156.041085][ T1179] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  156.429756][    C0] sched: RT throttling activated
[  157.769539][ T1179] usb 7-1: Using ep0 maxpacket: 8
[  157.798394][ T1179] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  157.824721][ T1179] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  157.884309][ T1179] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  157.969462][ T1179] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.012515][ T1179] usbtmc 7-1:16.0: bulk endpoints not found
[  158.256792][ T1179] usb 7-1: USB disconnect, device number 2
[  158.332670][ T5261] loop3: detected capacity change from 0 to 128
[  158.375418][ T5262] overlayfs: failed to clone upperpath
[  158.382934][ T5261] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  158.410778][ T5261] ext4 filesystem being mounted at /58/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  158.981864][ T5277] netlink: 12 bytes leftover after parsing attributes in process `syz.1.286'.
[  160.052464][ T5261] fscrypt (loop3, inode 12): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  160.071354][ T5261] fscrypt (loop3, inode 12): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  160.169222][ T4259] EXT4-fs (loop3): unmounting filesystem.
[  160.182211][ T5277] sch_tbf: burst 129 is lower than device bridge3 mtu (1514) !
[  162.104398][ T5326] netlink: 8 bytes leftover after parsing attributes in process `syz.1.301'.
[  162.927043][ T5333] netlink: 24 bytes leftover after parsing attributes in process `syz.3.304'.
[  163.604800][ T5345] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  163.613181][ T5345] IPv6: NLM_F_CREATE should be set when creating new route
[  163.622241][ T5345] IPv6: NLM_F_CREATE should be set when creating new route
[  164.006894][ T5349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.309'.
[  164.118703][ T5354] loop6: detected capacity change from 0 to 512
[  164.163461][ T5354] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  164.384414][ T5354] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.312: iget: bogus i_mode (5)
[  164.455323][ T5354] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.312: couldn't read orphan inode 15 (err -117)
[  164.470439][ T5354] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  164.480164][ T5354] ext2 filesystem being mounted at /13/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.586428][ T5364] xt_CT: You must specify a L4 protocol and not use inversions on it
[  165.031000][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  166.118517][ T5398] loop3: detected capacity change from 0 to 8
[  166.155916][ T5398] SQUASHFS error: xz decompression failed, data probably corrupt
[  166.166256][ T5398] SQUASHFS error: Failed to read block 0x108: -5
[  166.180595][ T5398] SQUASHFS error: Unable to read metadata cache entry [106]
[  166.194864][ T5398] SQUASHFS error: Unable to read inode 0x11f
[  166.760277][ T5411] loop3: detected capacity change from 0 to 1024
[  166.786235][ T5411] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  166.797347][ T5411] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  166.811647][ T5411] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  166.839648][ T5411] EXT4-fs error (device loop3): __ext4_iget:5076: inode #17: block 1803188595: comm syz.3.335: invalid block
[  166.882121][ T5411] EXT4-fs (loop3): no journal found
[  166.988055][ T5419] netlink: 8 bytes leftover after parsing attributes in process `syz.6.338'.
[  167.238851][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805554d800: rx timeout, send abort
[  167.252046][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805554d800: 0x3f000: (3) A timeout occurred and this is the connection abort to close the session.
[  167.300205][ T5427] loop3: detected capacity change from 0 to 1024
[  167.316924][ T5427] EXT4-fs: Ignoring removed oldalloc option
[  167.395099][ T5427] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  167.411431][ T5433] overlayfs: failed to clone upperpath
[  167.479464][ T4301] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  167.643077][   T26] audit: type=1804 audit(1749277624.167:7): pid=5427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.342" name="/newroot/72/file1/file1" dev="loop3" ino=15 res=1 errno=0
[  167.711846][ T4301] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  167.733627][ T4301] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.751923][ T4301] usb 7-1: Product: syz
[  167.765248][ T4301] usb 7-1: Manufacturer: syz
[  167.784721][ T4301] usb 7-1: SerialNumber: syz
[  167.798826][ T4259] EXT4-fs (loop3): unmounting filesystem.
[  167.806144][ T4301] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  167.908855][ T4301] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  168.233628][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056655000: rx timeout, send abort
[  168.530891][   T14] usb 7-1: USB disconnect, device number 3
[  168.733779][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056654800: rx timeout, send abort
[  168.745198][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056655000: abort rx timeout. Force session deactivation
[  168.864559][ T5456] overlayfs: failed to clone upperpath
[  168.969437][ T4301] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  168.985480][ T4301] ath9k_htc: Failed to initialize the device
[  169.001000][   T14] usb 7-1: ath9k_htc: USB layer deinitialized
[  169.235962][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056656400: rx timeout, send abort
[  169.247202][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056654800: abort rx timeout. Force session deactivation
[  169.746816][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056656400: abort rx timeout. Force session deactivation
[  170.405290][ T5486] loop7: detected capacity change from 0 to 8192
[  171.111589][ T5499] netlink: 4 bytes leftover after parsing attributes in process `syz.5.368'.
[  172.790697][   T26] audit: type=1326 audit(1749277629.327:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  172.857038][   T26] audit: type=1326 audit(1749277629.367:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  172.891506][ T5545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.388'.
[  172.920761][ T5545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.388'.
[  172.954649][ T5547] loop6: detected capacity change from 0 to 1024
[  172.965440][   T26] audit: type=1326 audit(1749277629.367:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.007074][ T5545] netlink: 24 bytes leftover after parsing attributes in process `syz.3.388'.
[  173.028432][ T5547] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  173.054717][ T5545] block nbd0: Unsupported socket: shutdown callout must be supported.
[  173.094678][   T26] audit: type=1326 audit(1749277629.377:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.127479][   T26] audit: type=1326 audit(1749277629.377:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.156876][ T5547] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  173.178082][ T5547] JBD2: no valid journal superblock found
[  173.211333][   T26] audit: type=1326 audit(1749277629.377:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.260574][ T5547] EXT4-fs (loop6): error loading journal
[  173.319443][   T26] audit: type=1326 audit(1749277629.377:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.413402][   T26] audit: type=1326 audit(1749277629.377:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.497812][   T26] audit: type=1326 audit(1749277629.377:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.554865][   T26] audit: type=1326 audit(1749277629.377:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5541 comm="syz.6.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  173.973351][ T5570] device veth0 entered promiscuous mode
[  173.993492][ T5570] netlink: 4 bytes leftover after parsing attributes in process `syz.7.397'.
[  174.185380][ T5580] loop6: detected capacity change from 0 to 256
[  174.201043][ T5580] exfat: Deprecated parameter 'namecase'
[  174.208517][ T5580] exfat: Deprecated parameter 'namecase'
[  174.282830][ T5580] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  174.426095][ T5585] device wg2 entered promiscuous mode
[  174.511697][ T5580] exFAT-fs (loop6): IO charset iso8859-1 not found
[  174.661890][ T5593] netlink: 28 bytes leftover after parsing attributes in process `syz.1.406'.
[  174.709468][ T5593] netlink: 28 bytes leftover after parsing attributes in process `syz.1.406'.
[  174.764177][ T5593] device syz_tun entered promiscuous mode
[  174.832763][ T5593] device syz_tun left promiscuous mode
[  176.422062][ T4347] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  176.629407][ T4347] usb 4-1: Using ep0 maxpacket: 16
[  176.649057][ T4347] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.667448][ T4347] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.686986][ T4347] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.702542][ T4347] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.721360][ T4347] usb 4-1: Product: syz
[  176.725917][ T4347] usb 4-1: Manufacturer: syz
[  176.735773][ T4347] usb 4-1: SerialNumber: syz
[  176.948701][ T4347] usb 4-1: 0:2 : does not exist
[  176.970948][ T4347] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  177.020849][ T4347] usb 4-1: USB disconnect, device number 3
[  177.707645][ T5654] loop6: detected capacity change from 0 to 512
[  177.871071][ T5654] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.429: bad orphan inode 11862016
[  177.916002][ T5654] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  177.942104][ T5654] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.655009][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  178.940215][ T5675] binder: 5673:5675 ioctl c0306201 200000000280 returned -14
[  180.087477][ T5687] loop3: detected capacity change from 0 to 8192
[  180.221785][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  180.221887][   T26] audit: type=1800 audit(1749277636.757:35): pid=5687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.441" name="file1" dev="loop3" ino=1048604 res=0 errno=0
[  180.414195][ T5696] netlink: 2048 bytes leftover after parsing attributes in process `syz.5.444'.
[  180.455440][ T5696] netlink: 12 bytes leftover after parsing attributes in process `syz.5.444'.
[  180.685391][ T5704] netlink: 'syz.6.448': attribute type 39 has an invalid length.
[  181.698032][ T5714] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  181.878535][ T5721] loop6: detected capacity change from 0 to 128
[  181.933272][ T5721] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  182.095426][ T5730] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  182.177252][ T5733] netlink: 4 bytes leftover after parsing attributes in process `syz.7.458'.
[  182.202478][ T5733] device ipvlan2 entered promiscuous mode
[  182.642715][ T5749] netlink: 'syz.1.464': attribute type 39 has an invalid length.
[  182.747864][ T5751] netlink: 2048 bytes leftover after parsing attributes in process `syz.6.462'.
[  182.765082][ T5751] netlink: 12 bytes leftover after parsing attributes in process `syz.6.462'.
[  183.155847][ T5744] loop7: detected capacity change from 0 to 32768
[  183.165695][ T5744] XFS: noikeep mount option is deprecated.
[  183.199426][ T5744] XFS (loop7): Mounting V5 Filesystem
[  183.289809][ T5744] XFS (loop7): Ending clean mount
[  183.332827][ T5744] XFS (loop7): Quotacheck needed: Please wait.
[  183.426711][ T5744] XFS (loop7): Quotacheck: Done.
[  183.784984][  T127] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  183.929822][ T5744] syz.7.463 (5744): drop_caches: 2
[  183.979454][  T127] usb 7-1: Using ep0 maxpacket: 8
[  183.997927][ T4796] XFS (loop7): Unmounting Filesystem
[  184.014198][  T127] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  184.035614][  T127] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.059075][  T127] usb 7-1: Product: syz
[  184.070500][  T127] usb 7-1: Manufacturer: syz
[  184.083775][  T127] usb 7-1: SerialNumber: syz
[  184.102771][  T127] usb 7-1: config 0 descriptor??
[  184.351089][  T127] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  184.405374][ T5782] loop3: detected capacity change from 0 to 32768
[  184.433625][ T5782] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.475 (5782)
[  184.468232][ T5782] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  184.499613][ T5782] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  184.511458][ T5782] BTRFS info (device loop3): using free space tree
[  184.561351][ T5782] BTRFS info (device loop3): enabling ssd optimizations
[  184.621035][ T5805] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  185.037630][ T4330] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  185.251066][ T4259] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  185.763093][  T127] dvb_usb_rtl28xxu: probe of 7-1:0.0 failed with error -71
[  185.806408][  T127] usb 7-1: USB disconnect, device number 4
[  186.657526][ T5837] netlink: 'syz.5.487': attribute type 39 has an invalid length.
[  187.828467][ T5864] overlayfs: failed to clone upperpath
[  189.373360][   T14] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  189.560673][   T14] usb 7-1: Using ep0 maxpacket: 32
[  189.574111][   T14] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  189.638781][   T14] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  189.710907][   T14] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  189.754565][   T14] usb 7-1: Product: syz
[  189.767077][   T14] usb 7-1: Manufacturer: syz
[  189.785937][   T14] usb 7-1: SerialNumber: syz
[  189.805808][   T14] usb 7-1: config 0 descriptor??
[  189.816594][ T5893] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  190.055267][   T14] usb 7-1: USB disconnect, device number 5
[  190.236898][ T5914] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  190.262680][ T5914] Bluetooth: hci0: Opcode 0x080f failed: -22
[  190.790811][   T26] audit: type=1326 audit(1749277647.327:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  190.886380][   T26] audit: type=1326 audit(1749277647.377:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  190.905245][ T5922] overlayfs: failed to clone upperpath
[  190.970653][   T26] audit: type=1326 audit(1749277647.377:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  191.004856][   T26] audit: type=1326 audit(1749277647.377:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  191.049247][   T26] audit: type=1326 audit(1749277647.377:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  191.272500][   T26] audit: type=1326 audit(1749277647.377:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  191.462932][   T26] audit: type=1326 audit(1749277647.377:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  191.534573][ T5929] loop6: detected capacity change from 0 to 16
[  191.604720][ T5929] erofs: (device loop6): mounted with root inode @ nid 36.
[  191.640416][   T26] audit: type=1326 audit(1749277647.377:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  192.251644][ T4257] Bluetooth: hci0: command 0x080f tx timeout
[  192.863504][   T26] audit: type=1326 audit(1749277647.377:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  192.941168][   T26] audit: type=1326 audit(1749277647.377:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.6.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  193.941549][ T5961] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  194.276471][ T4347] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  194.342928][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  194.350719][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  194.469725][ T4347] usb 4-1: Using ep0 maxpacket: 8
[  194.491125][ T4347] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  194.529568][ T4347] usb 4-1: config 179 has no interface number 0
[  194.536698][ T4347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  194.566835][ T4347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  194.590274][ T4347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[  194.625069][ T4347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[  194.643783][ T4347] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  194.664926][ T4482] libceph: connect (1)[c::]:6789 error -101
[  194.678132][ T4347] usb 4-1: config 179 interface 65 has no altsetting 0
[  194.688379][ T4347] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  194.696709][ T4482] libceph: mon0 (1)[c::]:6789 connect error
[  194.702410][ T4347] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.727201][ T4482] libceph: connect (1)[c::]:6789 error -101
[  194.739449][ T4347] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input5
[  194.751341][ T5986] ceph: No mds server is up or the cluster is laggy
[  194.768619][ T4482] libceph: mon0 (1)[c::]:6789 connect error
[  195.439215][ T5963] loop3: detected capacity change from 0 to 4096
[  195.455994][ T5963] ntfs3: Unknown parameter 'windows_names'
[  196.128417][ T5824] usb 4-1: USB disconnect, device number 4
[  196.131478][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  196.148002][ T5824] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  197.375474][ T4347] libceph: connect (1)[c::]:6789 error -101
[  197.393681][ T4347] libceph: mon0 (1)[c::]:6789 connect error
[  197.474655][ T6057] ceph: No mds server is up or the cluster is laggy
[  199.044792][ T6080] binder: 6077:6080 ioctl c0306201 2000000003c0 returned -14
[  199.071300][ T6079] netlink: 32 bytes leftover after parsing attributes in process `syz.5.570'.
[  199.101232][ T6084] netlink: 4 bytes leftover after parsing attributes in process `syz.6.571'.
[  199.196584][ T6079] netlink: 32 bytes leftover after parsing attributes in process `syz.5.570'.
[  201.381762][ T4482] libceph: connect (1)[c::]:6789 error -101
[  201.405283][ T4482] libceph: mon0 (1)[c::]:6789 connect error
[  201.467625][ T6103] ceph: No mds server is up or the cluster is laggy
[  201.503706][ T6088] loop7: detected capacity change from 0 to 262144
[  201.530793][ T6088] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop7 scanned by syz.7.583 (6088)
[  201.583823][ T6088] BTRFS info (device loop7): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  201.597728][ T6088] BTRFS info (device loop7): using xxhash64 (xxhash64-generic) checksum algorithm
[  201.610481][ T6088] BTRFS info (device loop7): using free space tree
[  201.746490][ T6088] BTRFS info (device loop7): enabling ssd optimizations
[  201.862771][ T6088] BTRFS error (device loop7: state M): unrecognized mount option 'ÿÿ0xffffffffffffffff01777777777777777777777017777777777777777777770xffffffffffffffffÞýÖòL¹¬·þÉ*	15‘.¾ô&sþˆ�+yÛ2âº9$�'
[  201.955829][ T4796] BTRFS info (device loop7): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  202.794819][ T6132] loop3: detected capacity change from 0 to 40427
[  203.286811][ T6147] lo speed is unknown, defaulting to 1000
[  203.298898][ T6147] lo speed is unknown, defaulting to 1000
[  203.324809][ T6147] lo speed is unknown, defaulting to 1000
[  203.359716][ T6147] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  203.401881][ T6147] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  203.546617][ T6147] lo speed is unknown, defaulting to 1000
[  203.559967][ T6147] lo speed is unknown, defaulting to 1000
[  203.571745][ T6147] lo speed is unknown, defaulting to 1000
[  203.583652][ T6147] lo speed is unknown, defaulting to 1000
[  203.597848][ T6147] lo speed is unknown, defaulting to 1000
[  204.442390][ T6159] loop6: detected capacity change from 0 to 512
[  204.462410][ T6159] EXT4-fs: inline encryption not supported
[  204.519978][ T6136] xt_bpf: check failed: parse error
[  204.592844][ T6159] EXT4-fs (loop6): 1 orphan inode deleted
[  204.616714][ T6159] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  204.637251][   T11] __quota_error: 7 callbacks suppressed
[  204.637270][   T11] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  204.715109][ T6159] ext4 filesystem being mounted at /70/file6 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.723026][   T11] EXT4-fs error (device loop6): ext4_release_dquot:6850: comm kworker/u4:1: Failed to release dquot type 1
[  205.016480][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  205.050733][ T6172] netlink: 24 bytes leftover after parsing attributes in process `syz.3.596'.
[  207.574179][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.7.603'.
[  207.604849][ T6190] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  207.656011][ T6190] netlink: 4 bytes leftover after parsing attributes in process `syz.7.603'.
[  208.914437][ T6203] netlink: 24 bytes leftover after parsing attributes in process `syz.1.606'.
[  210.869038][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.617'.
[  211.005679][ T6233] netlink: 'syz.5.618': attribute type 1 has an invalid length.
[  211.189127][ T6235] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  211.279487][ T6235] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode
[  211.337634][ T6235] bond1: (slave vcan1): making interface the new active one
[  211.355764][ T6235] bond1: (slave vcan1): Enslaving as an active interface with an up link
[  211.387872][ T6237] netlink: 24 bytes leftover after parsing attributes in process `syz.7.619'.
[  211.478042][ T6238] 8021q: adding VLAN 0 to HW filter on device bond1
[  211.521146][ T6244] netlink: 24 bytes leftover after parsing attributes in process `syz.1.620'.
[  212.957088][ T6271] netlink: 'syz.6.628': attribute type 4 has an invalid length.
[  213.916948][ T4322] lo speed is unknown, defaulting to 1000
[  213.928866][ T6273] netlink: 'syz.6.628': attribute type 4 has an invalid length.
[  214.412304][ T4482] lo speed is unknown, defaulting to 1000
[  214.795286][ T6282] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  214.803291][ T6282] IPv6: NLM_F_CREATE should be set when creating new route
[  214.811058][ T6282] IPv6: NLM_F_CREATE should be set when creating new route
[  218.747053][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.7.654'.
[  218.880756][ T6341] siw: device registration error -23
[  220.611311][ T6356] netlink: 'syz.1.659': attribute type 1 has an invalid length.
[  220.804665][ T6360] bond1: (slave vcan0): The slave device specified does not support setting the MAC address
[  220.908143][ T6360] bond1: (slave vcan0): Setting fail_over_mac to active for active-backup mode
[  220.971295][ T6360] bond1: (slave vcan0): making interface the new active one
[  220.994977][ T6360] bond1: (slave vcan0): Enslaving as an active interface with an up link
[  221.033442][ T6362] 8021q: adding VLAN 0 to HW filter on device bond1
[  222.713589][ T6383] netlink: 8 bytes leftover after parsing attributes in process `syz.1.666'.
[  222.880942][ T6385] loop6: detected capacity change from 0 to 512
[  222.891537][ T6385] EXT4-fs: Ignoring removed orlov option
[  222.919910][ T6385] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  223.022023][ T6385] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  223.064773][ T6385] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.669: corrupted in-inode xattr
[  223.132756][ T6385] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.669: couldn't read orphan inode 15 (err -117)
[  223.171696][ T6385] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  223.316739][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  223.525533][ T6394] loop6: detected capacity change from 0 to 1024
[  223.583025][ T6394] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  223.608280][ T6394] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  223.631142][ T6394] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  223.706744][ T6394] EXT4-fs error (device loop6): __ext4_iget:5076: inode #17: block 1803188595: comm syz.6.672: invalid block
[  223.713195][ T6399] xt_CT: You must specify a L4 protocol and not use inversions on it
[  223.765671][ T6394] EXT4-fs (loop6): no journal found
[  225.565041][ T6428] netlink: 8 bytes leftover after parsing attributes in process `syz.5.683'.
[  226.706787][ T6453] lo speed is unknown, defaulting to 1000
[  226.875468][ T6458] loop6: detected capacity change from 0 to 1024
[  226.924162][ T6458] EXT4-fs: Ignoring removed oldalloc option
[  227.007644][ T6458] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  227.212488][   T26] audit: type=1804 audit(1749277683.747:53): pid=6458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.696" name="/newroot/91/file1/file1" dev="loop6" ino=15 res=1 errno=0
[  227.345798][ T4779] EXT4-fs (loop6): unmounting filesystem.
[  227.384208][ T6457] loop3: detected capacity change from 0 to 8192
[  228.091355][ T6484] loop7: detected capacity change from 0 to 1024
[  228.129985][ T6484] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  228.161251][ T6484] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  228.196729][ T6484] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  228.237365][ T6484] EXT4-fs error (device loop7): __ext4_iget:5076: inode #17: block 1803188595: comm syz.7.703: invalid block
[  228.263470][ T6484] EXT4-fs (loop7): no journal found
[  228.661217][ T6491] netlink: 'syz.5.705': attribute type 4 has an invalid length.
[  228.876188][ T6494] netlink: 'syz.5.705': attribute type 4 has an invalid length.
[  229.453216][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.5.708'.
[  229.503097][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.5.708'.
[  230.008884][ T6513] loop7: detected capacity change from 0 to 2048
[  230.104234][ T6513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  230.966628][ T4796] UDF-fs: error (device loop7): udf_verify_fi: directory (ino 1408) has entry at pos 0 with incorrect tag 0
[  231.016557][ T4796] UDF-fs: error (device loop7): udf_verify_fi: directory (ino 1408) has entry at pos 0 with incorrect tag 0
[  231.613231][ T6545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.724'.
[  231.659746][ T6545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.724'.
[  231.694242][ T6545] device syz_tun entered promiscuous mode
[  231.731525][ T6545] device syz_tun left promiscuous mode
[  232.207821][ T6557] loop3: detected capacity change from 0 to 8192
[  232.274287][ T6557] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  232.305414][ T6557] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  232.320149][ T6557] REISERFS (device loop3): using ordered data mode
[  232.328483][ T6557] reiserfs: using flush barriers
[  232.344368][ T6557] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  232.375255][ T6557] REISERFS (device loop3): checking transaction log (loop3)
[  232.795929][ T6557] REISERFS (device loop3): Using tea hash to sort names
[  232.839174][ T6557] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  233.283880][ T6583] lo speed is unknown, defaulting to 1000
[  233.783310][ T4273] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  233.795903][ T4273] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  233.809793][ T4273] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  233.818534][ T4273] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  233.827419][ T4273] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  233.834961][ T4273] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  233.846867][ T4257] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  233.860860][ T4257] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  233.869658][ T4257] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  233.883173][ T4257] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  233.893293][ T4257] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  233.902129][ T4257] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  234.094996][ T6592] lo speed is unknown, defaulting to 1000
[  234.186032][ T6596] netlink: 'syz.1.737': attribute type 4 has an invalid length.
[  234.332763][ T6600] netlink: 'syz.1.737': attribute type 4 has an invalid length.
[  234.670708][ T6587] loop6: detected capacity change from 0 to 32768
[  234.763834][ T6587] XFS (loop6): Mounting V5 Filesystem
[  234.778480][ T6615] netlink: 'syz.5.742': attribute type 1 has an invalid length.
[  234.867359][ T6615] 8021q: adding VLAN 0 to HW filter on device bond2
[  234.882649][ T6587] XFS (loop6): Ending clean mount
[  234.882893][ T6592] chnl_net:caif_netlink_parms(): no params data found
[  234.939059][ T6624] 8021q: adding VLAN 0 to HW filter on device bond2
[  234.947344][ T6624] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  234.971971][ T6624] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  235.088866][ T4779] XFS (loop6): Unmounting Filesystem
[  235.090487][ T6615] device gretap1 entered promiscuous mode
[  235.148162][ T6615] bond2: (slave gretap1): making interface the new active one
[  235.178021][ T6615] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  235.478480][ T6592] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.486546][ T6640] loop3: detected capacity change from 0 to 2048
[  235.507719][ T6592] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.554830][ T6592] device bridge_slave_0 entered promiscuous mode
[  235.554830][ T6640] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  235.617881][ T6592] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.649485][ T6592] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.661777][ T6592] device bridge_slave_1 entered promiscuous mode
[  235.808422][ T6592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.846785][ T6592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.929495][ T4273] Bluetooth: hci3: command 0x0409 tx timeout
[  235.997288][ T6592] team0: Port device team_slave_0 added
[  236.055389][ T6592] team0: Port device team_slave_1 added
[  236.229413][ T6592] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.236526][ T6592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.505396][ T4259] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1408) has entry at pos 0 with incorrect tag 0
[  236.533057][ T6592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.606281][ T4259] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1408) has entry at pos 0 with incorrect tag 0
[  236.631053][ T6592] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.677500][ T6592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.789198][ T6592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.855261][ T6665] lo speed is unknown, defaulting to 1000
[  237.185833][ T6592] device hsr_slave_0 entered promiscuous mode
[  237.233260][ T6592] device hsr_slave_1 entered promiscuous mode
[  237.288026][ T6592] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  237.343212][ T6592] Cannot create hsr debugfs directory
[  237.845992][ T4594] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.009695][ T4273] Bluetooth: hci3: command 0x041b tx timeout
[  238.319959][ T4594] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.546159][ T6592] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.718836][ T4594] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.945179][ T6592] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.045194][ T4257] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  239.065570][ T4257] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  239.079849][ T4257] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  239.104126][ T4257] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  239.116979][ T4257] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  239.137874][ T4257] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  239.166229][ T6698] netlink: 156 bytes leftover after parsing attributes in process `syz.6.762'.
[  239.213575][ T4594] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.343482][ T6592] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.532556][ T6592] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.570061][ T6695] lo speed is unknown, defaulting to 1000
[  240.089566][ T4257] Bluetooth: hci3: command 0x040f tx timeout
[  240.274330][ T6719] netlink: 8 bytes leftover after parsing attributes in process `syz.1.766'.
[  240.318032][ T6719] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  240.467398][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.766'.
[  240.768905][ T6592] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  240.790842][ T6592] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  240.841432][ T6695] chnl_net:caif_netlink_parms(): no params data found
[  240.865244][ T6592] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  240.880588][ T6592] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  240.904466][ T6740] overlayfs: failed to clone upperpath
[  241.209758][ T4257] Bluetooth: hci4: command 0x0409 tx timeout
[  241.298524][ T6695] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.306321][ T6695] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.315803][ T6695] device bridge_slave_0 entered promiscuous mode
[  241.345366][ T6750] bond2 (unregistering): Released all slaves
[  241.379708][ T6749] netlink: 'syz.1.774': attribute type 1 has an invalid length.
[  241.425559][    T7] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  241.434780][ T6695] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.446352][ T6695] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.475997][ T6695] device bridge_slave_1 entered promiscuous mode
[  241.585755][ T6752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.774'.
[  241.597737][ T6752] 8021q: adding VLAN 0 to HW filter on device bond2
[  241.654864][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.672927][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.683524][    T7] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  241.704987][    T7] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.722318][    T7] usb 7-1: config 0 descriptor??
[  241.772752][ T6695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.794461][ T6592] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.805889][ T6695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.860720][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  241.889025][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  241.934578][ T6592] 8021q: adding VLAN 0 to HW filter on device team0
[  242.026524][   T26] audit: type=1326 audit(1749277698.557:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.5.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda4f98e929 code=0x7ffc0000
[  242.064154][ T6695] team0: Port device team_slave_0 added
[  242.089515][   T26] audit: type=1326 audit(1749277698.607:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.5.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fda4f98e929 code=0x7ffc0000
[  242.092706][ T6695] team0: Port device team_slave_1 added
[  242.121379][ T6765] ptrace attach of "./syz-executor exec"[4252] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  242.139488][   T26] audit: type=1326 audit(1749277698.607:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.5.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda4f98e929 code=0x7ffc0000
[  242.145973][    T7] wacom 0003:056A:0063.0001: Unknown device_type for 'HID 056a:0063'. Assuming pen.
[  242.259587][ T4257] Bluetooth: hci3: command 0x0419 tx timeout
[  242.291744][   T26] audit: type=1326 audit(1749277698.607:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.5.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fda4f98e929 code=0x7ffc0000
[  242.327722][   T26] audit: type=1326 audit(1749277698.607:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.5.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda4f98e929 code=0x7ffc0000
[  242.353683][ T6743] loop6: detected capacity change from 0 to 16
[  242.379028][ T6743] erofs: Unknown parameter '
'
[  242.390857][    T7] wacom 0003:056A:0063.0001: hidraw0: USB HID v0.00 Device [HID 056a:0063] on usb-dummy_hcd.6-1/input0
[  242.418684][    T7] input: Wacom Volito2 2x3 Pen as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:056A:0063.0001/input/input6
[  242.491783][ T4594] device hsr_slave_0 left promiscuous mode
[  242.498442][ T4594] device hsr_slave_1 left promiscuous mode
[  242.505361][ T4594] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.513724][ T4594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.522529][ T4594] device bridge_slave_1 left promiscuous mode
[  242.528875][ T4594] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.538310][ T4594] device bridge_slave_0 left promiscuous mode
[  242.551451][    T7] usb 7-1: USB disconnect, device number 6
[  242.569670][ T4594] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.620569][ T4594] device veth1_macvtap left promiscuous mode
[  242.654333][ T4594] device veth0_macvtap left promiscuous mode
[  242.664443][ T4594] device veth1_vlan left promiscuous mode
[  242.671738][ T4594] device veth0_vlan left promiscuous mode
[  243.299512][ T4273] Bluetooth: hci4: command 0x041b tx timeout
[  243.555581][ T4594] team0 (unregistering): Port device team_slave_1 removed
[  243.616434][ T4594] team0 (unregistering): Port device team_slave_0 removed
[  243.675162][ T4594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.735191][ T4594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.588047][ T4594] bond0 (unregistering): Released all slaves
[  244.678765][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  244.688072][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  244.697980][ T4570] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.706222][ T4570] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.714495][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  244.725790][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  244.735889][ T4570] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.743221][ T4570] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.753273][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  244.785524][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  244.797430][ T6787] netlink: 'syz.6.787': attribute type 1 has an invalid length.
[  244.847276][ T6788] 8021q: adding VLAN 0 to HW filter on device bond2
[  244.857898][ T6788] bond1: (slave bond2): making interface the new active one
[  244.868365][ T6788] bond1: (slave bond2): Enslaving as an active interface with an up link
[  244.877164][ T6789] netlink: 28 bytes leftover after parsing attributes in process `syz.6.787'.
[  244.888271][ T6789] 8021q: adding VLAN 0 to HW filter on device bond1
[  244.918146][ T6695] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.949947][ T6695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.990020][ T6797] overlayfs: failed to clone upperpath
[  245.037273][ T6695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.074412][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  245.085053][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  245.117292][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  245.188990][ T6801] ieee802154 phy0 wpan0: encryption failed: -22
[  245.219648][ T6695] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.248645][ T6695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.369701][ T4257] Bluetooth: hci4: command 0x040f tx timeout
[  245.471363][ T6695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.566610][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  245.590856][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  245.683311][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  245.850928][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  245.899194][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  246.040426][   T26] audit: type=1326 audit(1749277702.577:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.1.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae1b8e929 code=0x7ffc0000
[  246.097362][   T26] audit: type=1326 audit(1749277702.637:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.1.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae1b8e929 code=0x7ffc0000
[  246.146205][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  246.160491][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  246.189174][ T6695] device hsr_slave_0 entered promiscuous mode
[  246.201044][ T6695] device hsr_slave_1 entered promiscuous mode
[  246.209575][   T26] audit: type=1326 audit(1749277702.637:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.1.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fcae1b8e929 code=0x7ffc0000
[  246.272063][ T6695] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  246.280046][ T6695] Cannot create hsr debugfs directory
[  246.286836][ T6592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  246.309927][   T26] audit: type=1326 audit(1749277702.637:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.1.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae1b8e929 code=0x7ffc0000
[  246.356713][   T26] audit: type=1326 audit(1749277702.637:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.1.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae1b8e929 code=0x7ffc0000
[  246.528474][ T6811] bridge: RTM_NEWNEIGH with invalid ether address
[  247.088140][ T6695] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  247.113237][ T6695] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  247.153921][ T6695] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  247.226490][ T6695] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  247.449449][ T4257] Bluetooth: hci4: command 0x0419 tx timeout
[  247.738817][ T6695] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.795754][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  247.824641][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  247.866776][ T6695] 8021q: adding VLAN 0 to HW filter on device team0
[  247.901578][ T6592] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.934444][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  247.954247][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  248.032283][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  248.059875][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  248.137569][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.145035][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.217710][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  248.252059][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  248.308392][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  248.320364][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.327566][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.339500][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  248.362048][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  248.403726][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  248.425133][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  248.475759][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  248.502663][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  248.542154][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  248.582819][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  248.600952][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  248.633653][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  248.658718][ T4570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  248.700814][ T6695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  248.900461][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.5.808'.
[  248.922359][ T6847] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  248.987523][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  248.987539][   T26] audit: type=1326 audit(1749277705.517:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.6.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  249.052319][ T6847] netlink: 4 bytes leftover after parsing attributes in process `syz.5.808'.
[  249.106522][   T26] audit: type=1326 audit(1749277705.557:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.6.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  249.160289][   T26] audit: type=1326 audit(1749277705.557:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.6.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  249.216324][   T26] audit: type=1326 audit(1749277705.567:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.6.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  249.286786][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  249.302314][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  249.309378][   T26] audit: type=1326 audit(1749277705.567:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.6.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  249.382911][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  249.402251][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  249.433144][ T6592] device veth0_vlan entered promiscuous mode
[  249.448481][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  249.458534][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  249.493548][ T6592] device veth1_vlan entered promiscuous mode
[  249.538589][ T6695] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.559682][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  249.576943][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  249.602415][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  249.684416][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  249.714912][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  249.742692][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  249.764744][ T6592] device veth0_macvtap entered promiscuous mode
[  249.777706][ T6592] device veth1_macvtap entered promiscuous mode
[  249.827428][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.879839][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.911547][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.929830][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.945916][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.968834][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.981436][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.992407][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.004195][ T6592] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.015633][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.026526][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.036902][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.048046][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.058053][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.071955][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.099043][ T6592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.116667][ T6592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.139678][ T6592] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.158776][ T6592] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.168050][ T6592] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.193687][ T6592] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.204178][ T6592] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.237331][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  250.246831][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  250.261815][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.278131][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.287568][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  250.297202][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  250.494772][ T6882] 8021q: adding VLAN 0 to HW filter on device batadv1
[  250.526775][ T6882] team0: Port device batadv1 added
[  250.613397][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.631844][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.678818][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  250.706375][ T4569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.723629][ T4569] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.776101][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  251.204861][ T6892] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.654141][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  251.716897][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  251.789614][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  251.804687][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  251.828620][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  251.846237][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  251.868022][ T6695] device veth0_vlan entered promiscuous mode
[  251.925841][ T4308] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  251.933837][ T6695] device veth1_vlan entered promiscuous mode
[  251.988303][ T5937] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  252.005337][ T5937] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  252.015893][ T5937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  252.025556][ T5937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  252.037817][ T6695] device veth0_macvtap entered promiscuous mode
[  252.056995][ T6695] device veth1_macvtap entered promiscuous mode
[  252.077888][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.097911][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.117631][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.128442][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.131301][ T4308] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  252.149400][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.153869][ T4308] usb 7-1: config 0 has no interfaces?
[  252.166272][ T4308] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  252.176488][ T4308] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.182034][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.187969][ T4308] usb 7-1: config 0 descriptor??
[  252.202909][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.217056][   T26] audit: type=1804 audit(1749277708.757:72): pid=6912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.823" name="bus" dev="ramfs" ino=45400 res=1 errno=0
[  252.218701][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.254560][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.265448][   T26] audit: type=1804 audit(1749277708.787:73): pid=6912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.823" name="bus" dev="ramfs" ino=45400 res=1 errno=0
[  252.267531][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.305710][ T6695] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.316976][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  252.327867][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  252.343596][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  252.353452][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  252.373885][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.387628][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.398115][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.418189][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.428299][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.447496][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.457665][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.476395][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.486481][ T6695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.505119][ T6695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.518023][ T6695] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.530971][ T6695] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.540543][ T6695] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.551220][ T6695] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.567086][ T6695] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.585153][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  252.598031][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  252.716328][ T5937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.754080][ T5937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.783699][ T4569] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  252.793560][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.803203][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.858247][ T5937] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  252.911323][ T6918] overlayfs: failed to clone upperpath
[  253.349093][ T6929] netlink: 'syz.8.828': attribute type 4 has an invalid length.
[  253.435074][ T6932] netlink: 'syz.8.828': attribute type 4 has an invalid length.
[  253.553860][ T6936] loop8: detected capacity change from 0 to 256
[  253.603195][ T6936] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  253.714921][ T6938] xt_CT: You must specify a L4 protocol and not use inversions on it
[  254.623404][ T4308] usb 7-1: USB disconnect, device number 7
[  254.695069][   T26] audit: type=1804 audit(1749277711.227:74): pid=6968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.840" name="bus" dev="ramfs" ino=44958 res=1 errno=0
[  254.782210][   T26] audit: type=1804 audit(1749277711.227:75): pid=6968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.840" name="bus" dev="ramfs" ino=44958 res=1 errno=0
[  255.774338][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  255.780848][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  255.972601][ T7021] xt_CT: You must specify a L4 protocol and not use inversions on it
[  257.106484][ T7037] loop8: detected capacity change from 0 to 1024
[  257.190523][ T7037] EXT4-fs: Ignoring removed i_version option
[  257.196907][ T7037] EXT4-fs: inline encryption not supported
[  257.208065][ T7037] EXT4-fs (loop8): Test dummy encryption mode enabled
[  257.221620][ T7037] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  257.360689][ T7050] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  257.436652][ T7050] device bridge_slave_0 left promiscuous mode
[  257.470599][ T7050] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.545436][ T7050] device bridge_slave_1 left promiscuous mode
[  257.571692][ T7050] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.597780][ T7050] bond0: (slave bond_slave_0): Releasing backup interface
[  257.633825][ T7050] bond0: (slave bond_slave_1): Releasing backup interface
[  257.728997][ T7050] team0: Port device team_slave_0 removed
[  257.764620][ T7037] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  257.776568][ T7050] team0: Port device team_slave_1 removed
[  257.790536][ T7050] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.838646][ T7050] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.882421][ T6695] EXT4-fs (loop8): unmounting filesystem.
[  257.882921][ T7050] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.015558][ T7050] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.140879][ T7050] bond1: (slave bond2): Releasing backup interface
[  258.291994][ T7050] team0: Port device batadv1 removed
[  258.315556][ T7051] netlink: 'syz.6.853': attribute type 10 has an invalid length.
[  258.410640][ T7051] 8021q: adding VLAN 0 to HW filter on device bond0
[  258.473280][ T7051] team0: Port device bond0 added
[  258.566174][ T7055] lo speed is unknown, defaulting to 1000
[  258.849591][ T7075] loop8: detected capacity change from 0 to 256
[  259.395157][ T7089] process 'syz.6.866' launched './file0' with NULL argv: empty string added
[  260.980984][ T7115] loop8: detected capacity change from 0 to 32768
[  261.149005][ T7115] XFS (loop8): Mounting V5 Filesystem
[  261.474448][ T7115] XFS (loop8): Ending clean mount
[  261.651866][ T7115] XFS (loop8): Quotacheck needed: Please wait.
[  261.896113][ T7115] XFS (loop8): Quotacheck: Done.
[  262.890604][ T6695] XFS (loop8): Unmounting Filesystem
[  263.347850][ T7181] netlink: 'syz.5.889': attribute type 3 has an invalid length.
[  263.397884][ T7181] netlink: 16 bytes leftover after parsing attributes in process `syz.5.889'.
[  264.737000][   T26] audit: type=1804 audit(1749277721.267:76): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.898" name="bus" dev="ramfs" ino=45679 res=1 errno=0
[  264.848864][   T26] audit: type=1804 audit(1749277721.267:77): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.898" name="bus" dev="ramfs" ino=45679 res=1 errno=0
[  266.733545][ T7262] xt_CT: You must specify a L4 protocol and not use inversions on it
[  268.560698][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.569982][ T7274] device bridge_slave_1 left promiscuous mode
[  268.576410][ T7274] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.596800][ T7274] bond0: (slave bond_slave_0): Releasing backup interface
[  268.629794][ T7274] bond0: (slave bond_slave_1): Releasing backup interface
[  268.813299][ T7274] team0: Port device team_slave_0 removed
[  268.865355][ T7274] team0: Port device team_slave_1 removed
[  268.895275][ T7274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.927322][ T7274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  268.965429][ T7274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  268.989797][ T7274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.069019][ T7274] bond1: (slave vcan0): Releasing backup interface
[  269.145813][ T7276] netlink: 'syz.1.920': attribute type 10 has an invalid length.
[  270.091695][ T7276] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.140764][ T7276] team0: Port device bond0 added
[  271.049563][ T7293] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.734277][ T7345] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.773568][ T7345] device batadv_slave_0 entered promiscuous mode
[  278.650543][ T7405] netlink: 'syz.5.968': attribute type 1 has an invalid length.
[  278.682232][ T7405] 8021q: adding VLAN 0 to HW filter on device bond3
[  278.888734][ T7410] loop8: detected capacity change from 0 to 2048
[  278.933749][ T7410]  loop8: p1 < > p3
[  278.952016][ T7410] loop8: p3 size 134217728 extends beyond EOD, truncated
[  279.085689][ T7410] loop8: detected capacity change from 0 to 1024
[  279.254660][ T7419] netlink: 'syz.7.973': attribute type 4 has an invalid length.
[  279.353169][ T7423] netlink: 'syz.7.973': attribute type 4 has an invalid length.
[  279.734030][   T26] audit: type=1326 audit(1749277736.267:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  279.808076][   T26] audit: type=1326 audit(1749277736.267:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  279.912090][   T26] audit: type=1326 audit(1749277736.297:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  279.979363][   T26] audit: type=1326 audit(1749277736.297:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.059491][   T26] audit: type=1326 audit(1749277736.297:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.129686][   T26] audit: type=1326 audit(1749277736.307:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.187344][   T26] audit: type=1326 audit(1749277736.307:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.267639][   T26] audit: type=1326 audit(1749277736.307:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.423497][   T26] audit: type=1326 audit(1749277736.317:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  280.620557][   T26] audit: type=1326 audit(1749277736.587:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.6.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a498e929 code=0x7ffc0000
[  282.541314][ T7487] device vlan2 entered promiscuous mode
[  282.746328][ T7494] netlink: 'syz.6.1000': attribute type 10 has an invalid length.
[  282.847461][ T7494] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.862232][ T7494] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  283.095837][ T7497] bond0: (slave batadv0): Releasing backup interface
[  283.711385][ T7514] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1007'.
[  283.908109][ T7517] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  283.960449][ T7514] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1007'.
[  284.071302][ T7514] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  284.166479][ T7514] bond1 (unregistering): Released all slaves
[  286.758598][ T7559] overlayfs: failed to clone upperpath
[  286.899086][ T7563] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1024'.
[  287.311131][ T7574] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1027'.
[  287.393969][ T7566] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1024'.
[  287.787642][ T7585] MPTCP: kernel_bind error, err=-99
[  288.311273][ T7605] batman_adv: batadv0: Adding interface: macvlan2
[  288.334841][ T7605] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.370544][ T7605] batman_adv: batadv0: Not using interface macvlan2 (retrying later): interface not active
[  289.360084][ T7624] loop8: detected capacity change from 0 to 16
[  289.400324][ T7624] erofs: (device loop8): mounted with root inode @ nid 36.
[  289.437705][ T7618] device batadv_slave_0 entered promiscuous mode
[  289.444427][ T7624] overlayfs: failed to get metacopy (-117)
[  289.810356][ T7633] netlink: 'syz.5.1047': attribute type 4 has an invalid length.
[  289.887961][ T7633] netlink: 'syz.5.1047': attribute type 4 has an invalid length.
[  291.163990][ T7666] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  291.203831][ T4322] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  291.266323][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1061'.
[  291.389502][ T4322] usb 9-1: Using ep0 maxpacket: 32
[  291.404957][ T4322] usb 9-1: config 0 interface 0 has no altsetting 0
[  291.426376][ T4322] usb 9-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=39.2b
[  291.450048][ T4322] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.468527][ T4322] usb 9-1: Product: syz
[  291.477169][ T4322] usb 9-1: Manufacturer: syz
[  291.492290][ T4322] usb 9-1: SerialNumber: syz
[  291.515773][ T4322] usb 9-1: config 0 descriptor??
[  291.548411][ T4322] usb 9-1: Direct firmware load for BCM2033-MD.hex failed with error -2
[  291.583450][ T4322] usb 9-1: Falling back to sysfs fallback for: BCM2033-MD.hex
[  292.477494][ T7697] tipc: Started in network mode
[  292.506866][ T7697] tipc: Node identity 4, cluster identity 4711
[  292.532222][ T7697] tipc: Node number set to 4
[  292.562504][ T7702] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.652056][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  292.796598][ T7713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1079'.
[  295.329665][    C1] Unknown status report in ack skb
[  295.494293][ T7736] loop8: detected capacity change from 0 to 256
[  295.538112][ T7736] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.578967][ T7736] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.662810][ T7742] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.750694][ T7742] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.757697][ T7742] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.908186][ T7736] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.918560][ T7736] FAT-fs (loop8): Directory bread(block 1285) failed
[  295.937256][ T7736] FAT-fs (loop8): Directory bread(block 1285) failed
[  296.091227][ T7735] FAT-fs (loop8): Directory bread(block 1285) failed
[  296.114971][ T7735] FAT-fs (loop8): FAT read failed (blocknr 1281)
[  297.692830][ T7782] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1104'.
[  297.772804][ T7786] netlink: 'syz.5.1106': attribute type 10 has an invalid length.
[  297.893613][ T7786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.906065][ T7784] Invalid ELF header magic: != ELF
[  297.925095][ T7786] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  297.954032][ T7789] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.973566][ T7789] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.024637][ T7789] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.059047][ T7789] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.164753][ T7789] bond0: (slave batadv0): Releasing backup interface
[  298.362534][ T7776] loop8: detected capacity change from 0 to 512
[  298.385195][ T7801] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  298.403423][ T7776] EXT4-fs: Ignoring removed nomblk_io_submit option
[  298.415693][ T7797] overlayfs: failed to clone upperpath
[  298.419731][ T7776] EXT4-fs: Ignoring removed nobh option
[  298.429628][ T7776] EXT4-fs: Ignoring removed nobh option
[  298.449663][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1112'.
[  298.465615][ T7776] EXT4-fs: Conflicting test_dummy_encryption options
[  298.801071][ T7811] lo speed is unknown, defaulting to 1000
[  299.103909][ T7822] netlink: 'syz.6.1122': attribute type 39 has an invalid length.
[  299.529372][ T4257] Bluetooth: hci4: command 0x0406 tx timeout
[  300.269075][ T7831] netlink: 'syz.8.1126': attribute type 10 has an invalid length.
[  300.307299][ T7831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.329198][ T7831] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  300.346630][ T7834] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.368657][ T7834] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.386667][ T7834] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.495585][ T7834] bond0: (slave batadv0): Releasing backup interface
[  301.968347][ T7868] loop8: detected capacity change from 0 to 1024
[  302.014070][ T7869] tipc: Failed to remove unknown binding: 66,3,3/0:1760856182/1760856183
[  302.119077][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1143'.
[  303.106571][ T7895] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  307.864722][ T7992] fuse: Bad value for 'fd'
[  307.929538][ T7985] netlink: 'syz.5.1181': attribute type 39 has an invalid length.
[  310.347358][ T4307] libceph: connect (1)[c::]:6789 error -101
[  310.373813][ T4307] libceph: mon0 (1)[c::]:6789 connect error
[  310.599953][ T8010] ceph: No mds server is up or the cluster is laggy
[  310.788346][ T4307] libceph: connect (1)[c::]:6789 error -101
[  310.795045][ T4307] libceph: mon0 (1)[c::]:6789 connect error
[  310.928876][    C0] ------------[ cut here ]------------
[  310.934597][    C0] WARNING: CPU: 0 PID: 8018 at net/mac80211/tx.c:4934 __ieee80211_beacon_get+0x1952/0x1f50
[  310.944684][    C0] Modules linked in:
[  310.948632][    C0] CPU: 0 PID: 8018 Comm: syz.7.1191 Not tainted 6.1.141-syzkaller #0
[  310.956749][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.966983][    C0] RIP: 0010:__ieee80211_beacon_get+0x1952/0x1f50
[  310.973651][    C0] Code: ff ff ff e8 a0 f6 eb f7 0f 0b 48 8b 7c 24 20 e8 b4 ae 7f fe e9 dd e9 ff ff e8 8a f6 eb f7 0f 0b e9 f1 ee ff ff e8 7e f6 eb f7 <0f> 0b e9 61 f2 ff ff e8 72 f6 eb f7 48 c7 c7 f0 99 d9 8d 4c 89 f6
[  310.993334][    C0] RSP: 0018:ffffc900000078a0 EFLAGS: 00010246
[  310.999468][    C0] RAX: ffffffff8994dff2 RBX: 0000000000000000 RCX: ffff888018e81dc0
[  311.007460][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  311.015590][    C0] RBP: ffffc90000007aa8 R08: ffff888018e81dc0 R09: 0000000000000003
[  311.023608][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: 1ffff92000000f2c
[  311.031719][    C0] R13: dffffc0000000000 R14: ffff8880614ce258 R15: ffff88807d6e3200
[  311.039731][    C0] FS:  00007f52b6d5a6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  311.048734][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  311.055368][    C0] CR2: 00007f5372077ffb CR3: 000000005559d000 CR4: 00000000003506f0
[  311.063607][    C0] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[  311.071629][    C0] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  311.079663][    C0] Call Trace:
[  311.083080][    C0]  <IRQ>
[  311.086018][    C0]  ? verify_lock_unused+0x140/0x140
[  311.091261][    C0]  ? __ieee80211_beacon_get+0xad/0x1f50
[  311.096846][    C0]  ? ieee80211_beacon_get_template+0x40/0x40
[  311.102882][    C0]  ieee80211_beacon_get_tim+0x5b/0x4d0
[  311.108361][    C0]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  311.113968][    C0]  ? read_lock_is_recursive+0x10/0x10
[  311.119390][    C0]  __iterate_interfaces+0x243/0x500
[  311.124609][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[  311.130904][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  311.138124][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[  311.144407][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  311.151577][    C0]  mac80211_hwsim_beacon+0xb7/0x1b0
[  311.156841][    C0]  __hrtimer_run_queues+0x554/0xd60
[  311.162138][    C0]  ? hw_scan_work+0xf30/0xf30
[  311.167132][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  311.172304][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  311.178455][    C0]  hrtimer_run_softirq+0x183/0x2a0
[  311.183630][    C0]  handle_softirqs+0x2a1/0x920
[  311.188424][    C0]  ? __irq_exit_rcu+0x12f/0x220
[  311.193355][    C0]  ? do_softirq+0x200/0x200
[  311.197945][    C0]  ? irqtime_account_irq+0xb2/0x1b0
[  311.203195][    C0]  __irq_exit_rcu+0x12f/0x220
[  311.207927][    C0]  ? irq_exit_rcu+0x20/0x20
[  311.212559][    C0]  irq_exit_rcu+0x5/0x20
[  311.216825][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  311.222533][    C0]  </IRQ>
[  311.225489][    C0]  <TASK>
[  311.228472][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  311.234491][    C0] RIP: 0010:lock_acquire+0x20f/0x490
[  311.239830][    C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  311.259512][    C0] RSP: 0018:ffffc9000d2df4c0 EFLAGS: 00000206
[  311.265668][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 798cdc2bad6ba800
[  311.274002][    C0] RDX: 0000000000000000 RSI: ffffffff8a6c1160 RDI: ffffffff8abf1360
[  311.282086][    C0] RBP: ffffc9000d2df5c8 R08: dffffc0000000000 R09: fffffbfff211705d
[  311.290152][    C0] R10: fffffbfff211705d R11: 1ffffffff211705c R12: 0000000000000000
[  311.298225][    C0] R13: 1ffff92001a5bea4 R14: 0000000000000246 R15: dffffc0000000000
[  311.306349][    C0]  ? __might_sleep+0xd0/0xd0
[  311.311061][    C0]  ? read_lock_is_recursive+0x10/0x10
[  311.316639][    C0]  ? __unix_dgram_recvmsg+0xa10/0xd70
[  311.322112][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  311.327203][    C0]  __mutex_lock+0x120/0xaf0
[  311.331832][    C0]  ? __unix_dgram_recvmsg+0x1df/0xd70
[  311.337344][    C0]  ? mark_lock+0x94/0x320
[  311.341771][    C0]  ? __unix_dgram_recvmsg+0x1df/0xd70
[  311.347290][    C0]  ? mutex_lock_nested+0x10/0x10
[  311.352295][    C0]  ? skb_copy_datagram_iter+0x290/0x290
[  311.357876][    C0]  __unix_dgram_recvmsg+0x1df/0xd70
[  311.363230][    C0]  ? unix_unhash+0x10/0x10
[  311.367671][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  311.373873][    C0]  ? mark_lock+0x94/0x320
[  311.378247][    C0]  ? unix_dgram_recvmsg+0xa9/0xd0
[  311.383402][    C0]  ? unix_dgram_sendmsg+0x16c0/0x16c0
[  311.388911][    C0]  ____sys_recvmsg+0x292/0x580
[  311.393744][    C0]  ? __sys_recvmsg_sock+0x40/0x40
[  311.398919][    C0]  ? import_iovec+0x6f/0xa0
[  311.403481][    C0]  ___sys_recvmsg+0x1b2/0x510
[  311.408176][    C0]  ? __sys_recvmsg+0x270/0x270
[  311.413012][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  311.418078][    C0]  ? __might_fault+0xc2/0x120
[  311.422806][    C0]  ? __might_fault+0xa6/0x120
[  311.427588][    C0]  do_recvmmsg+0x359/0x7d0
[  311.432180][    C0]  ? __sys_recvmmsg+0x280/0x280
[  311.437133][    C0]  ? do_futex+0x310/0x320
[  311.441544][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  311.446630][    C0]  ? rcu_read_lock_sched_held+0x86/0xf0
[  311.452254][    C0]  ? __se_sys_futex+0x14a/0x440
[  311.457156][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[  311.462237][    C0]  ? do_recvmmsg+0x7d0/0x7d0
[  311.466931][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  311.472213][    C0]  do_syscall_64+0x4c/0xa0
[  311.476647][    C0]  ? clear_bhb_loop+0x60/0xb0
[  311.481373][    C0]  ? clear_bhb_loop+0x60/0xb0
[  311.486071][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.492118][    C0] RIP: 0033:0x7f52b5f8e929
[  311.496609][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.516296][    C0] RSP: 002b:00007f52b6d5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  311.524977][    C0] RAX: ffffffffffffffda RBX: 00007f52b61b6080 RCX: 00007f52b5f8e929
[  311.533655][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[  311.542017][    C0] RBP: 00007f52b6010b39 R08: 0000000000000000 R09: 0000000000000000
[  311.550664][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  311.558640][    C0] R13: 0000000000000000 R14: 00007f52b61b6080 R15: 00007fff30e8a4b8
[  311.566660][    C0]  </TASK>
[  311.569715][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  311.576991][    C0] CPU: 0 PID: 8018 Comm: syz.7.1191 Not tainted 6.1.141-syzkaller #0
[  311.585157][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.595233][    C0] Call Trace:
[  311.598539][    C0]  <IRQ>
[  311.601398][    C0]  dump_stack_lvl+0x168/0x22e
[  311.606088][    C0]  ? memcpy+0x3c/0x60
[  311.610088][    C0]  ? show_regs_print_info+0x12/0x12
[  311.615394][    C0]  ? load_image+0x3b0/0x3b0
[  311.620118][    C0]  panic+0x2c9/0x710
[  311.624052][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  311.628664][    C0]  __warn+0x2f8/0x4f0
[  311.632807][    C0]  ? __ieee80211_beacon_get+0x1952/0x1f50
[  311.638755][    C0]  ? __ieee80211_beacon_get+0x1952/0x1f50
[  311.644508][    C0]  report_bug+0x2ba/0x4f0
[  311.648857][    C0]  ? __ieee80211_beacon_get+0x1952/0x1f50
[  311.655036][    C0]  handle_bug+0x3a/0x70
[  311.659213][    C0]  exc_invalid_op+0x16/0x40
[  311.663781][    C0]  asm_exc_invalid_op+0x16/0x20
[  311.668731][    C0] RIP: 0010:__ieee80211_beacon_get+0x1952/0x1f50
[  311.675085][    C0] Code: ff ff ff e8 a0 f6 eb f7 0f 0b 48 8b 7c 24 20 e8 b4 ae 7f fe e9 dd e9 ff ff e8 8a f6 eb f7 0f 0b e9 f1 ee ff ff e8 7e f6 eb f7 <0f> 0b e9 61 f2 ff ff e8 72 f6 eb f7 48 c7 c7 f0 99 d9 8d 4c 89 f6
[  311.695004][    C0] RSP: 0018:ffffc900000078a0 EFLAGS: 00010246
[  311.701781][    C0] RAX: ffffffff8994dff2 RBX: 0000000000000000 RCX: ffff888018e81dc0
[  311.709769][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  311.717749][    C0] RBP: ffffc90000007aa8 R08: ffff888018e81dc0 R09: 0000000000000003
[  311.725725][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: 1ffff92000000f2c
[  311.733702][    C0] R13: dffffc0000000000 R14: ffff8880614ce258 R15: ffff88807d6e3200
[  311.741708][    C0]  ? __ieee80211_beacon_get+0x1952/0x1f50
[  311.747450][    C0]  ? verify_lock_unused+0x140/0x140
[  311.752693][    C0]  ? __ieee80211_beacon_get+0xad/0x1f50
[  311.758239][    C0]  ? ieee80211_beacon_get_template+0x40/0x40
[  311.764242][    C0]  ieee80211_beacon_get_tim+0x5b/0x4d0
[  311.769711][    C0]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  311.775281][    C0]  ? read_lock_is_recursive+0x10/0x10
[  311.780678][    C0]  __iterate_interfaces+0x243/0x500
[  311.785896][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[  311.792157][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  311.799363][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[  311.805622][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  311.812659][    C0]  mac80211_hwsim_beacon+0xb7/0x1b0
[  311.817864][    C0]  __hrtimer_run_queues+0x554/0xd60
[  311.823075][    C0]  ? hw_scan_work+0xf30/0xf30
[  311.827761][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  311.832876][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  311.838959][    C0]  hrtimer_run_softirq+0x183/0x2a0
[  311.844076][    C0]  handle_softirqs+0x2a1/0x920
[  311.848851][    C0]  ? __irq_exit_rcu+0x12f/0x220
[  311.853716][    C0]  ? do_softirq+0x200/0x200
[  311.858279][    C0]  ? irqtime_account_irq+0xb2/0x1b0
[  311.863486][    C0]  __irq_exit_rcu+0x12f/0x220
[  311.868175][    C0]  ? irq_exit_rcu+0x20/0x20
[  311.872791][    C0]  irq_exit_rcu+0x5/0x20
[  311.877039][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  311.882684][    C0]  </IRQ>
[  311.885611][    C0]  <TASK>
[  311.888545][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  311.894526][    C0] RIP: 0010:lock_acquire+0x20f/0x490
[  311.899835][    C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  311.919462][    C0] RSP: 0018:ffffc9000d2df4c0 EFLAGS: 00000206
[  311.925541][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 798cdc2bad6ba800
[  311.933516][    C0] RDX: 0000000000000000 RSI: ffffffff8a6c1160 RDI: ffffffff8abf1360
[  311.941500][    C0] RBP: ffffc9000d2df5c8 R08: dffffc0000000000 R09: fffffbfff211705d
[  311.949494][    C0] R10: fffffbfff211705d R11: 1ffffffff211705c R12: 0000000000000000
[  311.957485][    C0] R13: 1ffff92001a5bea4 R14: 0000000000000246 R15: dffffc0000000000
[  311.965483][    C0]  ? __might_sleep+0xd0/0xd0
[  311.970091][    C0]  ? read_lock_is_recursive+0x10/0x10
[  311.975472][    C0]  ? __unix_dgram_recvmsg+0xa10/0xd70
[  311.980856][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  311.985892][    C0]  __mutex_lock+0x120/0xaf0
[  311.990408][    C0]  ? __unix_dgram_recvmsg+0x1df/0xd70
[  311.995805][    C0]  ? mark_lock+0x94/0x320
[  312.000146][    C0]  ? __unix_dgram_recvmsg+0x1df/0xd70
[  312.005523][    C0]  ? mutex_lock_nested+0x10/0x10
[  312.010467][    C0]  ? skb_copy_datagram_iter+0x290/0x290
[  312.016042][    C0]  __unix_dgram_recvmsg+0x1df/0xd70
[  312.021256][    C0]  ? unix_unhash+0x10/0x10
[  312.025685][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  312.031845][    C0]  ? mark_lock+0x94/0x320
[  312.036219][    C0]  ? unix_dgram_recvmsg+0xa9/0xd0
[  312.041292][    C0]  ? unix_dgram_sendmsg+0x16c0/0x16c0
[  312.046689][    C0]  ____sys_recvmsg+0x292/0x580
[  312.051579][    C0]  ? __sys_recvmsg_sock+0x40/0x40
[  312.056647][    C0]  ? import_iovec+0x6f/0xa0
[  312.061185][    C0]  ___sys_recvmsg+0x1b2/0x510
[  312.065882][    C0]  ? __sys_recvmsg+0x270/0x270
[  312.070676][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  312.075721][    C0]  ? __might_fault+0xc2/0x120
[  312.080400][    C0]  ? __might_fault+0xa6/0x120
[  312.085089][    C0]  do_recvmmsg+0x359/0x7d0
[  312.089536][    C0]  ? __sys_recvmmsg+0x280/0x280
[  312.094426][    C0]  ? do_futex+0x310/0x320
[  312.098810][    C0]  ? __lock_acquire+0x7c50/0x7c50
[  312.103853][    C0]  ? rcu_read_lock_sched_held+0x86/0xf0
[  312.109432][    C0]  ? __se_sys_futex+0x14a/0x440
[  312.114299][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[  312.119346][    C0]  ? do_recvmmsg+0x7d0/0x7d0
[  312.123952][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  312.129188][    C0]  do_syscall_64+0x4c/0xa0
[  312.133623][    C0]  ? clear_bhb_loop+0x60/0xb0
[  312.138304][    C0]  ? clear_bhb_loop+0x60/0xb0
[  312.143009][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.148912][    C0] RIP: 0033:0x7f52b5f8e929
[  312.153333][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.172947][    C0] RSP: 002b:00007f52b6d5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  312.181367][    C0] RAX: ffffffffffffffda RBX: 00007f52b61b6080 RCX: 00007f52b5f8e929
[  312.189441][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[  312.197417][    C0] RBP: 00007f52b6010b39 R08: 0000000000000000 R09: 0000000000000000
[  312.205394][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  312.213371][    C0] R13: 0000000000000000 R14: 00007f52b61b6080 R15: 00007fff30e8a4b8
[  312.221400][    C0]  </TASK>
[  312.224719][    C0] Kernel Offset: disabled
[  312.229088][    C0] Rebooting in 86400 seconds..