last executing test programs:

2m50.05955637s ago: executing program 4 (id=1801):
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7f}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000780)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
sendmsg(r2, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x50, 0x0, 0x0, 0x806a}, {0x6, 0xfc, 0x0, 0x4}]}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000540)={&(0x7f0000000240)=@l2={0x1f, 0xc, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1ff}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000340)="9cfe3e5845963004bc0e740540effa1996b5cd07d136a25def6f4449a2a6947e2de4f9672ff9c748de56f690b4e2b4c12c912eaca8acd6957e191f0ae418c77ecc3dced052603c6d7ce6f7e99bd7157b1c6a563f96b2abffcebe8c0aa86b8085723cebfe2c03f5194040d0f465a2a632dcaa900a47645b68dd88e44073b11a098fc1086979ed748f910112f43153db0141d263ccb703742f8af50254632b76f058079727ea5ce9130d08a35e3c55b6f6e6a7205161c9b80ce92ba41fa2d8d0620076cee89beb3f2b2153285f41c62f76c335eab2a62d52749b349d5046f06d370b9dfacf228608", 0xe7}, {&(0x7f0000000440)="a3ddfa6327a912ef395715182c252b23b6d4dd48b7f9172e4cd6199f86a1d2671fd291aaf9587f5cb013c88bc688e7afa2", 0x31}, {&(0x7f0000000800)="666086982fc07f663c037ce52739d30f9fd200da070960480d638ebf9c5d615ff02a45ea8fbf8ef2d3bb1e374b3cb3d0e28da1936a7f934a454a2fc7f7b814bfe153659054a5af47453c44acef7e10ddd3a07d3bfd9537dc75ae6bf772023089e14ea1811f6cc93b3d75a09e9a5ee73d6705275f8c4b211fb2b0314a5bd91b012060adb94ce08501067631e7ca742705d74b57c7eee0edb35329ea166a0a9e6dffde3ef518b0cc3f9b1a413df5f95dc9f43788cf29723c9b9237721257b4f6b9", 0xc0}, {&(0x7f00000008c0)="c0e4f5fa652fff1a70013b9fc03de1300c3a726cc26dd9c7683319a953b597d1411129c0d561bc940eebafe907179986dc2c53d4c903c0360c1c8c6ae6f4e38c55e774ff16b90ed10b21281cad5a8e270abfaf7c341b2b68f58bd0557d8d6e3bbad234b879cfc7d89d29b36be5fc11090656a3b12bf0111364cd7c4070df5692e28365982900135200fe9a15032e259d0837e823dc2b3fa374a6b6c7ee33c931311db257646da45a14a44898aea200588699e7ea95790b45f3ffd7cc64235fefc236a2c63e8909efc8fd07d8e9c0ac6b5625cc66f73df1745e", 0xd9}, {&(0x7f00000009c0)="9513c95ee433327bc6737bf6e31eb1a733b95c01a484bb2b6988efcb062cb92204737d6ef6032a15cbe481ae2dc042eb5ae5526cc72705cdea4facc9e03f6c62f169536a8e2a2831eb26937f59b77419e18bc04c2fa530f92ada0b5a", 0x5c}], 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="10000000000000000101000004000000680000000000000010010000aa00000074f4fc5d0bd385347d269f5d7412e84de49efbea8e7206fb23df133f56dc6f4238ccc27933365f263a095eb342f54cf05fb1e8c3f4ceef5b7c64b5becdc9b6cbad79c666c134a4393b7efa6500"/120], 0x78}, 0x9085)
syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000140)={{0x12, 0x1, 0xd2348030b18ea4b7, 0x0, 0x0, 0x0, 0x0, 0x603, 0x600, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xf, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x3, 0x2, 0x3, 0x1, 0x0, 0xa, {0x9, 0x21, 0x9, 0xea, 0x1, {0x22, 0x991}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0xff}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x4, 0x6, 0x5}}]}}}]}}]}}, &(0x7f0000000dc0)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x250, 0x0, 0x6, 0x5, 0x8, 0x1}, 0x0, 0x0, 0x7, [{0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x4001}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x861}}, {0x2, &(0x7f0000000500)=@string={0x2}}, {0xc0, &(0x7f0000000640)=@string={0xc0, 0x3, "f6a709d6f3a1b63a1675b513f0f7ee068e6d8ab5bb603ee9db8180be8dc68156e300bbfcea742187f9139c8634534c1f4d4c649fcd217a6efbe3d39c1f11c8290b9d641676d5dcd0769f3b23af61e571beca346bdd2107fddf56e52b93bff4221c4cfa18e3c9a8e2427eaf2641ae96aa488bc5616df0129c41ea6cd5647fb6880f46031974e67b791a73292132f6b4bb4365112aad1097c089bc48c30200ca5f72a73aeeb738483e54a8e4968356a09dbf359f6d5b9aba05266dc4ac5d72"}}, {0x23, &(0x7f0000000c40)=@string={0x23, 0x3, "1cc5b4ea63b78620c1558b1dcfb5845e242abe52db9ae7eb24938393f7f0e55e2e"}}, {0x71, &(0x7f0000000d00)=@string={0x71, 0x3, "ae1afe4c017e16b361bab5d2a08d0824dcecd748a0424d4c0c624bf79e3bf66e319e21b535853451d11d9cc97502e6cb6811e09fe04dd3bec9f0f226e42323e0154a90f855a8b5ae4822216142befa42a06fe438db66b88c9d8fb78464369668add39e5fe73da11a3246f435a52742"}}, {0x0, 0x0}]})
write$binfmt_aout(r4, 0x0, 0xfdef)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r7, 0x720, &(0x7f0000000180)={0x1, 0x8, 0x6, &(0x7f00000001c0)={0x8, "c6c1f7b51030c4b7c54bf28facb1ed3ee2dfe17a04bc517b5452b3b94bce47509d"}})
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000080)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90e, 0x1ff, '\x00', @value64=0xfffffffffffffffe}})

2m43.858789143s ago: executing program 4 (id=1809):
r0 = socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x4)
fcntl$getown(r0, 0x9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f00000003c0)=0x5, 0x4)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600), 0x0, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x18, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x38}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001200ff"], 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
recvmmsg(r5, &(0x7f000000c680)=[{{0x0, 0x0, &(0x7f0000000800)}, 0x1}], 0x1, 0x40002020, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc018aec0, &(0x7f00000000c0)={0x1})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffdffffffffff, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8, '\x00\x00\x00\x00\x00\x00\x00\x00\b\b\x00'}}}]}, 0x48}}, 0x0)
r9 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r9, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @multicast1}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000580)="bcfbd8e3cbdcc6f7197815cd496e339955221a3df7360e7f081af97ae6db8a4837788bf2b216083c549150024543161a9a6ea3e24cc3726c913ff78976215ed9077a1cd16081be6123095c409619cb0d69847a740195d0a0ae530072ba5a526702746099da85de38f0f9cd6a6e8ecddd0b60a082a7214f16adcd94c87fdd9652677f93aed66545a5172c1f6a46ab9be43d443449d530a4264deddb519298d41d8020c432c3a127d78833e65bfee1d0b84c8d62c7afd54193880410a4cd1410827615918f01b7856217b4ec71b162522ceb4da5cdf50e1aba994621feab0bb31a0189683d2c267cdd2538671b0547b5cd65e73480b3f024c8b78e23e9ae9ffb1dc06859c954f1ba36731bd51996b5ce37f4417b0f962c8fd886d870a29a05988cdb1ca912c6850481ffd1ce0e19f585e0e9cb80eb8af3fc4b586b1e6f3952ed2910189b21f417d6eea142f66018380d1145d44763c0ed3b9def435bceb309b5f6d4e8f9f998cbdb02849ae00c070c715c22919c5774430c9c8f27523751406512b9ccf14d593b48027a099a688c64e71cebaa5fb5d389589f63ec51cc4fb24450e61d6fdb293227a7eee73d89962e2730e71774f1a56342fd1376021971ec81b8910b7ca9d45a04c9205e3e8d4d299af41fe76684150c6dd8dad9d43aa7a269a87fc61bc5c8ed6d5bb285a902873caf34259e39d78228bc2cc6821a3867797351136aaef2b2b224c40b92caed3d4dfc39291376c46b1b5aed8adffd70eef2e947949f79d44e7c5080290fa44334e2be2b191af41a99e5d2a502583a645fea1304788a3068a907f170795a0473c281643e21ddb9a75cceb921f4ff293bbab69dc90d1db8133f87e555160511a43ce6a30a19ee25f02fa74ae41d7d14c6e89254a9d5ae834f6e7c7f612ddf2a977b675b00805caf3d11cca7da4271921089ea3dee96077cbf3792ea7ca9bf2ce7e51bc0add461927171fad2d6fbef5af8e3e89529a448b14e76839c32f7e0e170a73eca8d18318d23ca2371b297b527bd6be37b0174b2963ce95bb28404f9441be64287a6ecb310f0f56c14ba488dd63c9b5b5a3055ead0fc78aa004560acdd18193731bfdf76315dc7f445adc81b3797024dcf724ebba3787cf17e71a17751aed2411ed595396c6ee26937e9c64b0e504ee7fcbfb48157204116c3f8dd697440ab14b779ecad0be458cecfa9fe9d44b312be9f25a67ba60d9917052c3cc918bff089ee910a882c4e40cf5f6b2d87a7abaad5737e27c201eb7633284ab5ec8c2ebb6d723d7556990e436bc8d7cd4b4f63e969916b181b7ea355e8ba491c39d1ab4897fc83c3de6a3dad7330dac0058ee0f09a119495ce5a2b3c4dfd5770dbfc62055545b8bb419f2592831f2b5a491832b10c508459097fe75f1326ebbb311db322520066acd3676ac542fb167156c693cd2b936ec45b8f3a231c1402a186166d6ac28c4147c9db755fbaa713bb62c54e059bf0c3ca5b1f05b8ccbe660c06a985c09c42ef5ab43fb984e9c9584b75b2f8513be99e9cb0ff345c4fc4e96f704e958dfe1b215dee59d949fe42897af7a2dbb91f66cbe39b9fbd967d92db3cc88a81010ff7c9381c401229f3048f0c393a07b1dad18230845c7bcb904f897ad2cadb8d68008c981cdd9ad149d82aa3f050eb19cf71eac8a5bf431534db4132d2bf11e54ea7b249d1c3da720e09af4845758c61e66109a07bf1aac592c846dfd1aacbc693a52a83bbbe89d287311ad484a1e4f459fe1b663f910ea211e54d0b84e193990c0cd0e1094790b306ed685d4d42a79e6041966d29939ffcb0bea5d69e3dacaf8ed867cf56cd0035f5f20ff2fc7efa5500ec3089f91852f9fbed9ef49cd26d8dd02808f5587fea29297e551b33c414693c9db7a1f1f12814376ece529090993bd8e2d551ada1f5a1700a0c7646ace9f1e72e700b2dead1844943a2365810bb13ebde454114f866b2db2b5bf773608ccfd1824684dc94bc03a765a5075de80c48d0b066bc9df33fe4027a15d4882319c38927b50ef03c1fb19541b6941730fc00d0485e97d3891711e5dedade7686d1cf85744e2ef0df5df1773b46796105661650776c92cdca327925fdf6ce877c54a03912cded84a735bcfad2e60760b35c5166977372ff4dd4796ae9b2995ae8cbfc2b7825ec5fac9c786e500aa22ff98b3e9ae30575d86640122c8b7faa647e2e46c0236e3629810a4d324c63ebee5e834f9bb8a772291faad5192647e80ccf8379dd548211743fdefd5014398739e6e76769a24a8b095bb76b104edf2418235ec4cf46a631e0e7c412b573ac928db317ac7d28763ae7a3498b2b5dff05fca7155704aea9a1611ab13270413762a0f9212812c0ddfbc39519a6cd00b11bb9563948316e4d17bbd24f8ea8ece985231eb017dfab85a367ca861df41fbcae36f3ea1b669c2bf936911f94a4c01aa269f887e0c74ead6a6e020950f607477fb368b640e7d2a8f0ee4995c2c8af77c9986309bca1c6abe9cb1f797f952575d7574bcc2cc35160183143630955ac1c85586cce1aa4ddc1f7b03a1fab821d994f17bb5b71a0a4848067822bd2da736b50543045c2eceba62af4b353917e4c21e78cd352dd4db61ee60337c1bcbb6632cccaa0689086ae358b5905f3e5ebb97187c9e08547a90010731ea8576729b5247d62c4d2ec9d3716fdfee11cba04c565a81188091899aeb26f53399c4579ca519cd76934e57f0ca401204b43dab0c65d6a27b5625dc6c962ceececaa51149b5241ab5392122b06c0fab9b173c099b5622f320c0f984550b7b28d384ecf61965614bef207d5faacdd3ff29d43fbbfffb78e03f6c759630dd389ff2a06b1b69b0ea568c0b087f14e8f46e32e2d983cde8400ecb12693e456d49b26ead10ec04cba8c08544c9c7421e833a1485448e72f8b920b293c538ef20bb1d70d2c96e7c896fa547dd2abe90c36524a99fb51cfd141f3cda9d07ed5bad92bd12a704e646553829be925b975c1281e34d8b12ca66e008cb5959d9308ab9b9538f57e6135f55ba080551f1f2aae75e9d95eba84f3a95f89fb910b930f0b6d407e082e4f0768b1540795d8a4d04021db8efd0fb56cc0b25d6b5be21239021e1941ff4993efea4d96510e1ccc0011546b29a357ba9ff3c06b6509176158d137a1e27dc329334547f0e24ab98dc1bb8a9e56d7c4792c619c52bbd34a0b84a34d3f59a3cfb43df7625887241fd9194008961e19d0d4b267b6c8fba109e2f63e654b1833bcd6842563a71e9cc8053e69fa3b65ad07c52e7dfaf080f26fb2399f1b1fc5c1ddf90901d1f58b930a03a23b5d79b4e05e229e2f4849630bbeba7d91fc259be05bc400479ad956d766724580a4a44b4ba90573d93cabce6715e80ad5d9596197e106d9c2f358f983b04171c9a24bcf57a1007ece45725cdbc6bfc4ae2fdc6b053195f75efab4b94154f87fb63662f3d19aac9c29503e275972265aef27241350baca1c9e8d7dfed4ec69c06f8d771e35e4344c60711776d656c6cc11847314810b816fc371233038f6b4986fce3682fe38c8ef99ed5978ec62523b732bdd", 0x9e1}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x10b8}, 0xff00)
r10 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x2)
ioctl$sock_inet_tcp_SIOCOUTQ(r10, 0x5411, 0x0)

2m41.792535372s ago: executing program 4 (id=1813):
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/igmp\x00')
mount$fuse(0x0, 0x0, &(0x7f0000000280), 0x2001, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYRES8=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYBLOB="ff9626"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2m39.293188192s ago: executing program 4 (id=1819):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2m38.733918846s ago: executing program 4 (id=1820):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$binfmt_misc(r1, &(0x7f0000000400)="b0dec1", 0x3)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md5)\x00'}, 0x58)
r3 = accept$alg(r2, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40, 0x0)
sendfile(r3, r5, 0x0, 0x3)
socket$kcm(0x2, 0x3, 0x2)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0x7}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)

2m36.435524772s ago: executing program 4 (id=1822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_UNMAP(r2, 0x3b86, &(0x7f0000000180)={0x18, 0x0, 0xc2, 0xffffffff})

2m20.560324164s ago: executing program 32 (id=1822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_UNMAP(r2, 0x3b86, &(0x7f0000000180)={0x18, 0x0, 0xc2, 0xffffffff})

1m22.730729079s ago: executing program 0 (id=2528):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x50, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MEDIA={0x4}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x800}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffa}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x1200e0a0}, 0x20000000)

1m22.412341623s ago: executing program 0 (id=2532):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x0, 0xc1, 0x7f, 0xc}}]}}]}}, 0x0)
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$binfmt_script(r0, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m19.313360646s ago: executing program 0 (id=2569):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x80, 0x5, 0x8000, 0x5acb, 0x6, 0x1, 0x100, 0x401, 0x2}}}}]}, 0x58}}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0xf, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

1m18.815297278s ago: executing program 0 (id=2575):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
open(0x0, 0x14927e, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000040)=ANY=[], 0x1, 0x5e7, &(0x7f0000000680)="$eJzs3cFvHFcdB/DvbBxnHaTUcZM2oEpYRaoQFsl6LZGUC1AKslCFKnHgbBEnsbJJK3uL3B4gIA4Vp/4JRcj/AOJYpBxoDxzg1LNRj0jcfdtqZmfX62TrJrab3TSfjzT73ps38/b3fjM7mVkr2gDPrNWlzNxPkdWlN7bL9u7OSmd3Z+XOoJ7kTJJG0kxSlKv/nuSz5F76S7456BgpH/LpR82bn3zw8fv9VjlWs5jpb18ctt+jGcYy34+1Kk9qvPaxxzs4w4Uki8eLD05Gb+C/Y7uP+bkEAKZZkZwat34+OVvfsJfPAf274v499lPt3qQDAAAAgCfgub3sZTvnJh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE3q3/8v6qUxqC+mGPz+/2y9LnX9qXZ/0gEAAAAAAAAAwAn49l72sp1zg3avqP7m/3LVuFC9fiPvZCvr2czlbGct3XSzmeUk8yMDzW6vdbuby4+wZ3vsnu0nM18AAAAAAAAA+Jr6Y1b3//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADToEhO9YtquTCoz6cxk6SZZLbc7l7yn0H9aXZ/0gEAAADAE/DcXvaynXODdq+onvlfqJ77m3knd9PNRrrpZD3Xq+8C+k/9jd2dlc7uzsqdcnl43J/8/7HCqEZM/7uH8e98qdpiLjeyUa25nN/krXRyPY1qz9KlQTzj4/pDGVPxo9ojRna9LsuZ/6Iup8N8lZHTw4y06tjKbJw/PBOPeXQefKflNIbf/Fz4CnJ+ti7L+bw+1Tlvj5x9LxyeiWTh13++eqtz9/atG1tL0zOlI3owEysjmXjxmcpEq8rExWF7NT/Pr7KUxbyZzWzkt1lLN+tZzOtVba0+n8vX+cMz9eMDrTe/LJLZ+rj0r6KPF9PL1b7nspFf5q1cr45oK1dzNe38IK+mdeAIXxwb9+97dfder9dL4/E+9d/5bl05neRndTkdyryeH8nr6DV3vuobXbOfpYWTvzbOfKuulGfPa1N3bTz/wL8Sg0w8f3gm/lKdOFudu7c3b629/Yjv90pdlhn46TATM/Xa3qkTmdSRlOfLwjCWg2dH2ff82L7lqu/CsK/xUN/FYd+XfVJn63u4h0dqV30vju3r73dppG/c/RYAU+/s987Ozv1v7t9zH879ae7W3BvN185cO/PSbE7/8/QPZ1qnXmm8VPwtH+Z3+8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0W29+97ttU5nffPIlcEvER13HBUVlempTPrKBHzVrnTvvH1l6933vr9xZ+3m+s31u6+2rl1bXl6+2rpyY6OzXr9OOkoA4CTt3/RPOhIAAAAAAAAAAAAAAOCLPIn/TjzpOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9vq0uZuZ8iy63LrbK9u7PSKZdBfX/LZpKirPwjyWfJvfSXzI8MV3zR+3z6UfPmJx98/P7+WM1q+3+1T2IWB2JpPBDTccdrj4z31yMNVwwzs5hkoS5h4j4PAAD//6LKBsA=")
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1m17.987136587s ago: executing program 0 (id=2583):
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x3ff, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0x7fffffffffffffff], 0xffff1001, 0x43000})
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000004, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0xeeee0000, 0x9, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x15, 0x3, 0xd, 0x87}, {0x6000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x4, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x2024, 0x2, 0x1500, 0x3000, [0x6800000000000000, 0x4, 0x5e, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m17.622836652s ago: executing program 0 (id=2588):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
epoll_create1(0x80000)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$netlink(0x10, 0x3, 0x0)
pipe(0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m17.210774091s ago: executing program 33 (id=2588):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
epoll_create1(0x80000)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$netlink(0x10, 0x3, 0x0)
pipe(0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.767518534s ago: executing program 1 (id=3186):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000d40)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)="6db50725c08c11bbd2f097b245b4d706b776a9cf888bccd256c6b1a652da6b1254508f0a2d41949416f99928db60b4280aad0c3f014ff4654ffea04c8853cd9dfc", 0x41}], 0x1}], 0x1, 0xc000)
io_setup(0xff, 0x0)
io_submit(0x0, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x41}])

3.477113114s ago: executing program 1 (id=3190):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b40), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x111}}, 0x20)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29", 0xffd}], 0x3)

3.291714076s ago: executing program 1 (id=3193):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x40}, 0x18)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x4008, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2.884167773s ago: executing program 1 (id=3197):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000080))
pipe(0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

2.629822352s ago: executing program 1 (id=3202):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d", @ANYRES8=0x0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

2.464289231s ago: executing program 3 (id=3204):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000280)=[{0x25, 0x0, 0x0, 0x7}]})

2.445897143s ago: executing program 1 (id=3205):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0xabf4, 0x8})

2.414223487s ago: executing program 6 (id=3206):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

2.293576207s ago: executing program 3 (id=3208):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000001c0)='./file1\x00', 0x4040, &(0x7f0000000580)=ANY=[], 0x4, 0xfc0, &(0x7f0000002240)="$eJzs3UFsHNUZAOA3613bwSZeA4UAJaTQikDBDglS01sQqJdKiEvvoJDQCENRQysRAXF6QFRCFAn1VHEAcaFUSpGKRFWpQj21PbVqT+0F9UKlKpWCemiR4q1iv7F3n3ey6/Hu7Nr+Punf5zdvdv5/djfOzOz6bQD2rNrq7UOTsfvoy09lH11dduf6GodWb7PYa4YQGm39LNnep3HBlcsvnezWZuHo6m3eD49dWr/vTAhhORwKn4Rm+GBx6fP3337k8IevTt/8xrlnXhnCrndI9wMAAHaji39c+tu9//zD/fNfXDx4IkytL8+Pz5uxPxOP+4/EA+X8eLkWOvtZW7SbTNabiFFL1ptI1qsneeoF+RrJdhoF6032yDfRtqzbfgIAAMBOlJ/XNkNWW+jo12oLC2vn/Vd9OjeZLTx3Zun02REVCgAAAJT2n/OrH7rdwTE9BjWINPblL7Ct3e+Db2/9PtuKWsX56lXky6/ijcHroLIo93oTQgghhBhcOB4ROyBacxVdaAAAAACI0vnCNlke7Exd61tr9pf/0sO17veHAUhef5unnRjw6//a+ac3r1Bp/i6Gn78x4vzX3P/3LviNAwBAebv1aDLfr/w4Op/HIJ1HcKLjXjMTWz3/qCXbqW+xzqJ5BXfKfINFdU5UXEdZRfVv9XkclaL60/kwx1VR/ek8neOqqP6piusoq6j+Lld+wjj+sy6qf1/FdZRVVP91FddRVlH9MxXXUVZR/bMV11FWUf3XV1xHWUX176+4jrKK6t8pH6stqr9ZcR1lFdU/v9aM/WFEUf03VFxHWUX131hxHWUV1X9TxXWMyh2xzR+HgwXrzXQ5+Bu7g0EAAACgq//t+Pn/dmVkPdepj7zGPR+r77GPMP/EGDwGw46ZwW/z6dkx2C8xTnFh7T/DzuXTXZaJbUVtDGoYVuzr9hoSQgghxjLOj+7SAwAAADAm8r8LyP/qvRXl4xObxv/+7tXbfLzePj69sYF8vNFj+5M9xqd6jAMAAAAh/Oa107e+mW3Md5f+Tf9W58PL543aFz5aCSXmMUrnI9xq/u3Oe7bd/N0nHNkps7EBAACwW2Xf+mTlvkffeWH+i4sHT7Sd/a7E8918HtB6vDbwceznnwuYTfpZfg59ojNPrWC99PrA9UXbe3ybOwoAAAB7WH7+3gxZbaHtvLsZarWFhY3z8QOhkZ0+s3TqSOzn38/y+7nG1NXlD1ZcNwAAANC/jfP97uf/+ff4HgiT2cJzZ5ZOn13rz64vb9TarwvMbSzP2q8LNJPlRwuWH4v9+P2d4btz+1aXL5z83tJTg955AAAA2CPOvnjumSeXlk59f+/8UA8hbGs7YRz2wg9+GOoPo/7NBAAADNpnn73V+MGx2d/Or7QOnmib/24l/nAo9ptxbr8/xeX55wTyvwPY9Pf6T3TmmSta7/nO9ZrJehMxppK6p9u2E1bnG+y833xRvmbndiYL8s0k+WaTfOk8BfVk/azLXIKhy0yA+XpzyfJ0HsZ6kiNL8t/VJRcAAADkFl949vnFsy+ee+DMs08+ferpU88dO3r8m8ePH3nwGw8urn6uf7H90/0AAADATrTxod9RVwIAAAAAAAAAAAAAAAAAAAB7VxVfJzbqfQQAAIC97t/nQwjLQhRE/gWDo65jp0c2BjUML1pTo69hd0fw7zCNCY+HECH89Y3R1zAGUfP7QIj+YrTnfdPVHsu0Wq3WGDzmYxitVvpN8wAAAADDdeXySyfb202Ws4HmW99ac61ZiXnzdvaBv8xfjXy1Sw93Xi+5bqDVsNdV/fqXf1zzT3Udf+/CYPOvXohvbvR7//6rdW7gxOptPfb29Zv3nsWfH1jPH0K4rd5n/o79vxDC4/1m7HQ4yX9P6C9/653k8X+io1frN/+9Sf7QZ/5L6fP/fFGGdMud7ov5D8T+4bv7zd+5i1NJtn5fAF9P9v+p0G/+ZP+bfSZM3B/zA8BetP6/eev8aAsZsPwoIT+enon9fH/zA9b00w9bPf6vJdupb7vyzu3mx0G3xP76Ud1yZ97cVuvPH5fZ2F5fss7UTvlUSVH9g3oeh62o/kbFdZRVVP9kxXWUVVR/97P3MisNV1H91z57HB9F9fd9IWLEiurfKdeVi+qfqbiOsorqn624jrKK6t/q/+OjUlT//orrKKuo/rmK6yirqP6Sl9UqV1T/fMV1lFVU/w0V11FWUf03VlxHWUX131RxHaNye2yLzofz88+5OJb3m0l/qstj2febIQAAAMBQ/Wss5/9ru3Iw8lqEEEJUHQ2//0WJmBiDGoTYyfHf1ppR1yEGEK250dcgxjJW50Vkz8p20GfFARic4c5mwbjz/O9tnv+9zfPPteTvxGdJPzfRY7zeY7zRY3wyGc+SO04VjUc3Jttt5dc1o5t6jH8p7kHR+P7k/j9Mxm/psf0DPcZv7TF+W4/x23uMAwAAsDfcHFvnhwAAALB7vfyLj1//1T1PXJ7/4uLBE2Fy07zzR2J/Kr63/lrsp/Pe5xrxPf8fxf67sf1dbP+RrO/zJwAAADB8+ffEeP8fAAAAdq/8e0qd/wMAAMDuNR9b5/8AAACwe90QW+f/AAAAsItl090Xxza/LnBXbPud1w8AGH9fju0dsT0Y2ztj+5XY5scBd8f2qxXVBwAMzs++8+Pjb2Yb8/0fS8avxOV5u8ny2pWCrNY5k/++2F4X26/1WU/6fQD95s/t7zPPsPLPbTM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB71FZvH3roQBbCT3/91qM/mXz9z1eX3bm+xqHV2yz2miGExvr98tGN/i/jilcuv3SyvV2JbRaOhixk68vDY5fWM82EEJbDofBJaIYPFpc+f//tRw5/+Or0zW+ce+aVIT4EHfsHAAAAu9H/AwAA///f+hdH")
r0 = open(&(0x7f0000000340)='./file2\x00', 0x1c5902, 0x128)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='rcu_utilization\x00', r1}, 0x18)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(r0, &(0x7f00000001c0)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)

2.098488884s ago: executing program 6 (id=3210):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0xf, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

2.098268928s ago: executing program 2 (id=3211):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, 0x0)

2.089815703s ago: executing program 5 (id=3212):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0xc0)

1.907471231s ago: executing program 2 (id=3213):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000080))
pipe(&(0x7f0000000000))
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

1.842464247s ago: executing program 3 (id=3214):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000d40)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)="6db50725c08c11bbd2f097b245b4d706b776a9cf888bccd256c6b1a652da6b1254508f0a2d41949416f99928db60b4280aad0c3f014ff4654ffea04c8853cd9dfc", 0x41}], 0x1}], 0x1, 0xc000)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)

1.729111279s ago: executing program 5 (id=3215):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d80", @ANYRES8=0x0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

1.709097827s ago: executing program 6 (id=3216):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

1.58823101s ago: executing program 2 (id=3217):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b40), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x111}}, 0x20)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a", 0xfff}], 0x3)

1.524362856s ago: executing program 3 (id=3218):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x24}}, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
socket$inet6(0xa, 0x800000000000002, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000200000010ac053002400001020301090224000101030000090400040103010206092105000723221e030905810320000a04"], &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x323, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
r2 = fsopen(&(0x7f0000000040)='udf\x00', 0x1)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000002c0)='#+\x86\xef}\xe6po\x00', &(0x7f0000000140)='\x00', 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x11, 0x40, &(0x7f0000000d80)=@raw={'raw\x00', 0x41, 0x3, 0x230, 0xcc, 0xa, 0x9a000000, 0xcc, 0x0, 0x1ec, 0x1f0, 0x1f0, 0x1ec, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @remote, 0x7800, 0x0, 'wlan1\x00', 'veth1_to_bridge\x00', {}, {}, 0x6}, 0x0, 0x70, 0xcc, 0x0, {0x0, 0xffffffffa0028000}}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv4=@rand_addr=0x64010100, [0xffffffff, 0xffffffff, 0xff000000], 0x4e24, 0x4e22, 0x4e23, 0x4e22, 0xc0e, 0x3b, 0xc8, 0x5, 0x6}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x7, 0x0, 0x0, 0x3]}, {0x0, [0x0, 0x0, 0x0, 0x1]}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24, '\x00', 0x4}}}}, 0x28c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x80)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="042c"], 0x14)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="70000000000101040000000000000000020000002400018014000180080001000000000008000200ac1414000c0002800500010000000000240002800c00028005000100000000001400018008000100ac1414aa08000200e0000002080007400000aa6c8241acba3174a40de95edf0fc44dad816fe0501d8ba400"/136], 0x70}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r7 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
pwritev(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r6, 0x4c00, r7)
sendfile(r6, r6, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000400)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0x3, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x7]})

1.491834823s ago: executing program 6 (id=3219):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
fsopen(&(0x7f00000000c0)='jffs2\x00', 0x1)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x34, 0x0, 0x701, 0x70bd2c, 0x0, {0x45}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000021}, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
r5 = memfd_secret(0x0)
msgctl$IPC_STAT(0x0, 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r5, 0x200}], 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={[0x10000]}, 0x8)

1.449184811s ago: executing program 2 (id=3220):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ttyprintk(0xffffff9c, 0x0, 0x406001, 0x0)
ioctl$KDMKTONE(r0, 0x4b30, 0x4)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
socketpair(0x2b, 0x1, 0x0, 0x0)
write(r2, &(0x7f0000000240)="94", 0x1)
tee(r1, r5, 0x8f5, 0x100000000000000)
socket$packet(0x11, 0x3, 0x300)
r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x9)
write(r3, 0x0, 0x0)

1.448537203s ago: executing program 5 (id=3221):
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in=@private=0xa010102, @in=@private=0xa010100, 0x4e22, 0x0, 0x4e21, 0x0, 0x2}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9c0, 0x3}, {0xffffbffffffffffc, 0x0, 0x400000000, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x4d3, 0x3c}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x4000000, 0x1}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

1.200033193s ago: executing program 5 (id=3222):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0)
creat(0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e6365"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)

479.675862ms ago: executing program 2 (id=3223):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000001c0)='./file1\x00', 0x4040, &(0x7f0000000580)=ANY=[], 0x4, 0xfc0, &(0x7f0000002240)="$eJzs3UFsHNUZAOA3613bwSZeA4UAJaTQikDBDglS01sQqJdKiEvvoJDQCENRQysRAXF6QFRCFAn1VHEAcaFUSpGKRFWpQj21PbVqT+0F9UKlKpWCemiR4q1iv7F3n3ey6/Hu7Nr+Punf5zdvdv5/djfOzOz6bQD2rNrq7UOTsfvoy09lH11dduf6GodWb7PYa4YQGm39LNnep3HBlcsvnezWZuHo6m3eD49dWr/vTAhhORwKn4Rm+GBx6fP3337k8IevTt/8xrlnXhnCrndI9wMAAHaji39c+tu9//zD/fNfXDx4IkytL8+Pz5uxPxOP+4/EA+X8eLkWOvtZW7SbTNabiFFL1ptI1qsneeoF+RrJdhoF6032yDfRtqzbfgIAAMBOlJ/XNkNWW+jo12oLC2vn/Vd9OjeZLTx3Zun02REVCgAAAJT2n/OrH7rdwTE9BjWINPblL7Ct3e+Db2/9PtuKWsX56lXky6/ijcHroLIo93oTQgghhBhcOB4ROyBacxVdaAAAAACI0vnCNlke7Exd61tr9pf/0sO17veHAUhef5unnRjw6//a+ac3r1Bp/i6Gn78x4vzX3P/3LviNAwBAebv1aDLfr/w4Op/HIJ1HcKLjXjMTWz3/qCXbqW+xzqJ5BXfKfINFdU5UXEdZRfVv9XkclaL60/kwx1VR/ek8neOqqP6piusoq6j+Lld+wjj+sy6qf1/FdZRVVP91FddRVlH9MxXXUVZR/bMV11FWUf3XV1xHWUX176+4jrKK6t8pH6stqr9ZcR1lFdU/v9aM/WFEUf03VFxHWUX131hxHWUV1X9TxXWMyh2xzR+HgwXrzXQ5+Bu7g0EAAACgq//t+Pn/dmVkPdepj7zGPR+r77GPMP/EGDwGw46ZwW/z6dkx2C8xTnFh7T/DzuXTXZaJbUVtDGoYVuzr9hoSQgghxjLOj+7SAwAAADAm8r8LyP/qvRXl4xObxv/+7tXbfLzePj69sYF8vNFj+5M9xqd6jAMAAAAh/Oa107e+mW3Md5f+Tf9W58PL543aFz5aCSXmMUrnI9xq/u3Oe7bd/N0nHNkps7EBAACwW2Xf+mTlvkffeWH+i4sHT7Sd/a7E8918HtB6vDbwceznnwuYTfpZfg59ojNPrWC99PrA9UXbe3ybOwoAAAB7WH7+3gxZbaHtvLsZarWFhY3z8QOhkZ0+s3TqSOzn38/y+7nG1NXlD1ZcNwAAANC/jfP97uf/+ff4HgiT2cJzZ5ZOn13rz64vb9TarwvMbSzP2q8LNJPlRwuWH4v9+P2d4btz+1aXL5z83tJTg955AAAA2CPOvnjumSeXlk59f+/8UA8hbGs7YRz2wg9+GOoPo/7NBAAADNpnn73V+MGx2d/Or7QOnmib/24l/nAo9ptxbr8/xeX55wTyvwPY9Pf6T3TmmSta7/nO9ZrJehMxppK6p9u2E1bnG+y833xRvmbndiYL8s0k+WaTfOk8BfVk/azLXIKhy0yA+XpzyfJ0HsZ6kiNL8t/VJRcAAADkFl949vnFsy+ee+DMs08+ferpU88dO3r8m8ePH3nwGw8urn6uf7H90/0AAADATrTxod9RVwIAAAAAAAAAAAAAAAAAAAB7VxVfJzbqfQQAAIC97t/nQwjLQhRE/gWDo65jp0c2BjUML1pTo69hd0fw7zCNCY+HECH89Y3R1zAGUfP7QIj+YrTnfdPVHsu0Wq3WGDzmYxitVvpN8wAAAADDdeXySyfb202Ws4HmW99ac61ZiXnzdvaBv8xfjXy1Sw93Xi+5bqDVsNdV/fqXf1zzT3Udf+/CYPOvXohvbvR7//6rdW7gxOptPfb29Zv3nsWfH1jPH0K4rd5n/o79vxDC4/1m7HQ4yX9P6C9/653k8X+io1frN/+9Sf7QZ/5L6fP/fFGGdMud7ov5D8T+4bv7zd+5i1NJtn5fAF9P9v+p0G/+ZP+bfSZM3B/zA8BetP6/eev8aAsZsPwoIT+enon9fH/zA9b00w9bPf6vJdupb7vyzu3mx0G3xP76Ud1yZ97cVuvPH5fZ2F5fss7UTvlUSVH9g3oeh62o/kbFdZRVVP9kxXWUVVR/97P3MisNV1H91z57HB9F9fd9IWLEiurfKdeVi+qfqbiOsorqn624jrKK6t/q/+OjUlT//orrKKuo/rmK6yirqP6Sl9UqV1T/fMV1lFVU/w0V11FWUf03VlxHWUX131RxHaNye2yLzofz88+5OJb3m0l/qstj2febIQAAAMBQ/Wss5/9ru3Iw8lqEEEJUHQ2//0WJmBiDGoTYyfHf1ppR1yEGEK250dcgxjJW50Vkz8p20GfFARic4c5mwbjz/O9tnv+9zfPPteTvxGdJPzfRY7zeY7zRY3wyGc+SO04VjUc3Jttt5dc1o5t6jH8p7kHR+P7k/j9Mxm/psf0DPcZv7TF+W4/x23uMAwAAsDfcHFvnhwAAALB7vfyLj1//1T1PXJ7/4uLBE2Fy07zzR2J/Kr63/lrsp/Pe5xrxPf8fxf67sf1dbP+RrO/zJwAAADB8+ffEeP8fAAAAdq/8e0qd/wMAAMDuNR9b5/8AAACwe90QW+f/AAAAsItl090Xxza/LnBXbPud1w8AGH9fju0dsT0Y2ztj+5XY5scBd8f2qxXVBwAMzs++8+Pjb2Yb8/0fS8avxOV5u8ny2pWCrNY5k/++2F4X26/1WU/6fQD95s/t7zPPsPLPbTM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB71FZvH3roQBbCT3/91qM/mXz9z1eX3bm+xqHV2yz2miGExvr98tGN/i/jilcuv3SyvV2JbRaOhixk68vDY5fWM82EEJbDofBJaIYPFpc+f//tRw5/+Or0zW+ce+aVIT4EHfsHAAAAu9H/AwAA///f+hdH")
r0 = open(&(0x7f0000000340)='./file2\x00', 0x1c5902, 0x128)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='rcu_utilization\x00', r1}, 0x18)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(r0, &(0x7f00000001c0)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)

382.905125ms ago: executing program 6 (id=3224):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, 0x0)

382.358836ms ago: executing program 3 (id=3225):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0xf, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='`\x00\x00\x00.\x00\r', 0x7}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

260.233685ms ago: executing program 5 (id=3226):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000080))
pipe(&(0x7f0000000000))
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

69.834395ms ago: executing program 6 (id=3227):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000d40)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)="6db50725c08c11bbd2f097b245b4d706b776a9cf888bccd256c6b1a652da6b1254508f0a2d41949416f99928db60b4280aad0c3f014ff4654ffea04c8853cd9dfc", 0x41}], 0x1}], 0x1, 0xc000)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)

68.750662ms ago: executing program 3 (id=3228):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

964.176µs ago: executing program 2 (id=3229):
syz_emit_ethernet(0x4e, &(0x7f0000000880)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010448", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @remote}}}}}}, 0x0)

0s ago: executing program 5 (id=3230):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0x0)
read$FUSE(r0, &(0x7f0000004440)={0x2020}, 0x2020)

kernel console output (not intermixed with test programs):

nge from 0 to 4096
[ 1045.890336][T11063] dvb-usb: bulk message failed: -22 (6/0)
[ 1045.910577][T11063] dw2102: i2c transfer failed.
[ 1045.925061][T11063] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1046.017379][T11063] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1046.038913][T14655] ntfs3(loop5): ino=1a, mi_enum_attr
[ 1046.057983][T14655] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1046.091329][T11063] dvb-usb: bulk message failed: -22 (3/0)
[ 1046.105785][T11063] dw2102: command 0x0e transfer failed.
[ 1046.132270][T11063] dvb-usb: bulk message failed: -22 (3/0)
[ 1046.153572][T11063] dw2102: command 0x0e transfer failed.
[ 1046.483610][T11063] dvb-usb: bulk message failed: -22 (3/0)
[ 1046.493544][T11063] dw2102: command 0x0e transfer failed.
[ 1046.499164][T11063] dvb-usb: bulk message failed: -22 (3/0)
[ 1046.543574][T11063] dw2102: command 0x0e transfer failed.
[ 1046.557066][T11063] dvb-usb: bulk message failed: -22 (1/0)
[ 1046.580144][T11063] dw2102: command 0x51 transfer failed.
[ 1046.599732][T11063] dvb-usb: bulk message failed: -22 (5/0)
[ 1046.607861][T11063] dw2102: i2c probe for address 0x68 failed.
[ 1046.615459][T11063] dvb-usb: bulk message failed: -22 (5/0)
[ 1046.651912][T11063] dw2102: i2c probe for address 0x69 failed.
[ 1046.683576][T11063] dvb-usb: bulk message failed: -22 (5/0)
[ 1046.694777][T11063] dw2102: i2c probe for address 0x6a failed.
[ 1046.708983][T11063] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1046.718314][T11063] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1046.844651][T11063] rc_core: IR keymap rc-tt-1500 not found
[ 1046.860800][T11063] Registered IR keymap rc-empty
[ 1046.884701][T11063] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[ 1046.909455][T11063] input: TeVii S662 as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input20
[ 1046.936962][T11063] dvb-usb: schedule remote query interval to 250 msecs.
[ 1046.956494][T11063] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1046.962625][T11063] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1047.020937][T11063] usb 4-1: USB disconnect, device number 41
[ 1047.091980][T14691] loop3: detected capacity change from 0 to 4096
[ 1047.242472][T14691] ntfs3(loop3): ino=1a, mi_enum_attr
[ 1047.280546][T14691] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[ 1047.282277][T11063] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1047.423600][T14699] loop5: detected capacity change from 0 to 4096
[ 1047.473598][T14699] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1047.524047][T14699] ntfs3(loop5): ino=1a, mi_enum_attr
[ 1047.529415][T14699] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1048.635077][T14736] loop5: detected capacity change from 0 to 4096
[ 1048.657521][T14736] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1048.675058][T14740] loop3: detected capacity change from 0 to 4096
[ 1048.739761][T14743] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1048.752062][T14736] ntfs3(loop5): ino=1a, mi_enum_attr
[ 1048.779654][T14736] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1049.113066][T14748] loop3: detected capacity change from 0 to 4096
[ 1049.447693][T14723] infiniband syz0: set active
[ 1049.464782][T14723] infiniband syz0: added bond_slave_1
[ 1049.487333][T14723] syz0: rxe_create_cq: returned err = -12
[ 1049.498638][T14723] infiniband syz0: Couldn't create ib_mad CQ
[ 1049.517964][T14723] infiniband syz0: Couldn't open port 1
[ 1049.642809][T14723] RDS/IB: syz0: added
[ 1049.665051][T14723] smc: adding ib device syz0 with port count 1
[ 1049.671545][T14723] smc:    ib device syz0 port 1 has no pnetid
[ 1049.680335][T14766] 9pnet_fd: Insufficient options for proto=fd
[ 1049.728609][T14768] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2174'.
[ 1049.855564][T14770] loop1: detected capacity change from 0 to 4096
[ 1049.919345][T14773] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1050.289579][T14777] loop3: detected capacity change from 0 to 4096
[ 1050.397038][T14777] ntfs3(loop3): ino=1a, mi_enum_attr
[ 1050.402413][T14777] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[ 1050.440260][T14784] loop1: detected capacity change from 0 to 128
[ 1050.498063][   T30] audit: type=1800 audit(1760490478.051:84): pid=14777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2178" name="file1" dev="loop3" ino=30 res=0 errno=0
[ 1050.554754][T14783] loop5: detected capacity change from 0 to 4096
[ 1050.590455][T14783] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1050.670168][T14784] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1050.710640][T14784] ext4 filesystem being mounted at /419/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1050.961503][T14795] 9pnet_fd: Insufficient options for proto=fd
[ 1051.086803][   T30] audit: type=1804 audit(1760490478.641:85): pid=14797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2187" name="/newroot/450/file0" dev="tmpfs" ino=2450 res=1 errno=0
[ 1051.239217][ T5841] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1051.416610][T14803] loop5: detected capacity change from 0 to 4096
[ 1051.475932][T14811] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1051.669471][T14813] loop1: detected capacity change from 0 to 4096
[ 1051.767667][T14813] ntfs3(loop1): ino=1a, mi_enum_attr
[ 1051.795788][T14813] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[ 1051.822042][   T30] audit: type=1800 audit(1760490479.381:86): pid=14813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2193" name="file1" dev="loop1" ino=30 res=0 errno=0
[ 1052.498092][T14836] loop3: detected capacity change from 0 to 4096
[ 1052.577723][T14841] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1052.629283][T14840] loop5: detected capacity change from 0 to 4096
[ 1052.713582][T14840] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1052.825960][T14840] ntfs3(loop5): ino=1a, mi_enum_attr
[ 1052.831329][T14840] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1052.886459][T14840] overlayfs: missing 'lowerdir'
[ 1053.169280][T10478] Bluetooth: hci1: unexpected event 0x0b length: 234 > 11
[ 1053.627996][T14864] loop0: detected capacity change from 0 to 256
[ 1053.646048][T11063] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 1053.714680][T14864] FAT-fs (loop0): Directory bread(block 64) failed
[ 1053.721498][T14864] FAT-fs (loop0): Directory bread(block 65) failed
[ 1053.732142][T14864] FAT-fs (loop0): Directory bread(block 66) failed
[ 1053.739287][T14864] FAT-fs (loop0): Directory bread(block 67) failed
[ 1053.747509][T14864] FAT-fs (loop0): Directory bread(block 68) failed
[ 1053.755479][T14864] FAT-fs (loop0): Directory bread(block 69) failed
[ 1053.772571][T14864] FAT-fs (loop0): Directory bread(block 70) failed
[ 1053.780200][T14864] FAT-fs (loop0): Directory bread(block 71) failed
[ 1053.788269][T14864] FAT-fs (loop0): Directory bread(block 72) failed
[ 1053.795698][T14864] FAT-fs (loop0): Directory bread(block 73) failed
[ 1053.833757][T11063] usb 4-1: Using ep0 maxpacket: 16
[ 1053.842004][T11063] usb 4-1: config 0 has an invalid interface number: 48 but max is 0
[ 1053.853782][T11063] usb 4-1: config 0 has no interface number 0
[ 1053.860305][T11063] usb 4-1: config 0 interface 48 has no altsetting 0
[ 1053.878172][T11063] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[ 1053.893740][T11063] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1053.903005][T11063] usb 4-1: Product: syz
[ 1053.909953][T11063] usb 4-1: Manufacturer: syz
[ 1053.915767][T11063] usb 4-1: SerialNumber: syz
[ 1053.934785][T11063] usb 4-1: config 0 descriptor??
[ 1054.110062][T14874] loop0: detected capacity change from 0 to 2048
[ 1054.148955][T14862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1054.167698][T14862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1054.181272][T10478] Bluetooth: hci1: Unknown advertising packet type: 0x35
[ 1054.181339][T10478] Bluetooth: hci1: Malformed LE Event: 0x0d
[ 1054.201754][T14877] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1054.207493][T11063] usb 4-1: USB disconnect, device number 42
[ 1054.623777][T14887] loop5: detected capacity change from 0 to 4096
[ 1055.022478][T14903] loop5: detected capacity change from 0 to 4096
[ 1055.072701][T14899] atm:do_vcc_ioctl: ATM_SETSC is obsolete; used by syz.5.2232:14899
[ 1055.167291][T14913] loop3: detected capacity change from 0 to 2048
[ 1055.242091][T14918] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1055.713577][   T24] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[ 1055.874108][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1055.882173][   T24] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1055.905782][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1055.930244][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1055.942976][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1055.951614][   T24] usb 4-1: Product: syz
[ 1055.957663][   T24] usb 4-1: Manufacturer: syz
[ 1055.962570][   T24] usb 4-1: SerialNumber: syz
[ 1055.974631][   T24] usb 4-1: config 0 descriptor??
[ 1055.986099][   T24] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1055.996117][   T24] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1056.600803][   T24] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 1056.608194][   T24] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[ 1057.156365][T14972] Bluetooth: MGMT ver 1.23
[ 1057.171755][T14972] Bluetooth: hci0: invalid length 0, exp 2 for type 14
[ 1057.226266][   T24] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[ 1057.385131][T14976] loop0: detected capacity change from 0 to 2048
[ 1057.442690][T14979] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1057.483730][T14976] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=203
[ 1057.521420][T14976] Remounting filesystem read-only
[ 1057.536640][T14980] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=203
[ 1057.666602][   T24] em28xx 4-1:0.0: couldn't setup AC97 register 2
[ 1057.673794][   T24] em28xx 4-1:0.0: couldn't setup AC97 register 4
[ 1057.699762][   T24] em28xx 4-1:0.0: couldn't setup AC97 register 6
[ 1057.716283][   T24] em28xx 4-1:0.0: couldn't setup AC97 register 54
[ 1057.723249][   T24] em28xx 4-1:0.0: couldn't setup AC97 register 56
[ 1057.742649][   T24] usb 4-1: USB disconnect, device number 43
[ 1057.860269][T14992] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2274'.
[ 1057.870590][T14993] loop5: detected capacity change from 0 to 128
[ 1057.881286][T14993] ufs: Bad value for 'onerror'
[ 1058.322498][T15011] loop3: detected capacity change from 0 to 128
[ 1059.739965][T15065] loop5: detected capacity change from 0 to 2048
[ 1059.808348][T15068] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1059.850884][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.857447][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.659767][T15090] binder: 15089:15090 ioctl c0306201 200000000300 returned -22
[ 1060.802159][T15096] loop0: detected capacity change from 0 to 1024
[ 1061.041949][T13687] hfsplus: b-tree write err: -5, ino 4
[ 1061.515678][T15112] loop3: detected capacity change from 0 to 64
[ 1062.101474][   T30] audit: type=1326 audit(1760490489.661:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15127 comm="syz.1.2336" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fec2fd8eec9 code=0x0
[ 1062.578909][T15151] loop0: detected capacity change from 0 to 256
[ 1062.633337][T15151] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[ 1063.067784][T15148] loop5: detected capacity change from 0 to 65536
[ 1063.163629][T15139] loop3: detected capacity change from 0 to 32768
[ 1063.194396][T15148] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1063.237311][T15148] XFS (loop5): Ending clean mount
[ 1063.247722][T14208]  loop3: p9 p11 p16
[ 1063.419167][T15162] loop1: detected capacity change from 0 to 4096
[ 1063.423044][T13984] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1063.468887][T15139]  loop3: p9 p11 p16
[ 1063.564852][T15172] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1063.991769][T15182] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2353'.
[ 1064.036604][T15176] loop0: detected capacity change from 0 to 4096
[ 1064.113634][T15176] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[ 1064.265379][T15176] ntfs3(loop0): ino=1a, mi_enum_attr
[ 1064.270755][T15176] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[ 1064.378461][T15176] overlayfs: missing 'lowerdir'
[ 1065.023911][T15205] loop5: detected capacity change from 0 to 4096
[ 1065.081099][   T30] audit: type=1326 audit(1760490492.621:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.135162][T15210] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1065.145043][   T30] audit: type=1326 audit(1760490492.621:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.220495][   T30] audit: type=1326 audit(1760490492.641:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.280949][   T30] audit: type=1326 audit(1760490492.641:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.353593][   T30] audit: type=1326 audit(1760490492.641:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.422679][   T30] audit: type=1326 audit(1760490492.641:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.459113][   T30] audit: type=1326 audit(1760490492.641:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.491874][   T30] audit: type=1326 audit(1760490492.641:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15207 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0258eec9 code=0x7ffc0000
[ 1065.898901][T15229] loop3: detected capacity change from 0 to 4096
[ 1065.907916][T15229] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1065.938027][T15229] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1066.034542][T15230] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1066.227498][   T30] audit: type=1800 audit(1760490493.791:96): pid=15229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2374" name="file2" dev="loop3" ino=16 res=0 errno=0
[ 1066.258302][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.258302][T15229] loop3: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.284910][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.284910][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.299251][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.299251][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.315434][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.315434][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.358932][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.358932][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.396229][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.396229][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.415590][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.415590][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.431459][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.431459][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.453026][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.453026][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.469048][T15229] syz.3.2374: attempt to access beyond end of device
[ 1066.469048][T15229] loop3: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1066.932775][T15241] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2379'.
[ 1067.057954][T15243] loop3: detected capacity change from 0 to 4096
[ 1067.108347][T15246] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1067.451517][T15250] loop3: detected capacity change from 0 to 4096
[ 1067.462244][T15250] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[ 1067.488796][T15250] ntfs3(loop3): ino=1a, mi_enum_attr
[ 1067.496386][T15250] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[ 1067.517881][T15250] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1067.527307][T15250] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1067.711373][T15254] loop3: detected capacity change from 0 to 1024
[ 1067.820410][T15259] loop1: detected capacity change from 0 to 128
[ 1067.852070][T13687] hfsplus: b-tree write err: -5, ino 4
[ 1067.884850][T15261] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.2386'.
[ 1067.964253][T15260] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.2386'.
[ 1068.288057][T15269] loop1: detected capacity change from 0 to 4096
[ 1068.369863][T15279] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1068.424955][T15277] loop0: detected capacity change from 0 to 4096
[ 1068.462251][T15282] loop3: detected capacity change from 0 to 256
[ 1068.544590][T15282] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1068.551367][T15282] FAT-fs (loop3): Directory bread(block 1286) failed
[ 1068.626694][T15282] FAT-fs (loop3): Directory bread(block 1287) failed
[ 1068.631628][T15285] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2398'.
[ 1068.666868][T15282] FAT-fs (loop3): Directory bread(block 1288) failed
[ 1068.735346][T15282] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1068.770163][T15282] FAT-fs (loop3): Directory bread(block 1286) failed
[ 1068.777171][T15289] loop1: detected capacity change from 0 to 1024
[ 1068.780934][T15282] FAT-fs (loop3): Directory bread(block 1287) failed
[ 1068.800676][T15282] FAT-fs (loop3): Directory bread(block 1288) failed
[ 1068.815482][T15282] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1068.824980][T15282] FAT-fs (loop3): Directory bread(block 1286) failed
[ 1069.024370][T13687] ntfs3(loop0): ino=5, mi_enum_attr
[ 1069.063825][ T1014] hfsplus: b-tree write err: -5, ino 4
[ 1069.116393][T15299] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2403'.
[ 1069.170064][T15303] loop1: detected capacity change from 0 to 128
[ 1069.174745][T15295] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2403'.
[ 1069.188337][T15303] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1069.264773][   T30] audit: type=1800 audit(1760490496.831:97): pid=15303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2405" name="file1" dev="loop1" ino=94 res=0 errno=0
[ 1069.526784][T15312] loop0: detected capacity change from 0 to 4096
[ 1069.564610][T15313] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1069.649319][T15317] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2412'.
[ 1069.685098][T15319] loop5: detected capacity change from 0 to 256
[ 1069.725883][T15319] FAT-fs (loop5): Directory bread(block 1285) failed
[ 1069.740033][T15319] FAT-fs (loop5): Directory bread(block 1286) failed
[ 1069.793662][T15319] FAT-fs (loop5): Directory bread(block 1287) failed
[ 1069.817666][T15319] FAT-fs (loop5): Directory bread(block 1288) failed
[ 1069.879962][T15319] FAT-fs (loop5): Directory bread(block 1285) failed
[ 1069.894970][T15319] FAT-fs (loop5): Directory bread(block 1286) failed
[ 1069.918683][T15319] FAT-fs (loop5): Directory bread(block 1287) failed
[ 1069.949696][T15319] FAT-fs (loop5): Directory bread(block 1288) failed
[ 1069.965577][T15325] loop3: detected capacity change from 0 to 128
[ 1069.983612][T15319] FAT-fs (loop5): Directory bread(block 1285) failed
[ 1069.990464][T15319] FAT-fs (loop5): Directory bread(block 1286) failed
[ 1070.426388][T15345] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2421'.
[ 1070.438892][T15340] loop3: detected capacity change from 0 to 4096
[ 1070.532125][T15347] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1070.645240][T15350] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2426'.
[ 1070.696613][T15353] loop1: detected capacity change from 0 to 128
[ 1070.773723][T15355] loop5: detected capacity change from 0 to 128
[ 1070.885528][T15359] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1070.992311][T15364] netlink: 'syz.1.2433': attribute type 4 has an invalid length.
[ 1071.163725][T15370] loop0: detected capacity change from 0 to 256
[ 1071.221914][T15370] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x00949fb8, utbl_chksum : 0x7319d30d)
[ 1071.591203][T15385] loop1: detected capacity change from 0 to 128
[ 1071.660592][T15386] tipc: Enabling <ib:lo> not permitted
[ 1071.676253][T15386] tipc: Enabling of bearer <ib:lo> rejected, failed to enable media
[ 1071.690159][ T5949] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1071.720166][T15390] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2444'.
[ 1071.773985][T15391] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2444'.
[ 1072.004414][ T5949] usb 6-1: Using ep0 maxpacket: 16
[ 1072.012297][ T5949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1072.042487][ T5949] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1072.063117][ T5949] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1072.085080][ T5949] usb 6-1: Product: syz
[ 1072.089313][ T5949] usb 6-1: Manufacturer: syz
[ 1072.100713][T15400] loop1: detected capacity change from 0 to 512
[ 1072.127115][ T5949] usb 6-1: SerialNumber: syz
[ 1072.164407][ T5949] usb 6-1: config 0 descriptor??
[ 1072.208531][ T5949] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1072.264028][ T5949] em28xx 6-1:0.0: DVB interface 0 found: bulk
[ 1072.346154][T15408] loop1: detected capacity change from 0 to 256
[ 1072.397494][T15408] FAT-fs (loop1): Directory bread(block 64) failed
[ 1072.413012][T15408] FAT-fs (loop1): Directory bread(block 65) failed
[ 1072.420572][T15408] FAT-fs (loop1): Directory bread(block 66) failed
[ 1072.436775][T15408] FAT-fs (loop1): Directory bread(block 67) failed
[ 1072.453680][T15408] FAT-fs (loop1): Directory bread(block 68) failed
[ 1072.463958][T15408] FAT-fs (loop1): Directory bread(block 69) failed
[ 1072.481359][T15408] FAT-fs (loop1): Directory bread(block 70) failed
[ 1072.491165][T15408] FAT-fs (loop1): Directory bread(block 71) failed
[ 1072.504120][T15408] FAT-fs (loop1): Directory bread(block 72) failed
[ 1072.520974][T15408] FAT-fs (loop1): Directory bread(block 73) failed
[ 1072.627342][T15414] loop3: detected capacity change from 0 to 128
[ 1072.663571][ T5949] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[ 1072.759254][ T5949] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1072.799387][ T5949] em28xx 6-1:0.0: board has no eeprom
[ 1072.894563][T15417] loop1: detected capacity change from 0 to 4096
[ 1072.903837][ T5949] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1072.916146][ T5949] em28xx 6-1:0.0: dvb set to bulk mode.
[ 1072.921797][ T5888] em28xx 6-1:0.0: Binding DVB extension
[ 1072.948721][T15417] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1072.972399][ T5949] usb 6-1: USB disconnect, device number 3
[ 1072.998530][T15417] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1073.010685][ T5949] em28xx 6-1:0.0: Disconnecting em28xx
[ 1073.074529][T15425] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1073.137833][ T5888] em28xx 6-1:0.0: Registering input extension
[ 1073.148687][ T5949] em28xx 6-1:0.0: Closing input extension
[ 1073.242361][ T5949] em28xx 6-1:0.0: Freeing device
[ 1073.315462][T15430] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2461'.
[ 1073.519115][   T30] audit: type=1800 audit(1760490501.081:98): pid=15417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2456" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1073.941521][T15446] sg_write: process 1754 (syz.3.2467) changed security contexts after opening file descriptor, this is not allowed.
[ 1074.040035][T15448] loop5: detected capacity change from 0 to 128
[ 1074.156305][T15455] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2471'.
[ 1074.357371][T15459] loop5: detected capacity change from 0 to 4096
[ 1074.393302][T15459] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1074.433582][T15459] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1074.503522][T15462] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1074.526913][T15459] bio_check_eod: 669 callbacks suppressed
[ 1074.526934][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.526934][T15459] loop5: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.537257][   T30] audit: type=1800 audit(1760490502.091:99): pid=15459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2473" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1074.610884][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.610884][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.640805][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.640805][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.704012][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.704012][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.750433][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.750433][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.807705][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.807705][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.833667][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.833667][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.904319][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.904319][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.938621][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.938621][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1074.989782][T15459] syz.5.2473: attempt to access beyond end of device
[ 1074.989782][T15459] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1075.306261][T15476] loop0: detected capacity change from 0 to 128
[ 1075.377487][T15479] loop1: detected capacity change from 0 to 64
[ 1076.188999][T15503] loop0: detected capacity change from 0 to 512
[ 1076.281726][T15503] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1076.345038][T15510] loop5: detected capacity change from 0 to 4096
[ 1076.353072][T15503] ext4 filesystem being mounted at /489/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1076.372269][T15510] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1076.454222][T15510] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1076.538922][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1076.556895][T15514] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1076.610153][   T30] audit: type=1800 audit(1760490504.171:100): pid=15510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2494" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1077.208135][T15528] loop0: detected capacity change from 0 to 256
[ 1077.231590][T15530] loop1: detected capacity change from 0 to 16
[ 1077.240091][T15530] MTD: Attempt to mount non-MTD device "/dev/loop1"
[ 1077.285652][T15528] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1077.336141][T15528] FAT-fs (loop0): Directory bread(block 1286) failed
[ 1077.365551][T15528] FAT-fs (loop0): Directory bread(block 1287) failed
[ 1077.373754][T15528] FAT-fs (loop0): Directory bread(block 1288) failed
[ 1077.838702][T15548] binder: BINDER_SET_CONTEXT_MGR already set
[ 1077.859870][T15548] binder: 15547:15548 ioctl 4018620d 200000000040 returned -16
[ 1078.087871][T15562] loop1: detected capacity change from 0 to 128
[ 1078.102378][T15560] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2516'.
[ 1078.155665][T15556] loop5: detected capacity change from 0 to 4096
[ 1078.183837][T15556] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1078.263480][T15556] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1078.331345][T15570] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1078.377011][   T30] audit: type=1800 audit(1760490505.941:101): pid=15556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2515" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1078.868208][T15582] loop1: detected capacity change from 0 to 8
[ 1079.318802][T15598] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2533'.
[ 1079.680790][T15611] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2539'.
[ 1079.932468][T15629] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2542'.
[ 1080.044013][T15634] loop5: detected capacity change from 0 to 128
[ 1080.130345][T15636] loop5: detected capacity change from 0 to 8
[ 1080.884449][T10478] Bluetooth: hci5: command tx timeout
[ 1081.229286][T15671] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2562'.
[ 1081.261387][T15669] loop5: detected capacity change from 0 to 4096
[ 1081.281281][T15669] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1081.304465][T15669] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1081.349620][T15672] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1081.399594][   T30] audit: type=1800 audit(1760490508.961:102): pid=15669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2561" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1081.446685][T15669] bio_check_eod: 4545 callbacks suppressed
[ 1081.446708][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.446708][T15669] loop5: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.495297][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.495297][T15669] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.512808][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.512808][T15669] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.530145][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.530145][T15669] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.550938][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.550938][T15669] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.565284][T15669] syz.5.2561: attempt to access beyond end of device
[ 1081.565284][T15669] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1081.593703][T15673] loop5: detected capacity change from 4096 to 0
[ 1081.608387][T15674] NILFS (loop5): I/O error reading meta-data file (ino=3, block-offset=0)
[ 1082.120060][T13984] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 648518346341351424
[ 1082.132030][T13984] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=12)
[ 1082.164629][T13984] buffer_io_error: 11 callbacks suppressed
[ 1082.164651][T13984] Buffer I/O error on dev loop5, logical block 511, lost sync page write
[ 1082.214213][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1082.231252][T13984] Buffer I/O error on dev loop5, logical block 0, lost sync page write
[ 1082.243652][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1082.250387][T13984] Remounting filesystem read-only
[ 1082.304777][T13984] NILFS (loop5): error -5 truncating bmap (ino=12)
[ 1082.340890][T15684] loop1: detected capacity change from 0 to 128
[ 1082.356571][T13984] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[ 1082.508063][T15690] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2569'.
[ 1082.955226][T15701] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2572'.
[ 1082.983710][T15703] loop0: detected capacity change from 0 to 512
[ 1083.013160][T15703] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.2575: inode has both inline data and extents flags
[ 1083.038060][T15703] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2575: couldn't read orphan inode 15 (err -117)
[ 1083.099082][T15709] loop1: detected capacity change from 0 to 512
[ 1083.145627][T15709] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1083.176617][T15703] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1083.198585][T15709] EXT4-fs error (device loop1): __ext4_fill_super:5512: inode #2: comm syz.1.2576: casefold flag without casefold feature
[ 1083.353805][T15709] EXT4-fs (loop1): get root inode failed
[ 1083.364973][T15709] EXT4-fs (loop1): mount failed
[ 1083.492065][T15715] loop5: detected capacity change from 0 to 1024
[ 1083.868483][T15717] syz_tun (unregistering): left allmulticast mode
[ 1083.991256][T15717] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.281601][ T1014] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.425771][ T1014] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.544071][T15740] fuse: Bad value for 'fd'
[ 1084.640771][ T1014] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.843770][ T1014] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.900750][T15747] loop5: detected capacity change from 0 to 128
[ 1085.057359][T15749] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2596'.
[ 1085.199519][T15751] loop5: detected capacity change from 0 to 1024
[ 1085.317155][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1085.330121][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1085.342096][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1085.352936][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1085.353249][T13687] hfsplus: b-tree write err: -5, ino 4
[ 1085.368520][ T5831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1086.027185][T15781] loop5: detected capacity change from 0 to 128
[ 1086.524572][T15791] loop5: detected capacity change from 0 to 1024
[ 1086.656001][ T3081] hfsplus: b-tree write err: -5, ino 4
[ 1086.883231][ T1014] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1086.884779][T15802] loop1: detected capacity change from 0 to 512
[ 1086.906935][T15802] EXT4-fs: old and new quota format mixing
[ 1086.919517][ T1014] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1086.972121][ T1014] bond0 (unregistering): Released all slaves
[ 1086.998247][T15804] 9pnet_fd: Insufficient options for proto=fd
[ 1087.019460][ T1014] bond1 (unregistering): Released all slaves
[ 1087.076173][ T5941] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1087.087567][ T1014] bond2 (unregistering): Released all slaves
[ 1087.126682][ T1014] bond3 (unregistering): Released all slaves
[ 1087.167295][ T1014] bond4 (unregistering): Released all slaves
[ 1087.200426][T15763] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2601'.
[ 1087.217606][   T24] syz0: Port: 1 Link DOWN
[ 1087.251416][ T5941] usb 6-1: Using ep0 maxpacket: 32
[ 1087.254742][T15810] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2618'.
[ 1087.309154][ T5941] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1087.332645][ T1014] tipc: Left network mode
[ 1087.340256][ T5941] usb 6-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1087.357588][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1087.418761][ T5941] usb 6-1: config 0 descriptor??
[ 1087.419384][ T1014] IPVS: stopping backup sync thread 7042 ...
[ 1087.453116][T10478] Bluetooth: hci0: command tx timeout
[ 1087.457890][ T5941] dvb-usb: found a 'TeVii S662' in warm state.
[ 1087.511603][ T5941] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1087.564079][ T5941] dvb-usb: bulk message failed: -22 (2/0)
[ 1087.611315][ T5941] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1087.669017][T15799] dvb-usb: bulk message failed: -22 (27/0)
[ 1087.684424][ T5941] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1087.685082][T15799] dw2102: i2c transfer failed.
[ 1087.698882][T15823] loop1: detected capacity change from 0 to 8
[ 1087.732766][ T5941] usb 6-1: media controller created
[ 1087.746257][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1087.752051][ T5941] dw2102: i2c transfer failed.
[ 1087.768876][T15799] loop5: detected capacity change from 0 to 512
[ 1087.798001][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1087.828313][ T5941] dw2102: i2c transfer failed.
[ 1087.833168][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1087.839577][T15828] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2624'.
[ 1087.858826][T15799] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1087.916610][ T5941] dw2102: i2c transfer failed.
[ 1087.921672][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1087.943768][ T5941] dw2102: i2c transfer failed.
[ 1087.956489][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1087.976616][ T5941] dw2102: i2c transfer failed.
[ 1088.009609][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[ 1088.024299][ T5941] dw2102: i2c transfer failed.
[ 1088.047505][ T5941] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1088.156035][ T5941] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1088.182686][T15835] loop1: detected capacity change from 0 to 1024
[ 1088.238941][T15835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1088.255996][ T5941] dvb-usb: bulk message failed: -22 (3/0)
[ 1088.288126][ T5941] dw2102: command 0x0e transfer failed.
[ 1088.316903][T15835] ext4 filesystem being mounted at /498/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1088.327718][ T5941] dvb-usb: bulk message failed: -22 (3/0)
[ 1088.327743][ T5941] dw2102: command 0x0e transfer failed.
[ 1088.608201][T15840] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1088.633542][ T5941] dvb-usb: bulk message failed: -22 (3/0)
[ 1088.643025][ T5941] dw2102: command 0x0e transfer failed.
[ 1088.707557][ T5941] dvb-usb: bulk message failed: -22 (3/0)
[ 1088.713377][ T5941] dw2102: command 0x0e transfer failed.
[ 1088.757151][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1088.773621][ T5941] dvb-usb: bulk message failed: -22 (1/0)
[ 1088.779414][ T5941] dw2102: command 0x51 transfer failed.
[ 1088.793503][ T5941] dvb-usb: bulk message failed: -22 (5/0)
[ 1088.799294][ T5941] dw2102: i2c probe for address 0x68 failed.
[ 1088.874631][ T5941] dvb-usb: bulk message failed: -22 (5/0)
[ 1088.880445][ T5941] dw2102: i2c probe for address 0x69 failed.
[ 1088.973564][ T5941] dvb-usb: bulk message failed: -22 (5/0)
[ 1088.979365][ T5941] dw2102: i2c probe for address 0x6a failed.
[ 1088.995370][T15860] 9pnet_fd: Insufficient options for proto=fd
[ 1089.052233][ T5941] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1089.114608][ T5941] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1089.423957][ T5941] rc_core: IR keymap rc-tt-1500 not found
[ 1089.440030][ T5941] Registered IR keymap rc-empty
[ 1089.446941][ T5941] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[ 1089.461849][ T5941] input: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input22
[ 1089.523722][T10478] Bluetooth: hci0: command tx timeout
[ 1089.545576][ T5941] dvb-usb: schedule remote query interval to 250 msecs.
[ 1089.593031][ T5941] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1089.611332][ T1014] hsr_slave_0: left promiscuous mode
[ 1089.641854][ T5941] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1089.671432][ T1014] hsr_slave_1: left promiscuous mode
[ 1089.685689][ T1014] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1089.693170][ T1014] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1089.713847][ T5941] usb 6-1: USB disconnect, device number 4
[ 1089.740764][ T1014] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1089.755370][ T1014] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1089.839075][ T1014] veth1_macvtap: left promiscuous mode
[ 1089.846265][ T5941] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1089.857534][ T1014] veth0_macvtap: left promiscuous mode
[ 1089.863345][ T1014] veth1_vlan: left promiscuous mode
[ 1089.890479][ T1014] veth0_vlan: left promiscuous mode
[ 1090.207595][T15901] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2645'.
[ 1090.753174][ T1014] team0 (unregistering): Port device team_slave_1 removed
[ 1090.851739][ T1014] team0 (unregistering): Port device team_slave_0 removed
[ 1090.910353][ T3081] smc: removing ib device syz0
[ 1091.560241][T15894] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2642'.
[ 1091.582586][T15755] chnl_net:caif_netlink_parms(): no params data found
[ 1091.604555][T10478] Bluetooth: hci0: command tx timeout
[ 1092.008393][T15911] loop5: detected capacity change from 0 to 8
[ 1092.655656][T15922] loop1: detected capacity change from 0 to 128
[ 1092.867313][T15928] loop1: detected capacity change from 0 to 256
[ 1092.914914][T15928] exfat: Deprecated parameter 'utf8'
[ 1092.922023][T15928] exfat: Deprecated parameter 'namecase'
[ 1092.989723][T15928] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1093.013011][T15755] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1093.030984][T15755] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1093.055257][T15755] bridge_slave_0: entered allmulticast mode
[ 1093.084745][T15755] bridge_slave_0: entered promiscuous mode
[ 1093.124194][T15755] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1093.131476][T15755] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1093.143714][T15755] bridge_slave_1: entered allmulticast mode
[ 1093.214368][T15755] bridge_slave_1: entered promiscuous mode
[ 1093.627367][T15946] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2658'.
[ 1093.684140][T10478] Bluetooth: hci0: command tx timeout
[ 1093.966259][T15940] bridge_slave_0: left allmulticast mode
[ 1093.973952][T15940] bridge_slave_0: left promiscuous mode
[ 1094.048867][T15940] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1094.109506][T15955] 9pnet_fd: Insufficient options for proto=fd
[ 1094.179730][T15940] bridge_slave_1: left allmulticast mode
[ 1094.185653][T15940] bridge_slave_1: left promiscuous mode
[ 1094.213513][T15940] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1094.342087][T15940] bond0: (slave bond_slave_0): Releasing backup interface
[ 1094.438268][T15940] bond0: (slave bond_slave_1): Releasing backup interface
[ 1094.502915][T15940] team0: Port device team_slave_0 removed
[ 1094.576050][T15940] team0: Port device team_slave_1 removed
[ 1094.606066][T15940] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1094.626835][T15940] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1094.662448][T15940] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1094.672138][T15940] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1094.812245][T15940] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1095.050793][T15944] team0: Mode changed to "loadbalance"
[ 1095.913672][T15755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1095.956527][T15755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1096.279246][T15755] team0: Port device team_slave_0 added
[ 1096.307544][T15755] team0: Port device team_slave_1 added
[ 1096.405507][T15977] loop1: detected capacity change from 0 to 8
[ 1096.484222][T15977] overlayfs: failed to resolve './file1': -2
[ 1096.556112][T15755] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1096.563116][T15755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1096.707094][T15755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1096.775950][T15755] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1096.782970][T15755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1096.869077][ T5913] kernel read not supported for file /1826/stack (pid: 5913 comm: kworker/0:7)
[ 1096.947497][T15755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1097.162109][T15997] netlink: 'syz.5.2676': attribute type 4 has an invalid length.
[ 1097.255243][T15755] hsr_slave_0: entered promiscuous mode
[ 1097.285715][T15755] hsr_slave_1: entered promiscuous mode
[ 1097.303636][T15755] debugfs: 'hsr0' already exists in 'hsr'
[ 1097.325895][T15755] Cannot create hsr debugfs directory
[ 1097.415210][T16001] netlink: 'syz.5.2676': attribute type 4 has an invalid length.
[ 1097.852104][T16015] loop1: detected capacity change from 0 to 8
[ 1097.938279][T16015] overlayfs: failed to resolve './file1': -2
[ 1098.180500][T16023] 9pnet_fd: Insufficient options for proto=fd
[ 1098.239859][T16022] bond0: (slave bond_slave_0): Releasing backup interface
[ 1098.324866][T16027] loop5: detected capacity change from 0 to 128
[ 1098.344081][T16029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2683'.
[ 1098.406797][   T24] IPVS: starting estimator thread 0...
[ 1098.414316][T16022] bond0: (slave bond_slave_1): Releasing backup interface
[ 1098.477774][T16022] team0: Port device team_slave_0 removed
[ 1098.494538][T16031] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1098.592398][T16022] team0: Port device team_slave_1 removed
[ 1098.612828][T16022] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1098.622513][T16022] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1098.662355][T16022] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1098.670107][T16022] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1098.744687][T16022] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1098.832725][T16025] team0: Mode changed to "loadbalance"
[ 1098.858055][T16042] overlayfs: failed to resolve './file0': -2
[ 1099.028005][T15907] Set syz1 is full, maxelem 65536 reached
[ 1099.259786][T16050] loop5: detected capacity change from 0 to 128
[ 1099.388610][T16055] loop5: detected capacity change from 0 to 16
[ 1099.426744][T16055] erofs (device loop5): mounted with root inode @ nid 36.
[ 1099.502663][T15755] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1099.556656][T15755] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1099.631346][T15755] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1099.665367][T15755] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1099.853197][T15755] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1099.915887][T15755] 8021q: adding VLAN 0 to HW filter on device team0
[ 1099.955140][T16067] capability: warning: `syz.3.2699' uses 32-bit capabilities (legacy support in use)
[ 1100.219014][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1100.226378][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1100.237984][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1100.245334][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1100.464918][T16072] loop1: detected capacity change from 0 to 4096
[ 1100.474992][T16075] overlayfs: failed to resolve './file0': -2
[ 1100.502623][T16072] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1100.547034][T16072] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1100.591340][T16077] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1100.658016][   T30] audit: type=1800 audit(1760490528.211:103): pid=16072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2701" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1100.680039][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.680039][T16072] loop1: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1100.714382][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.714382][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1100.766819][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.766819][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1100.838697][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.838697][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1100.848868][   T30] audit: type=1804 audit(1760490528.401:104): pid=16084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2701" name="/newroot/515/file1/bus" dev="loop1" ino=18 res=1 errno=0
[ 1100.939671][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.939671][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1100.990519][T16072] syz.1.2701: attempt to access beyond end of device
[ 1100.990519][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1101.026626][T16072] syz.1.2701: attempt to access beyond end of device
[ 1101.026626][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1101.066560][T15755] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1101.086786][T16072] syz.1.2701: attempt to access beyond end of device
[ 1101.086786][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1101.126671][T16090] loop5: detected capacity change from 0 to 4096
[ 1101.134161][T16072] syz.1.2701: attempt to access beyond end of device
[ 1101.134161][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1101.151932][T16090] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1101.195303][T16072] syz.1.2701: attempt to access beyond end of device
[ 1101.195303][T16072] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1101.220745][T16090] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1101.301428][T16095] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1101.605478][   T30] audit: type=1800 audit(1760490529.171:105): pid=16090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2703" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1102.161215][T16112] loop5: detected capacity change from 0 to 512
[ 1102.242392][T16112] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[ 1102.305342][T16112] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1102.352729][T15755] veth0_vlan: entered promiscuous mode
[ 1102.360560][T16112] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[ 1102.452259][T16112] EXT4-fs (loop5): Remounting filesystem read-only
[ 1102.487809][T15755] veth1_vlan: entered promiscuous mode
[ 1102.516915][T16112] EXT4-fs (loop5): 1 truncate cleaned up
[ 1102.520557][T16117] overlayfs: failed to resolve './file0': -2
[ 1102.567255][T16112] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1102.608669][T15755] veth0_macvtap: entered promiscuous mode
[ 1102.631860][T15755] veth1_macvtap: entered promiscuous mode
[ 1102.689793][T15755] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1102.702648][T13984] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1102.718849][T15755] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1102.800011][ T1014] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.875506][ T1014] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.889250][T16125] loop5: detected capacity change from 0 to 128
[ 1102.942724][ T1014] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.996939][ T1014] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.244685][ T1014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.271876][ T1014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.361891][ T3081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.381147][ T3081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1104.095216][T16147] 9pnet_fd: Insufficient options for proto=fd
[ 1104.705702][ T8798] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1104.866353][ T8798] usb 6-1: Using ep0 maxpacket: 8
[ 1104.873770][ T8798] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1104.885465][ T8798] usb 6-1: config 0 has no interfaces?
[ 1104.903781][ T8798] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1104.915320][ T8798] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1104.942708][ T8798] usb 6-1: config 0 descriptor??
[ 1104.957960][T16172] bond0: (slave bond_slave_0): Releasing backup interface
[ 1104.967977][   T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1105.032278][T16172] bond0: (slave bond_slave_1): Releasing backup interface
[ 1105.071717][T16172] team0: Port device team_slave_0 removed
[ 1105.106203][T16172] team0: Port device team_slave_1 removed
[ 1105.112792][T16172] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1105.122304][T16172] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1105.136344][T16172] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1105.143896][   T24] usb 7-1: Using ep0 maxpacket: 32
[ 1105.150351][T16172] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1105.158457][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1105.170296][   T24] usb 7-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1105.181761][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1105.196472][T16172] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1105.216142][   T24] usb 7-1: config 0 descriptor??
[ 1105.226282][   T24] dvb-usb: found a 'TeVii S662' in warm state.
[ 1105.233361][   T24] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1105.249020][   T24] dvb-usb: bulk message failed: -22 (2/0)
[ 1105.271336][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1105.304866][   T24] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1105.325795][T16173] team0: Mode changed to "loadbalance"
[ 1105.329262][   T24] usb 7-1: media controller created
[ 1105.339016][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.345598][   T24] dw2102: i2c transfer failed.
[ 1105.350530][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.357235][   T24] dw2102: i2c transfer failed.
[ 1105.393696][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.402222][   T24] dw2102: i2c transfer failed.
[ 1105.419654][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.428842][   T24] dw2102: i2c transfer failed.
[ 1105.434445][T16169] dvb-usb: bulk message failed: -22 (27/0)
[ 1105.440466][T16169] dw2102: i2c transfer failed.
[ 1105.449133][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.462922][T16169] loop6: detected capacity change from 0 to 512
[ 1105.471962][   T24] dw2102: i2c transfer failed.
[ 1105.477239][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1105.487290][   T24] dw2102: i2c transfer failed.
[ 1105.492241][   T24] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1105.518351][T16169] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[ 1105.560459][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1105.641127][   T24] dvb-usb: bulk message failed: -22 (3/0)
[ 1105.660966][   T24] dw2102: command 0x0e transfer failed.
[ 1105.670466][   T24] dvb-usb: bulk message failed: -22 (3/0)
[ 1105.684234][   T24] dw2102: command 0x0e transfer failed.
[ 1105.782428][T16190] overlayfs: failed to resolve './file0': -2
[ 1106.006608][   T24] dvb-usb: bulk message failed: -22 (3/0)
[ 1106.021847][   T24] dw2102: command 0x0e transfer failed.
[ 1106.028032][   T24] dvb-usb: bulk message failed: -22 (3/0)
[ 1106.033942][   T24] dw2102: command 0x0e transfer failed.
[ 1106.041916][   T24] dvb-usb: bulk message failed: -22 (1/0)
[ 1106.048213][   T24] dw2102: command 0x51 transfer failed.
[ 1106.055274][   T24] dvb-usb: bulk message failed: -22 (5/0)
[ 1106.061133][   T24] dw2102: i2c probe for address 0x68 failed.
[ 1106.083996][   T24] dvb-usb: bulk message failed: -22 (5/0)
[ 1106.089961][   T24] dw2102: i2c probe for address 0x69 failed.
[ 1106.096567][   T24] dvb-usb: bulk message failed: -22 (5/0)
[ 1106.116973][   T24] dw2102: i2c probe for address 0x6a failed.
[ 1106.123996][   T24] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1106.141847][   T24] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1106.323552][   T24] rc_core: IR keymap rc-tt-1500 not found
[ 1106.329336][   T24] Registered IR keymap rc-empty
[ 1106.365308][   T24] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0
[ 1106.409479][   T24] input: TeVii S662 as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0/input23
[ 1106.438339][   T24] dvb-usb: schedule remote query interval to 250 msecs.
[ 1106.459184][   T24] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1106.467474][   T24] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1106.504557][   T24] usb 7-1: USB disconnect, device number 2
[ 1106.676238][   T24] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1106.839623][T16228] loop1: detected capacity change from 0 to 128
[ 1107.573966][   T24] usb 6-1: USB disconnect, device number 5
[ 1107.632824][T16237] loop1: detected capacity change from 0 to 65536
[ 1107.708076][T16237] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1107.784490][T16237] XFS (loop1): Ending clean mount
[ 1107.862884][ T5841] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1108.377396][T16267] loop6: detected capacity change from 0 to 128
[ 1108.890240][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1108.901325][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1108.912160][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1108.922166][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1108.932739][ T5831] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1109.293119][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.474175][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.720839][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.932849][T16303] loop6: detected capacity change from 0 to 512
[ 1109.994199][T16303] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1110.033259][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.073267][T16303] EXT4-fs (loop6): 1 truncate cleaned up
[ 1110.122662][T16303] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1110.341599][T15755] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.530475][T16276] chnl_net:caif_netlink_parms(): no params data found
[ 1110.675708][T16322] bridge_slave_0: left allmulticast mode
[ 1110.681550][T16322] bridge_slave_0: left promiscuous mode
[ 1110.710415][T16322] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.757919][T16322] bridge_slave_1: left allmulticast mode
[ 1110.765328][T16322] bridge_slave_1: left promiscuous mode
[ 1110.787916][T16322] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.817038][T16322] bond0: (slave bond_slave_0): Releasing backup interface
[ 1110.880260][T16322] bond0: (slave bond_slave_1): Releasing backup interface
[ 1110.923064][T16322] team0: Port device team_slave_0 removed
[ 1110.964294][T10478] Bluetooth: hci2: command tx timeout
[ 1110.979170][T16322] team0: Port device team_slave_1 removed
[ 1110.991102][T16322] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1110.998682][T16322] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1111.014969][T16322] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1111.045177][T16322] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1111.071468][T16322] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1111.268461][T16340] loop6: detected capacity change from 0 to 128
[ 1111.728224][T16353] loop5: detected capacity change from 0 to 8
[ 1112.017996][T16359] loop5: detected capacity change from 0 to 64
[ 1112.105336][   T30] audit: type=1800 audit(1760490539.661:106): pid=16359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2802" name="file1" dev="loop5" ino=5 res=0 errno=0
[ 1112.168255][   T30] audit: type=1800 audit(1760490539.661:107): pid=16359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2802" name="file1" dev="loop5" ino=5 res=0 errno=0
[ 1112.191313][   T13] bond2 (unregistering): (slave gretap1): Releasing active interface
[ 1112.367092][T16366] loop5: detected capacity change from 0 to 4096
[ 1112.404371][T16366] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1112.462180][T16366] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1112.506218][T16367] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1112.594233][T16366] loop5: detected capacity change from 4096 to 0
[ 1112.600966][    C1] I/O error, dev loop5, sector 56 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1112.654221][T13984] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 648518346341351424
[ 1112.675937][T13984] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=12)
[ 1112.693281][T13984] Buffer I/O error on dev loop5, logical block 511, lost sync page write
[ 1112.712075][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1112.729471][T13984] Buffer I/O error on dev loop5, logical block 0, lost sync page write
[ 1112.748486][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1112.763617][T13984] Remounting filesystem read-only
[ 1112.768924][T13984] NILFS (loop5): error -5 truncating bmap (ino=12)
[ 1112.789222][   T13] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1112.799692][T13984] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[ 1112.827802][   T13] bond0 (unregistering): Released all slaves
[ 1112.892349][   T13] bond1 (unregistering): Released all slaves
[ 1112.947291][   T13] bond2 (unregistering): Released all slaves
[ 1112.986883][   T13] bond3 (unregistering): Released all slaves
[ 1113.039034][   T13] bond4 (unregistering): Released all slaves
[ 1113.045435][T10478] Bluetooth: hci2: command tx timeout
[ 1113.064891][T16377] loop5: detected capacity change from 0 to 64
[ 1113.071957][   T13] bond5 (unregistering): Released all slaves
[ 1113.219302][T16361] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1113.428441][   T13] IPVS: stopping master sync thread 13686 ...
[ 1113.464440][   T13] IPVS: stopping backup sync thread 9289 ...
[ 1113.538800][T16276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1113.575882][T16276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.586034][T16389] loop5: detected capacity change from 0 to 8
[ 1113.600053][T16276] bridge_slave_0: entered allmulticast mode
[ 1113.633527][ T5949] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1113.660362][T16276] bridge_slave_0: entered promiscuous mode
[ 1113.696701][T16276] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1113.726734][T16276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.748386][T16276] bridge_slave_1: entered allmulticast mode
[ 1113.773198][T16276] bridge_slave_1: entered promiscuous mode
[ 1113.824179][ T5949] usb 7-1: Using ep0 maxpacket: 8
[ 1113.855182][ T5949] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1113.868686][ T5949] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1113.890330][ T5949] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1113.933498][ T5949] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.974572][ T5949] usb 7-1: config 0 descriptor??
[ 1114.001087][ T5949] iowarrior 7-1:0.0: no interrupt-in endpoint found
[ 1114.128932][T16276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1114.405311][T16276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1114.470896][T16408] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1114.721717][T16425] loop1: detected capacity change from 0 to 8
[ 1114.764134][T16428] loop5: detected capacity change from 0 to 47
[ 1114.797912][   T13] hsr_slave_0: left promiscuous mode
[ 1114.822420][   T13] hsr_slave_1: left promiscuous mode
[ 1114.917535][   T13] veth1_macvtap: left promiscuous mode
[ 1114.931791][   T13] veth0_macvtap: left promiscuous mode
[ 1114.939160][   T13] veth1_vlan: left promiscuous mode
[ 1114.958899][   T13] veth0_vlan: left promiscuous mode
[ 1115.123990][T10478] Bluetooth: hci2: command tx timeout
[ 1116.433058][ T5941] usb 7-1: USB disconnect, device number 3
[ 1116.554253][T16453] loop6: detected capacity change from 0 to 4096
[ 1116.576513][T16453] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1116.586055][T16453] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[ 1116.597003][T16453] System zones: 0-5
[ 1116.631706][T16453] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1116.660613][T16276] team0: Port device team_slave_0 added
[ 1116.687464][T16276] team0: Port device team_slave_1 added
[ 1116.926436][T16276] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1116.952661][T16276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1116.992370][T15755] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1117.094677][T16276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1117.122955][T16276] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1117.132253][T16276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1117.223274][T10478] Bluetooth: hci2: command tx timeout
[ 1117.241234][T16474] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2838'.
[ 1117.256315][T16276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1117.356336][T16476] Device name cannot be null; rc = [-22]
[ 1117.423524][ T5941] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1117.573554][ T5941] usb 6-1: Using ep0 maxpacket: 16
[ 1117.581466][T16276] hsr_slave_0: entered promiscuous mode
[ 1117.598628][ T5941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1117.613017][T16276] hsr_slave_1: entered promiscuous mode
[ 1117.619592][ T5941] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1117.654622][T16276] debugfs: 'hsr0' already exists in 'hsr'
[ 1117.660411][T16276] Cannot create hsr debugfs directory
[ 1117.675035][ T5941] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[ 1117.705944][ T5941] usb 6-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[ 1117.729112][ T5941] usb 6-1: Manufacturer: syz
[ 1117.761916][ T5941] usb 6-1: config 0 descriptor??
[ 1117.864883][T16494] loop1: detected capacity change from 0 to 256
[ 1118.228892][ T5941] playstation 0003:054C:0DF2.0001: hidraw0: USB HID v0.09 Device [syz] on usb-dummy_hcd.5-1/input0
[ 1118.390776][ T5941] playstation 0003:054C:0DF2.0001: Invalid reportID received, expected 9 got 43
[ 1118.450825][ T5941] playstation 0003:054C:0DF2.0001: Failed to retrieve DualSense pairing info: -22
[ 1118.461456][ T5941] playstation 0003:054C:0DF2.0001: Failed to get MAC address from DualSense
[ 1118.474275][ T5941] playstation 0003:054C:0DF2.0001: Failed to create dualsense.
[ 1118.518281][ T5941] playstation 0003:054C:0DF2.0001: probe with driver playstation failed with error -22
[ 1118.595948][ T5941] usb 6-1: USB disconnect, device number 6
[ 1118.899708][T16521] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1118.972349][T16519] fido_id[16519]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1119.283890][T16540] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2855'.
[ 1119.996101][T16276] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1120.064390][T16276] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1120.087633][T16562] loop6: detected capacity change from 0 to 256
[ 1120.116559][T16276] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1120.188233][T16276] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1120.213546][T16565] 9pnet_fd: Insufficient options for proto=fd
[ 1120.368769][T16576] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2866'.
[ 1120.549753][T16586] loop1: detected capacity change from 0 to 8
[ 1120.624121][T16276] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1120.647442][T16586] overlayfs: missing 'lowerdir'
[ 1120.762235][T16276] 8021q: adding VLAN 0 to HW filter on device team0
[ 1120.819496][ T7812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1120.826801][ T7812] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1120.924675][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1120.931929][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1121.182451][T16276] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1121.314320][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.321822][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1121.572019][T16618] 9pnet_fd: Insufficient options for proto=fd
[ 1121.609989][ T5941] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1121.705237][T16609] loop5: detected capacity change from 0 to 65536
[ 1121.787293][ T5941] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1121.816153][ T5941] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1121.833802][T16609] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1121.886650][ T5941] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1121.943474][ T5941] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1121.994036][ T5941] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1122.014891][T16609] XFS (loop5): Ending clean mount
[ 1122.033136][ T5941] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1122.065056][ T5941] usb 7-1: Product: syz
[ 1122.082907][ T5941] usb 7-1: Manufacturer: syz
[ 1122.101593][T16276] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1122.114049][ T5941] usb 7-1: SerialNumber: syz
[ 1122.175586][ T5941] cdc_mbim 7-1:1.0: skipping garbage
[ 1122.279777][T13984] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1122.359126][T16276] veth0_vlan: entered promiscuous mode
[ 1122.389049][T16613] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1122.425327][T16276] veth1_vlan: entered promiscuous mode
[ 1122.550893][T16276] veth0_macvtap: entered promiscuous mode
[ 1122.598608][T16276] veth1_macvtap: entered promiscuous mode
[ 1122.657106][T16642] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2884'.
[ 1122.686192][T16276] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1122.700386][T16642] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2884'.
[ 1122.740004][T16276] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1122.784190][ T1014] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.803251][ T1014] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.841125][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.861952][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.029351][T16613] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1123.033798][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.064927][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1123.100758][T16651] loop5: detected capacity change from 0 to 8
[ 1123.137737][ T7812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.152111][T16651] overlayfs: missing 'lowerdir'
[ 1123.164173][ T7812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1123.285427][ T5941] cdc_mbim 7-1:1.0: bind() failure
[ 1123.311048][ T5941] cdc_ncm 7-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1123.343022][ T5941] cdc_mbim 7-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1123.363286][T16659] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2765'.
[ 1123.379507][ T5941] usbtest 7-1:1.1: probe with driver usbtest failed with error -71
[ 1123.422484][ T5941] usb 7-1: USB disconnect, device number 4
[ 1123.553958][T16661] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2887'.
[ 1124.035965][ T5941] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1124.236228][ T5941] usb 6-1: Using ep0 maxpacket: 32
[ 1124.284686][ T5941] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[ 1124.303589][ T5941] usb 6-1: config 0 has no interface number 0
[ 1124.325538][ T5941] usb 6-1: config 0 interface 12 has no altsetting 0
[ 1124.344819][ T5941] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1124.373827][ T5941] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1124.397770][ T5941] usb 6-1: Product: syz
[ 1124.402227][T16678] loop6: detected capacity change from 0 to 4096
[ 1124.409126][ T5941] usb 6-1: Manufacturer: syz
[ 1124.451137][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1124.461024][ T5941] usb 6-1: SerialNumber: syz
[ 1124.466431][ T5831] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1124.475812][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1124.485997][ T5941] usb 6-1: config 0 descriptor??
[ 1124.499980][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1124.513828][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1124.658114][T16688] loop6: detected capacity change from 0 to 8
[ 1124.689016][T16688] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1124.698078][T16688] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1124.786990][T16686] loop2: detected capacity change from 0 to 4096
[ 1124.849242][T16686] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1124.900558][T16686] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1124.993093][T16692] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1125.027057][   T30] audit: type=1800 audit(1760490552.591:108): pid=16686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2894" name="file2" dev="loop2" ino=16 res=0 errno=0
[ 1125.105372][T16696] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2898'.
[ 1125.140391][ T5941] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71
[ 1125.156776][ T5941] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[ 1125.168456][ T5941] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1125.176523][ T5941] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[ 1125.193281][ T5941] usb 6-1: USB disconnect, device number 7
[ 1125.233087][T16698] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2900'.
[ 1125.478004][ T9823] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.480605][T16703] loop1: detected capacity change from 0 to 4096
[ 1125.501884][T16703] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1125.529530][T16703] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1125.608926][T16708] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1125.617336][   T30] audit: type=1800 audit(1760490553.171:109): pid=16703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2902" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1125.651084][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.651084][T16703] loop1: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.654696][ T5949] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1125.675834][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.675834][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.692179][ T9823] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.708126][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.708126][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.725069][   T30] audit: type=1804 audit(1760490553.271:110): pid=16709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2902" name="/newroot/553/file1/bus" dev="loop1" ino=18 res=1 errno=0
[ 1125.748265][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.748265][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.799598][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.799598][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.814320][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.814320][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.835956][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.835956][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.863615][ T5949] usb 3-1: Using ep0 maxpacket: 32
[ 1125.871038][ T5949] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1125.886157][ T9823] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.886643][ T5949] usb 3-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1125.930509][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.930509][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.945818][ T5949] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1125.959130][T16703] syz.1.2902: attempt to access beyond end of device
[ 1125.959130][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1125.986880][ T5949] usb 3-1: config 0 descriptor??
[ 1126.003235][ T5949] dvb-usb: found a 'TeVii S662' in warm state.
[ 1126.014372][ T5949] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1126.020897][T16703] syz.1.2902: attempt to access beyond end of device
[ 1126.020897][T16703] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1126.035100][ T5949] dvb-usb: bulk message failed: -22 (2/0)
[ 1126.075569][ T5949] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1126.160509][ T5949] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1126.180788][ T5949] usb 3-1: media controller created
[ 1126.202614][T16701] dvb-usb: bulk message failed: -22 (27/0)
[ 1126.214680][ T9823] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1126.227656][T16701] dw2102: i2c transfer failed.
[ 1126.265423][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.283703][ T5949] dw2102: i2c transfer failed.
[ 1126.292437][T16701] loop2: detected capacity change from 0 to 512
[ 1126.301528][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.320875][ T5949] dw2102: i2c transfer failed.
[ 1126.331170][T16718] loop5: detected capacity change from 0 to 8
[ 1126.350127][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.376622][T16701] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1126.388330][ T5949] dw2102: i2c transfer failed.
[ 1126.395913][T16718] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1126.407279][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.413068][ T5949] dw2102: i2c transfer failed.
[ 1126.438253][T16718] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1126.446502][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.469882][ T5949] dw2102: i2c transfer failed.
[ 1126.487270][ T5949] dvb-usb: bulk message failed: -22 (6/0)
[ 1126.502383][ T5949] dw2102: i2c transfer failed.
[ 1126.508988][ T5949] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1126.607515][ T5949] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1126.644178][ T5831] Bluetooth: hci3: command tx timeout
[ 1126.732945][ T5949] dvb-usb: bulk message failed: -22 (3/0)
[ 1126.779646][ T5949] dw2102: command 0x0e transfer failed.
[ 1126.822118][ T5949] dvb-usb: bulk message failed: -22 (3/0)
[ 1126.836268][T16726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2907'.
[ 1126.838025][ T5949] dw2102: command 0x0e transfer failed.
[ 1126.887036][T16682] chnl_net:caif_netlink_parms(): no params data found
[ 1126.928699][T16729] loop5: detected capacity change from 0 to 4096
[ 1126.955813][T16729] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1126.975445][T16729] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1127.038091][T16731] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1127.086232][   T30] audit: type=1800 audit(1760490554.651:111): pid=16729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2909" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1127.142312][T16733] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2911'.
[ 1127.172354][ T5949] dvb-usb: bulk message failed: -22 (3/0)
[ 1127.184616][T16735] loop2: detected capacity change from 0 to 64
[ 1127.185917][ T5949] dw2102: command 0x0e transfer failed.
[ 1127.256839][ T5949] dvb-usb: bulk message failed: -22 (3/0)
[ 1127.293802][ T5949] dw2102: command 0x0e transfer failed.
[ 1127.312361][ T5949] dvb-usb: bulk message failed: -22 (1/0)
[ 1127.326245][ T5949] dw2102: command 0x51 transfer failed.
[ 1127.360022][ T5949] dvb-usb: bulk message failed: -22 (5/0)
[ 1127.396158][ T5949] dw2102: i2c probe for address 0x68 failed.
[ 1127.421733][ T5949] dvb-usb: bulk message failed: -22 (5/0)
[ 1127.450809][ T5949] dw2102: i2c probe for address 0x69 failed.
[ 1127.479275][ T5949] dvb-usb: bulk message failed: -22 (5/0)
[ 1127.499894][ T5949] dw2102: i2c probe for address 0x6a failed.
[ 1127.516758][ T5949] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1127.542454][ T5949] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1127.682014][T16745] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2916'.
[ 1127.773598][ T5949] rc_core: IR keymap rc-tt-1500 not found
[ 1127.779389][ T5949] Registered IR keymap rc-empty
[ 1127.810641][ T5949] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0
[ 1127.821212][T16751] loop2: detected capacity change from 0 to 8
[ 1127.850172][ T5949] input: TeVii S662 as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input24
[ 1127.895099][T16751] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1127.914128][ T5949] dvb-usb: schedule remote query interval to 250 msecs.
[ 1127.943618][T16751] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1127.952965][ T5949] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1127.967732][ T5949] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1128.001387][ T5949] usb 3-1: USB disconnect, device number 31
[ 1128.022438][T16757] Bluetooth: MGMT ver 1.23
[ 1128.058985][T16757] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[ 1128.143015][ T5949] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1128.222484][   T30] audit: type=1326 audit(1760490555.781:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16761 comm="syz.2.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7c38eec9 code=0x7ffc0000
[ 1128.270691][   T30] audit: type=1326 audit(1760490555.811:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16761 comm="syz.2.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7c38eec9 code=0x7ffc0000
[ 1128.299416][   T30] audit: type=1326 audit(1760490555.831:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16761 comm="syz.2.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5f7c38eec9 code=0x7ffc0000
[ 1128.342393][   T30] audit: type=1326 audit(1760490555.831:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16761 comm="syz.2.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7c38eec9 code=0x7ffc0000
[ 1128.365335][   T30] audit: type=1326 audit(1760490555.831:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16761 comm="syz.2.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7c38eec9 code=0x7ffc0000
[ 1128.407417][T16764] loop5: detected capacity change from 0 to 4096
[ 1128.452093][T16766] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2924'.
[ 1128.464251][T16764] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1128.498919][T16764] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1128.566018][T16767] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1128.595079][   T30] audit: type=1800 audit(1760490556.141:117): pid=16764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2923" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1128.677611][ T9823] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1128.691890][T16770] loop2: detected capacity change from 0 to 128
[ 1128.709974][T16770] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1128.726225][ T5831] Bluetooth: hci3: command tx timeout
[ 1128.732801][ T9823] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1128.769199][ T9823] bond0 (unregistering): Released all slaves
[ 1128.822959][ T9823] bond1 (unregistering): Released all slaves
[ 1128.829761][T16770] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1128.878357][ T9823] bond2 (unregistering): Released all slaves
[ 1128.901254][ T9823] bond3 (unregistering): Released all slaves
[ 1128.909577][T16774] loop5: detected capacity change from 0 to 512
[ 1128.916510][T16774] EXT4-fs (loop5): can't mount with both data=journal and dax
[ 1128.986874][ T9823] bond4 (unregistering): Released all slaves
[ 1129.026997][ T9823] bond5 (unregistering): Released all slaves
[ 1129.207507][ T9823] tipc: Disabling bearer <eth:syzkaller0>
[ 1129.251566][T16782] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2931'.
[ 1129.275492][ T9823] tipc: Left network mode
[ 1129.356475][ T9823] IPVS: stopping master sync thread 12323 ...
[ 1129.402946][ T9823] IPVS: stopping backup sync thread 6580 ...
[ 1129.453378][T16791] loop2: detected capacity change from 0 to 8
[ 1129.508937][T16791] overlayfs: missing 'lowerdir'
[ 1129.556679][ T5831] Bluetooth: hci5: unexpected subevent 0x1a length: 25 > 6
[ 1129.691351][T16798] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2935'.
[ 1129.823670][T16682] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1129.830911][T16682] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1129.883884][T16682] bridge_slave_0: entered allmulticast mode
[ 1129.892003][T16682] bridge_slave_0: entered promiscuous mode
[ 1129.919779][T16682] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1129.933856][T16682] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1129.951523][T16682] bridge_slave_1: entered allmulticast mode
[ 1129.965531][T16682] bridge_slave_1: entered promiscuous mode
[ 1130.213697][T16682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1130.231456][ T5913] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1130.252505][T16682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1130.361462][T16823] overlayfs: failed to clone upperpath
[ 1130.397478][ T5913] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1130.411130][ T9823] hsr_slave_0: left promiscuous mode
[ 1130.413538][ T5913] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1130.427595][ T9823] hsr_slave_1: left promiscuous mode
[ 1130.437234][ T5913] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1130.446808][ T9823] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1130.454002][ T5913] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1130.473154][ T9823] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1130.483262][ T5913] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1130.506381][ T5913] usb 6-1: config 0 descriptor??
[ 1130.520889][ T9823] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1130.539549][ T9823] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1130.562463][T16828] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2944'.
[ 1130.572748][ T9823] veth1_macvtap: left promiscuous mode
[ 1130.578565][ T9823] veth0_macvtap: left promiscuous mode
[ 1130.584823][ T9823] veth1_vlan: left promiscuous mode
[ 1130.593073][ T9823] veth0_vlan: left promiscuous mode
[ 1130.805873][ T5831] Bluetooth: hci3: command tx timeout
[ 1130.841466][T16834] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2946'.
[ 1130.922468][    C0] raw-gadget.1 gadget.5: ignoring, device is not running
[ 1130.953112][ T5913] usbhid 6-1:0.0: can't add hid device: -71
[ 1130.959808][ T5913] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1130.990591][ T5913] usb 6-1: USB disconnect, device number 8
[ 1131.191915][T16839] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2948'.
[ 1131.454355][ T9823] team0 (unregistering): Port device team_slave_1 removed
[ 1131.597007][ T9823] team0 (unregistering): Port device team_slave_0 removed
[ 1131.932560][T16849] loop1: detected capacity change from 0 to 4096
[ 1131.987188][T16849] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1132.065378][T16849] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1132.141561][T16854] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1132.179702][   T30] audit: type=1800 audit(1760490559.741:118): pid=16849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2953" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1132.183224][T16849] bio_check_eod: 1118 callbacks suppressed
[ 1132.183248][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.183248][T16849] loop1: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.258007][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.258007][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.300112][   T30] audit: type=1804 audit(1760490559.861:119): pid=16855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2953" name="/newroot/563/file1/bus" dev="loop1" ino=18 res=1 errno=0
[ 1132.342001][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.342001][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.375588][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.375588][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.412497][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.412497][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.457397][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.457397][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.483167][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.483167][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.498133][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.498133][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.531501][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.531501][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.555699][T16849] syz.1.2953: attempt to access beyond end of device
[ 1132.555699][T16849] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1132.698833][T16851] lec:lec_vcc_attach: copy from user failed for 28 bytes
[ 1132.852219][T16858] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[ 1132.885873][ T5831] Bluetooth: hci3: command tx timeout
[ 1133.076743][T16866] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2958'.
[ 1133.149931][T16682] team0: Port device team_slave_0 added
[ 1133.201008][T16864] tipc: Started in network mode
[ 1133.233788][T16864] tipc: Node identity 7e72e9eaa157, cluster identity 4711
[ 1133.263991][T16864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1133.275576][T16682] team0: Port device team_slave_1 added
[ 1133.324900][T16863] tipc: Resetting bearer <eth:syzkaller0>
[ 1133.331271][T16867] syzkaller0: entered promiscuous mode
[ 1133.339304][T16867] syzkaller0: entered allmulticast mode
[ 1133.387384][T16859] tipc: Resetting bearer <eth:syzkaller0>
[ 1133.413045][T16859] tipc: Disabling bearer <eth:syzkaller0>
[ 1133.425165][T16682] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1133.432190][T16682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1133.459973][T16682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1133.490064][T16682] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1133.504117][T16682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1133.531822][T16682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1133.730555][T16682] hsr_slave_0: entered promiscuous mode
[ 1133.750112][T16682] hsr_slave_1: entered promiscuous mode
[ 1133.758382][T16881] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2961'.
[ 1133.783275][T16682] debugfs: 'hsr0' already exists in 'hsr'
[ 1133.797399][T16682] Cannot create hsr debugfs directory
[ 1133.989235][T16888] team0: Mode changed to "loadbalance"
[ 1134.175973][T16891] loop5: detected capacity change from 0 to 8
[ 1134.308983][T16891] overlayfs: missing 'workdir'
[ 1134.378461][T16897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2967'.
[ 1134.411052][ T9823] IPVS: stop unused estimator thread 0...
[ 1135.325543][T16925] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2974'.
[ 1135.752854][T16938] loop1: detected capacity change from 0 to 8
[ 1136.477658][T16682] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1136.515055][T16682] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1136.559777][T16682] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1136.597630][T16682] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1136.783158][T16929] kexec: Could not allocate control_code_buffer
[ 1136.947554][T16682] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1136.955271][T16975] team0: Unable to change to the same mode the team is in
[ 1137.004983][T16682] 8021q: adding VLAN 0 to HW filter on device team0
[ 1137.047878][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1137.055192][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1137.078105][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1137.085360][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1137.373291][T16989] loop5: detected capacity change from 0 to 64
[ 1137.418901][T16986] overlayfs: failed to resolve './file0': -2
[ 1138.171830][T17013] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2997'.
[ 1138.298594][T16682] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1138.641163][T16682] veth0_vlan: entered promiscuous mode
[ 1138.717324][T16682] veth1_vlan: entered promiscuous mode
[ 1138.854960][T16682] veth0_macvtap: entered promiscuous mode
[ 1138.901657][T16682] veth1_macvtap: entered promiscuous mode
[ 1138.945859][T17036] overlayfs: failed to resolve './file0': -2
[ 1138.951948][T16682] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1139.013645][ T5913] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1139.033575][T16682] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1139.075515][ T9823] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1139.094062][ T9823] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1139.113356][ T9823] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1139.122331][ T9823] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1139.173774][ T5913] usb 6-1: Using ep0 maxpacket: 32
[ 1139.181881][ T5913] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1139.203124][ T5913] usb 6-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1139.257341][ T5913] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.321024][ T5913] usb 6-1: config 0 descriptor??
[ 1139.373216][ T5913] dvb-usb: found a 'TeVii S662' in warm state.
[ 1139.396484][ T5913] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1139.410926][ T5913] dvb-usb: bulk message failed: -22 (2/0)
[ 1139.463295][ T5913] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1139.502084][ T3544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1139.504937][ T5913] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1139.530855][ T3544] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1139.553502][ T5913] usb 6-1: media controller created
[ 1139.561095][T17032] dvb-usb: bulk message failed: -22 (27/0)
[ 1139.567591][T17032] dw2102: i2c transfer failed.
[ 1139.606011][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.639493][T17032] loop5: detected capacity change from 0 to 512
[ 1139.673991][ T5913] dw2102: i2c transfer failed.
[ 1139.678843][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.717481][T17032] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1139.734970][ T5913] dw2102: i2c transfer failed.
[ 1139.739901][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.776018][ T5913] dw2102: i2c transfer failed.
[ 1139.780866][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.816905][ T3544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1139.831675][ T5913] dw2102: i2c transfer failed.
[ 1139.855819][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.864965][ T3544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1139.884077][ T5913] dw2102: i2c transfer failed.
[ 1139.902411][ T5913] dvb-usb: bulk message failed: -22 (6/0)
[ 1139.923643][ T5913] dw2102: i2c transfer failed.
[ 1139.938814][ T5913] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1140.053851][ T5913] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1140.140571][ T5913] dvb-usb: bulk message failed: -22 (3/0)
[ 1140.162163][ T5913] dw2102: command 0x0e transfer failed.
[ 1140.193937][ T5913] dvb-usb: bulk message failed: -22 (3/0)
[ 1140.225827][ T5913] dw2102: command 0x0e transfer failed.
[ 1140.538807][ T5913] dvb-usb: bulk message failed: -22 (3/0)
[ 1140.548248][ T5913] dw2102: command 0x0e transfer failed.
[ 1140.586355][T17070] nfs4: Unknown parameter '
'
[ 1140.597704][ T5913] dvb-usb: bulk message failed: -22 (3/0)
[ 1140.616409][ T5913] dw2102: command 0x0e transfer failed.
[ 1140.622039][ T5913] dvb-usb: bulk message failed: -22 (1/0)
[ 1140.694101][ T5913] dw2102: command 0x51 transfer failed.
[ 1140.699722][ T5913] dvb-usb: bulk message failed: -22 (5/0)
[ 1140.741664][ T5913] dw2102: i2c probe for address 0x68 failed.
[ 1140.757562][T17074] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[ 1140.833580][ T5913] dvb-usb: bulk message failed: -22 (5/0)
[ 1140.839384][ T5913] dw2102: i2c probe for address 0x69 failed.
[ 1140.873502][ T5913] dvb-usb: bulk message failed: -22 (5/0)
[ 1140.886842][ T5913] dw2102: i2c probe for address 0x6a failed.
[ 1140.902335][ T5913] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1140.911438][ T5913] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1141.034015][T17084] overlayfs: failed to resolve './file0': -2
[ 1141.084097][ T5913] rc_core: IR keymap rc-tt-1500 not found
[ 1141.089911][ T5913] Registered IR keymap rc-empty
[ 1141.128249][ T5913] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[ 1141.208621][ T5913] input: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input25
[ 1141.221250][T17091] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3015'.
[ 1141.281385][ T5913] dvb-usb: schedule remote query interval to 250 msecs.
[ 1141.330956][T17086] loop3: detected capacity change from 0 to 4096
[ 1141.337451][ T5913] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1141.391756][ T5913] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1141.428343][ T5913] usb 6-1: USB disconnect, device number 9
[ 1141.472664][T17096] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1141.568578][T17095] loop5: detected capacity change from 0 to 256
[ 1141.625355][ T5913] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1141.660032][T17095] FAT-fs (loop5): Directory bread(block 64) failed
[ 1141.687815][T17095] FAT-fs (loop5): Directory bread(block 65) failed
[ 1141.728113][T17095] FAT-fs (loop5): Directory bread(block 66) failed
[ 1141.761495][T17095] FAT-fs (loop5): Directory bread(block 67) failed
[ 1141.803679][T17095] FAT-fs (loop5): Directory bread(block 68) failed
[ 1141.863758][T17095] FAT-fs (loop5): Directory bread(block 69) failed
[ 1141.870463][T17095] FAT-fs (loop5): Directory bread(block 70) failed
[ 1141.930018][T17095] FAT-fs (loop5): Directory bread(block 71) failed
[ 1141.949019][T17095] FAT-fs (loop5): Directory bread(block 72) failed
[ 1141.986061][T17095] FAT-fs (loop5): Directory bread(block 73) failed
[ 1142.601926][T17117] overlayfs: failed to resolve './file0': -2
[ 1142.777527][T17121] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3027'.
[ 1142.855540][ T5831] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1142.870556][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[ 1142.870587][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1142.870602][ T5831] Workqueue: hci2 hci_rx_work
[ 1142.870645][ T5831] Call Trace:
[ 1142.870654][ T5831]  <TASK>
[ 1142.870665][ T5831]  dump_stack_lvl+0x189/0x250
[ 1142.870696][ T5831]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1142.870720][ T5831]  ? __pfx__printk+0x10/0x10
[ 1142.870762][ T5831]  ? kernfs_path_from_node+0x250/0x290
[ 1142.870782][ T5831]  ? kernfs_path_from_node+0x2f/0x290
[ 1142.870825][ T5831]  sysfs_create_dir_ns+0x259/0x280
[ 1142.870861][ T5831]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1142.870896][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[ 1142.870924][ T5831]  kobject_add_internal+0x59f/0xb40
[ 1142.871045][ T5831]  kobject_add+0x155/0x220
[ 1142.871075][ T5831]  ? __pfx_kobject_add+0x10/0x10
[ 1142.871100][ T5831]  ? _raw_spin_unlock+0x28/0x50
[ 1142.871179][ T5831]  ? get_device_parent+0x366/0x3a0
[ 1142.871207][ T5831]  device_add+0x408/0xb50
[ 1142.871235][ T5831]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1142.871266][ T5831]  le_conn_complete_evt+0xf39/0x1500
[ 1142.871304][ T5831]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1142.871327][ T5831]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1142.871347][ T5831]  ? __asan_memcpy+0x40/0x70
[ 1142.871375][ T5831]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1142.871395][ T5831]  ? skb_pull_data+0xfb/0x200
[ 1142.871422][ T5831]  hci_le_conn_complete_evt+0x187/0x450
[ 1142.871466][ T5831]  hci_event_packet+0x78f/0x1200
[ 1142.871500][ T5831]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1142.871537][ T5831]  ? __pfx_hci_event_packet+0x10/0x10
[ 1142.871567][ T5831]  ? kcov_remote_start+0x4d3/0x7f0
[ 1142.871594][ T5831]  ? local_clock_noinstr+0xe0/0xe0
[ 1142.871638][ T5831]  ? hci_send_to_monitor+0xe2/0x570
[ 1142.871665][ T5831]  hci_rx_work+0x46a/0xe80
[ 1142.871704][ T5831]  ? process_scheduled_works+0x9ef/0x17b0
[ 1142.871744][ T5831]  process_scheduled_works+0xae1/0x17b0
[ 1142.871810][ T5831]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1142.871867][ T5831]  worker_thread+0x8a0/0xda0
[ 1142.871928][ T5831]  kthread+0x711/0x8a0
[ 1142.871955][ T5831]  ? __pfx_worker_thread+0x10/0x10
[ 1142.871985][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1142.872010][ T5831]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1142.872041][ T5831]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1142.872059][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1142.872082][ T5831]  ret_from_fork+0x4bc/0x870
[ 1142.872114][ T5831]  ? __pfx_ret_from_fork+0x10/0x10
[ 1142.872161][ T5831]  ? __switch_to_asm+0x39/0x70
[ 1142.872184][ T5831]  ? __switch_to_asm+0x33/0x70
[ 1142.872207][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1142.872231][ T5831]  ret_from_fork_asm+0x1a/0x30
[ 1142.872277][ T5831]  </TASK>
[ 1142.872309][ T5831] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1143.156035][ T5831] Bluetooth: hci2: failed to register connection device
[ 1143.236373][T17133] loop5: detected capacity change from 0 to 1024
[ 1143.353234][   T30] audit: type=1800 audit(1760490570.911:120): pid=17133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3032" name="file1" dev="loop5" ino=2 res=0 errno=0
[ 1143.629447][T17138] loop5: detected capacity change from 0 to 736
[ 1143.847401][T17142] team0: Unable to change to the same mode the team is in
[ 1144.116247][T17150] overlayfs: failed to resolve './file0': -2
[ 1144.373147][T17158] loop5: detected capacity change from 0 to 4096
[ 1144.397848][T17158] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1144.462311][T17158] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1144.603276][T17164] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1144.615039][T17158] bio_check_eod: 151 callbacks suppressed
[ 1144.615060][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.615060][T17158] loop5: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.641904][T17162] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3042'.
[ 1144.657718][   T30] audit: type=1800 audit(1760490572.161:121): pid=17158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3041" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1144.681883][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.681883][T17158] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.697481][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.697481][T17158] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.715176][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.715176][T17158] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.734048][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.734048][T17158] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.781209][T17158] syz.5.3041: attempt to access beyond end of device
[ 1144.781209][T17158] loop5: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1144.826665][T17166] loop5: detected capacity change from 4096 to 0
[ 1145.189603][T13984] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 648518346341351424
[ 1145.229670][T13984] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=12)
[ 1145.325936][T13984] Buffer I/O error on dev loop5, logical block 511, lost sync page write
[ 1145.340184][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1145.349764][T13984] Buffer I/O error on dev loop5, logical block 0, lost sync page write
[ 1145.371830][T13984] NILFS (loop5): unable to write superblock: err=-5
[ 1145.381136][T13984] Remounting filesystem read-only
[ 1145.392972][T13984] NILFS (loop5): error -5 truncating bmap (ino=12)
[ 1145.406594][T13984] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[ 1145.615507][T17183] overlayfs: failed to resolve './file0': -2
[ 1146.129450][T16951] Set syz1 is full, maxelem 65536 reached
[ 1146.291139][T17202] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3057'.
[ 1146.607843][T17224] loop1: detected capacity change from 0 to 8
[ 1146.730021][T17232] netlink: 'syz.6.3067': attribute type 4 has an invalid length.
[ 1146.837965][T17234] team0: No ports can be present during mode change
[ 1146.848656][T17235] netlink: 'syz.6.3067': attribute type 4 has an invalid length.
[ 1147.305822][T17246] loop1: detected capacity change from 0 to 4096
[ 1147.336709][T17246] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1147.407702][T17246] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1147.455323][T17260] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1147.532500][   T30] audit: type=1800 audit(1760490575.091:122): pid=17246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3076" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1147.574637][T17246] syz.1.3076: attempt to access beyond end of device
[ 1147.574637][T17246] loop1: rw=524288, sector=2097320, nr_sectors = 8 limit=4096
[ 1147.626039][T17263] overlayfs: failed to resolve './file0': -2
[ 1147.675406][T17246] syz.1.3076: attempt to access beyond end of device
[ 1147.675406][T17246] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1147.779160][T17246] syz.1.3076: attempt to access beyond end of device
[ 1147.779160][T17246] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1147.817661][T17246] syz.1.3076: attempt to access beyond end of device
[ 1147.817661][T17246] loop1: rw=0, sector=2097320, nr_sectors = 8 limit=4096
[ 1147.884158][T17272] team0: No ports can be present during mode change
[ 1147.959088][T17265] loop1: detected capacity change from 4096 to 0
[ 1148.236226][ T5841] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 648518346341351424
[ 1148.248861][ T5841] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=12)
[ 1148.275174][ T5841] Buffer I/O error on dev loop1, logical block 511, lost sync page write
[ 1148.329629][ T5841] NILFS (loop1): unable to write superblock: err=-5
[ 1148.349788][ T5841] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[ 1148.361335][ T5841] NILFS (loop1): unable to write superblock: err=-5
[ 1148.368128][ T5841] Remounting filesystem read-only
[ 1148.373284][ T5841] NILFS (loop1): error -5 truncating bmap (ino=12)
[ 1148.438364][T17284] loop5: detected capacity change from 0 to 1024
[ 1148.446670][ T5841] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[ 1148.463124][T17284] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1148.504300][T17284] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1148.626552][T13984] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1148.765093][T17299] capability: warning: `syz.1.3095' uses deprecated v2 capabilities in a way that may be insecure
[ 1148.864635][T17302] Invalid logical block size (768)
[ 1149.971639][T17324] loop1: detected capacity change from 0 to 1024
[ 1150.027141][T17324] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1150.096494][T17324] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1150.183059][T17335] loop5: detected capacity change from 0 to 256
[ 1150.264013][T17335] exfat: Deprecated parameter 'utf8'
[ 1150.276347][T17336] overlayfs: failed to resolve './file0': -2
[ 1150.287656][T17335] exfat: Deprecated parameter 'namecase'
[ 1150.327272][T17335] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1150.401296][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1150.559904][T17339] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3110'.
[ 1150.953348][T17346] loop1: detected capacity change from 0 to 4096
[ 1151.041218][T17346] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1151.103599][T17346] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1151.218676][T17357] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1151.301913][   T30] audit: type=1800 audit(1760490578.861:123): pid=17346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3113" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1151.337294][T17359] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3121'.
[ 1151.690288][T17367] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3125'.
[ 1152.113580][ T5888] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1152.285283][ T5888] usb 6-1: Using ep0 maxpacket: 8
[ 1152.359822][ T5888] usb 6-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 1152.379705][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1152.402510][ T5888] usb 6-1: Product: syz
[ 1152.413468][ T5888] usb 6-1: Manufacturer: syz
[ 1152.423711][ T5888] usb 6-1: SerialNumber: syz
[ 1152.445585][ T5888] usb 6-1: config 0 descriptor??
[ 1152.515450][ T5888] gspca_main: sonixj-2.14.0 probing 0c45:613a
[ 1153.108718][T17389] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3133'.
[ 1153.570504][T17397] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3137'.
[ 1153.851678][T17403] 9pnet_fd: Insufficient options for proto=fd
[ 1154.316931][T17412] overlayfs: failed to resolve './file0': -2
[ 1154.903667][ T5888] gspca_sonixj: reg_w1 err -71
[ 1154.944803][ T5888] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[ 1154.979181][ T5888] usb 6-1: USB disconnect, device number 10
[ 1155.236945][T17427] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3150'.
[ 1155.706565][T17442] loop5: detected capacity change from 0 to 128
[ 1155.769360][T17442] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1155.855384][T17442] ext4 filesystem being mounted at /291/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1155.927436][T17303] Set syz1 is full, maxelem 65536 reached
[ 1156.002974][T13984] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1156.372363][T17458] loop1: detected capacity change from 0 to 4096
[ 1156.385896][T17461] fuse: Bad value for 'fd'
[ 1156.435056][T17458] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1156.477664][T17458] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1156.548149][T17467] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1156.595518][   T30] audit: type=1800 audit(1760490584.161:124): pid=17458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3162" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1157.446469][T17496] fuse: Bad value for 'fd'
[ 1157.503490][ T5888] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1157.580934][T17501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3180'.
[ 1157.672250][ T5888] usb 6-1: Using ep0 maxpacket: 32
[ 1157.680066][ T5888] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1157.702839][ T5888] usb 6-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1157.722485][ T5888] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.752317][ T5888] usb 6-1: config 0 descriptor??
[ 1157.779904][ T5888] dvb-usb: found a 'TeVii S662' in warm state.
[ 1157.791639][ T5888] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1157.810010][ T5888] dvb-usb: bulk message failed: -22 (2/0)
[ 1157.841433][ T5888] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1157.860711][ T5888] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1157.868670][ T5888] usb 6-1: media controller created
[ 1157.897176][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1157.902961][ T5888] dw2102: i2c transfer failed.
[ 1157.908100][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1157.913975][ T5888] dw2102: i2c transfer failed.
[ 1157.918957][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1157.924931][ T5888] dw2102: i2c transfer failed.
[ 1157.938927][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1157.998748][ T5888] dw2102: i2c transfer failed.
[ 1158.013577][T17492] dvb-usb: bulk message failed: -22 (27/0)
[ 1158.019536][T17492] dw2102: i2c transfer failed.
[ 1158.057264][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1158.074002][T17518] loop5: detected capacity change from 0 to 512
[ 1158.086490][ T5888] dw2102: i2c transfer failed.
[ 1158.092647][ T5888] dvb-usb: bulk message failed: -22 (6/0)
[ 1158.151632][T17518] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1158.165918][ T5888] dw2102: i2c transfer failed.
[ 1158.170743][ T5888] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1158.304503][ T5888] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1158.373969][T17527] fuse: Bad value for 'fd'
[ 1158.384097][ T5888] dvb-usb: bulk message failed: -22 (3/0)
[ 1158.431187][ T5888] dw2102: command 0x0e transfer failed.
[ 1158.457372][ T5888] dvb-usb: bulk message failed: -22 (3/0)
[ 1158.477620][ T5888] dw2102: command 0x0e transfer failed.
[ 1158.567510][T17535] bridge0: entered promiscuous mode
[ 1158.595510][T17535] bridge0: port 1(macsec1) entered blocking state
[ 1158.602214][T17535] bridge0: port 1(macsec1) entered disabled state
[ 1158.633042][T17535] macsec1: entered allmulticast mode
[ 1158.666078][T17535] bridge0: entered allmulticast mode
[ 1158.685985][T17535] macsec1: left allmulticast mode
[ 1158.691104][T17535] bridge0: left allmulticast mode
[ 1158.737238][T17535] bridge0: left promiscuous mode
[ 1158.783509][ T5888] dvb-usb: bulk message failed: -22 (3/0)
[ 1158.809557][ T5888] dw2102: command 0x0e transfer failed.
[ 1158.847005][ T5888] dvb-usb: bulk message failed: -22 (3/0)
[ 1158.883704][ T5888] dw2102: command 0x0e transfer failed.
[ 1158.903694][ T5888] dvb-usb: bulk message failed: -22 (1/0)
[ 1158.909487][ T5888] dw2102: command 0x51 transfer failed.
[ 1158.962930][ T5888] dvb-usb: bulk message failed: -22 (5/0)
[ 1158.976395][ T5888] dw2102: i2c probe for address 0x68 failed.
[ 1158.984572][ T5888] dvb-usb: bulk message failed: -22 (5/0)
[ 1158.990448][ T5888] dw2102: i2c probe for address 0x69 failed.
[ 1159.064452][ T5888] dvb-usb: bulk message failed: -22 (5/0)
[ 1159.070339][ T5888] dw2102: i2c probe for address 0x6a failed.
[ 1159.113435][ T5888] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1159.163461][ T5888] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1159.396142][ T5888] rc_core: IR keymap rc-tt-1500 not found
[ 1159.402821][ T5888] Registered IR keymap rc-empty
[ 1159.424800][ T5888] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[ 1159.474085][ T5888] input: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input26
[ 1159.503908][ T5888] dvb-usb: schedule remote query interval to 250 msecs.
[ 1159.521225][ T5888] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1159.555485][ T5888] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1159.608842][ T5888] usb 6-1: USB disconnect, device number 11
[ 1159.835207][ T5888] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1160.361650][T17594] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3218'.
[ 1161.220003][T10478] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1161.230869][T10478] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1161.240467][T10478] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1161.251826][T10478] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1161.259937][T10478] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1161.527691][T17617] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1161.701224][T17602] chnl_net:caif_netlink_parms(): no params data found
[ 1161.715022][ T1014] ==================================================================
[ 1161.723155][ T1014] BUG: KASAN: slab-use-after-free in nf_hook_entry_head+0x1f1/0x2c0
[ 1161.731290][ T1014] Read of size 8 at addr ffff888052b08108 by task kworker/u8:5/1014
[ 1161.739391][ T1014] 
[ 1161.741746][ T1014] CPU: 1 UID: 0 PID: 1014 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[ 1161.741771][ T1014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1161.741787][ T1014] Workqueue: netns cleanup_net
[ 1161.741819][ T1014] Call Trace:
[ 1161.741827][ T1014]  <TASK>
[ 1161.741836][ T1014]  dump_stack_lvl+0x189/0x250
[ 1161.741859][ T1014]  ? rcu_is_watching+0x15/0xb0
[ 1161.741889][ T1014]  ? __kasan_check_byte+0x12/0x40
[ 1161.741917][ T1014]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1161.741937][ T1014]  ? rcu_is_watching+0x15/0xb0
[ 1161.741967][ T1014]  ? lock_release+0x4b/0x3e0
[ 1161.741997][ T1014]  ? __virt_addr_valid+0x1c8/0x5c0
[ 1161.742020][ T1014]  ? __virt_addr_valid+0x4a5/0x5c0
[ 1161.742043][ T1014]  print_report+0xca/0x240
[ 1161.742069][ T1014]  ? nf_hook_entry_head+0x1f1/0x2c0
[ 1161.742100][ T1014]  kasan_report+0x118/0x150
[ 1161.742134][ T1014]  ? nf_hook_entry_head+0x1f1/0x2c0
[ 1161.742169][ T1014]  nf_hook_entry_head+0x1f1/0x2c0
[ 1161.742200][ T1014]  __nf_unregister_net_hook+0x74/0x700
[ 1161.742233][ T1014]  ? __pfx_nf_flow_table_offload_setup+0x10/0x10
[ 1161.742265][ T1014]  __nft_release_hook+0x180/0x350
[ 1161.742304][ T1014]  nf_tables_pre_exit_net+0xa7/0x110
[ 1161.742326][ T1014]  ops_undo_list+0x187/0x990
[ 1161.742357][ T1014]  ? __pfx_ops_undo_list+0x10/0x10
[ 1161.742385][ T1014]  ? do_raw_spin_unlock+0x122/0x240
[ 1161.742409][ T1014]  cleanup_net+0x4d8/0x820
[ 1161.742437][ T1014]  ? __pfx_cleanup_net+0x10/0x10
[ 1161.742465][ T1014]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1161.742496][ T1014]  ? process_scheduled_works+0x9ef/0x17b0
[ 1161.742525][ T1014]  ? process_scheduled_works+0x9ef/0x17b0
[ 1161.742553][ T1014]  process_scheduled_works+0xae1/0x17b0
[ 1161.742600][ T1014]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1161.742639][ T1014]  worker_thread+0x8a0/0xda0
[ 1161.742670][ T1014]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1161.742706][ T1014]  ? __kthread_parkme+0x7b/0x200
[ 1161.742743][ T1014]  kthread+0x711/0x8a0
[ 1161.742766][ T1014]  ? __pfx_worker_thread+0x10/0x10
[ 1161.742796][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1161.742819][ T1014]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1161.742849][ T1014]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1161.742867][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1161.742889][ T1014]  ret_from_fork+0x4bc/0x870
[ 1161.742919][ T1014]  ? __pfx_ret_from_fork+0x10/0x10
[ 1161.742951][ T1014]  ? __switch_to_asm+0x39/0x70
[ 1161.742975][ T1014]  ? __switch_to_asm+0x33/0x70
[ 1161.742999][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1161.743020][ T1014]  ret_from_fork_asm+0x1a/0x30
[ 1161.743055][ T1014]  </TASK>
[ 1161.743062][ T1014] 
[ 1161.990548][ T1014] Allocated by task 17599:
[ 1161.994968][ T1014]  kasan_save_track+0x3e/0x80
[ 1161.999654][ T1014]  __kasan_slab_alloc+0x6c/0x80
[ 1162.004597][ T1014]  kmem_cache_alloc_node_noprof+0x433/0x710
[ 1162.010499][ T1014]  kmalloc_reserve+0xbd/0x290
[ 1162.015195][ T1014]  __alloc_skb+0x142/0x2d0
[ 1162.019707][ T1014]  __netdev_alloc_skb+0x108/0x970
[ 1162.024844][ T1014]  __ieee80211_beacon_get+0xc06/0x1880
[ 1162.030380][ T1014]  ieee80211_beacon_get_tim+0xb4/0x2b0
[ 1162.035867][ T1014]  mac80211_hwsim_beacon_tx+0x3ce/0x860
[ 1162.041448][ T1014]  __iterate_interfaces+0x2ab/0x590
[ 1162.046700][ T1014]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 1162.053754][ T1014]  mac80211_hwsim_beacon+0xbb/0x180
[ 1162.058963][ T1014]  __hrtimer_run_queues+0x52c/0xc60
[ 1162.064201][ T1014]  hrtimer_run_softirq+0x187/0x2b0
[ 1162.069325][ T1014]  handle_softirqs+0x286/0x870
[ 1162.074108][ T1014]  __irq_exit_rcu+0xca/0x1f0
[ 1162.078714][ T1014]  irq_exit_rcu+0x9/0x30
[ 1162.082976][ T1014]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1162.088691][ T1014]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1162.094676][ T1014] 
[ 1162.097003][ T1014] Freed by task 17599:
[ 1162.101085][ T1014]  kasan_save_track+0x3e/0x80
[ 1162.106142][ T1014]  __kasan_save_free_info+0x46/0x50
[ 1162.111534][ T1014]  __kasan_slab_free+0x5c/0x80
[ 1162.116314][ T1014]  kmem_cache_free+0x19b/0x690
[ 1162.121284][ T1014]  skb_release_data+0x62d/0x7c0
[ 1162.127195][ T1014]  consume_skb+0x9e/0xf0
[ 1162.131456][ T1014]  mac80211_hwsim_beacon_tx+0x3f0/0x860
[ 1162.137051][ T1014]  __iterate_interfaces+0x2ab/0x590
[ 1162.142288][ T1014]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 1162.149713][ T1014]  mac80211_hwsim_beacon+0xbb/0x180
[ 1162.155126][ T1014]  __hrtimer_run_queues+0x52c/0xc60
[ 1162.160357][ T1014]  hrtimer_run_softirq+0x187/0x2b0
[ 1162.165505][ T1014]  handle_softirqs+0x286/0x870
[ 1162.170286][ T1014]  __irq_exit_rcu+0xca/0x1f0
[ 1162.174898][ T1014]  irq_exit_rcu+0x9/0x30
[ 1162.179198][ T1014]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1162.184867][ T1014]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1162.190896][ T1014] 
[ 1162.193412][ T1014] The buggy address belongs to the object at ffff888052b08000
[ 1162.193412][ T1014]  which belongs to the cache skbuff_small_head of size 704
[ 1162.208085][ T1014] The buggy address is located 264 bytes inside of
[ 1162.208085][ T1014]  freed 704-byte region [ffff888052b08000, ffff888052b082c0)
[ 1162.221902][ T1014] 
[ 1162.224231][ T1014] The buggy address belongs to the physical page:
[ 1162.230655][ T1014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52b08
[ 1162.239669][ T1014] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1162.248193][ T1014] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1162.257055][ T1014] page_type: f5(slab)
[ 1162.261051][ T1014] raw: 00fff00000000040 ffff88801e293b40 ffffea0000cc4900 dead000000000003
[ 1162.269644][ T1014] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 1162.278337][ T1014] head: 00fff00000000040 ffff88801e293b40 ffffea0000cc4900 dead000000000003
[ 1162.287048][ T1014] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 1162.296204][ T1014] head: 00fff00000000002 ffffea00014ac201 00000000ffffffff 00000000ffffffff
[ 1162.305150][ T1014] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1162.313835][ T1014] page dumped because: kasan: bad access detected
[ 1162.320317][ T1014] page_owner tracks the page as allocated
[ 1162.326031][ T1014] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1014, tgid 1014 (kworker/u8:5), ts 1101294465191, free_ts 1029465145319
[ 1162.347150][ T1014]  post_alloc_hook+0x240/0x2a0
[ 1162.351938][ T1014]  get_page_from_freelist+0x2365/0x2440
[ 1162.357494][ T1014]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1162.363310][ T1014]  alloc_pages_mpol+0x232/0x4a0
[ 1162.368173][ T1014]  allocate_slab+0x96/0x3a0
[ 1162.372688][ T1014]  ___slab_alloc+0xe94/0x18a0
[ 1162.377380][ T1014]  __slab_alloc+0x65/0x100
[ 1162.381857][ T1014]  kmem_cache_alloc_node_noprof+0x4c5/0x710
[ 1162.387806][ T1014]  kmalloc_reserve+0xbd/0x290
[ 1162.392510][ T1014]  __alloc_skb+0x142/0x2d0
[ 1162.396941][ T1014]  ndisc_alloc_skb+0x9f/0x480
[ 1162.401642][ T1014]  ndisc_ns_create+0x21b/0x650
[ 1162.406423][ T1014]  ndisc_send_ns+0xae/0x150
[ 1162.410954][ T1014]  addrconf_dad_work+0xaae/0x14b0
[ 1162.416180][ T1014]  process_scheduled_works+0xae1/0x17b0
[ 1162.421765][ T1014]  worker_thread+0x8a0/0xda0
[ 1162.426387][ T1014] page last free pid 13984 tgid 13984 stack trace:
[ 1162.432899][ T1014]  __free_frozen_pages+0xbc4/0xd30
[ 1162.438021][ T1014]  __slab_free+0x2e7/0x390
[ 1162.442462][ T1014]  qlist_free_all+0x97/0x140
[ 1162.447063][ T1014]  kasan_quarantine_reduce+0x148/0x160
[ 1162.452587][ T1014]  __kasan_slab_alloc+0x22/0x80
[ 1162.457452][ T1014]  __kmalloc_noprof+0x3c3/0x7f0
[ 1162.462317][ T1014]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1162.467872][ T1014]  tomoyo_path_perm+0x213/0x4b0
[ 1162.472726][ T1014]  security_inode_getattr+0x12f/0x330
[ 1162.478369][ T1014]  vfs_fstatat+0xb1/0x170
[ 1162.482709][ T1014]  __x64_sys_newfstatat+0x116/0x190
[ 1162.487916][ T1014]  do_syscall_64+0xfa/0xfa0
[ 1162.492507][ T1014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.498437][ T1014] 
[ 1162.500759][ T1014] Memory state around the buggy address:
[ 1162.506585][ T1014]  ffff888052b08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.514836][ T1014]  ffff888052b08080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.522911][ T1014] >ffff888052b08100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.530974][ T1014]                       ^
[ 1162.535302][ T1014]  ffff888052b08180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.543364][ T1014]  ffff888052b08200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1162.551430][ T1014] ==================================================================
[ 1162.749121][ T1014] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1162.756387][ T1014] CPU: 1 UID: 0 PID: 1014 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[ 1162.765864][ T1014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1162.776021][ T1014] Workqueue: netns cleanup_net
[ 1162.780811][ T1014] Call Trace:
[ 1162.784099][ T1014]  <TASK>
[ 1162.787055][ T1014]  dump_stack_lvl+0x99/0x250
[ 1162.791657][ T1014]  ? __asan_memcpy+0x40/0x70
[ 1162.796263][ T1014]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1162.801470][ T1014]  ? __pfx__printk+0x10/0x10
[ 1162.806072][ T1014]  vpanic+0x237/0x6d0
[ 1162.810067][ T1014]  ? __pfx_vpanic+0x10/0x10
[ 1162.814586][ T1014]  ? preempt_schedule+0xae/0xc0
[ 1162.819456][ T1014]  ? __pfx_preempt_schedule+0x10/0x10
[ 1162.824851][ T1014]  panic+0xb9/0xc0
[ 1162.828593][ T1014]  ? __pfx_panic+0x10/0x10
[ 1162.833028][ T1014]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 1162.838943][ T1014]  ? nf_hook_entry_head+0x1f1/0x2c0
[ 1162.844162][ T1014]  check_panic_on_warn+0x89/0xb0
[ 1162.849113][ T1014]  ? nf_hook_entry_head+0x1f1/0x2c0
[ 1162.854332][ T1014]  end_report+0x78/0x160
[ 1162.858593][ T1014]  kasan_report+0x129/0x150
[ 1162.863121][ T1014]  ? nf_hook_entry_head+0x1f1/0x2c0
[ 1162.868338][ T1014]  nf_hook_entry_head+0x1f1/0x2c0
[ 1162.873397][ T1014]  __nf_unregister_net_hook+0x74/0x700
[ 1162.878901][ T1014]  ? __pfx_nf_flow_table_offload_setup+0x10/0x10
[ 1162.885252][ T1014]  __nft_release_hook+0x180/0x350
[ 1162.890298][ T1014]  nf_tables_pre_exit_net+0xa7/0x110
[ 1162.895591][ T1014]  ops_undo_list+0x187/0x990
[ 1162.900202][ T1014]  ? __pfx_ops_undo_list+0x10/0x10
[ 1162.905342][ T1014]  ? do_raw_spin_unlock+0x122/0x240
[ 1162.910569][ T1014]  cleanup_net+0x4d8/0x820
[ 1162.915033][ T1014]  ? __pfx_cleanup_net+0x10/0x10
[ 1162.920000][ T1014]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1162.925307][ T1014]  ? process_scheduled_works+0x9ef/0x17b0
[ 1162.931201][ T1014]  ? process_scheduled_works+0x9ef/0x17b0
[ 1162.937141][ T1014]  process_scheduled_works+0xae1/0x17b0
[ 1162.942808][ T1014]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1162.948822][ T1014]  worker_thread+0x8a0/0xda0
[ 1162.953464][ T1014]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1162.959849][ T1014]  ? __kthread_parkme+0x7b/0x200
[ 1162.964816][ T1014]  kthread+0x711/0x8a0
[ 1162.968899][ T1014]  ? __pfx_worker_thread+0x10/0x10
[ 1162.974028][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1162.978626][ T1014]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1162.983844][ T1014]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1162.989043][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1162.993644][ T1014]  ret_from_fork+0x4bc/0x870
[ 1162.998250][ T1014]  ? __pfx_ret_from_fork+0x10/0x10
[ 1163.003386][ T1014]  ? __switch_to_asm+0x39/0x70
[ 1163.008182][ T1014]  ? __switch_to_asm+0x33/0x70
[ 1163.012955][ T1014]  ? __pfx_kthread+0x10/0x10
[ 1163.017550][ T1014]  ret_from_fork_asm+0x1a/0x30
[ 1163.022341][ T1014]  </TASK>
[ 1163.025733][ T1014] Kernel Offset: disabled
[ 1163.030067][ T1014] Rebooting in 86400 seconds..