last executing test programs:

10m14.549542883s ago: executing program 3 (id=375):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x200040c4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000002403000007feffff720af0ff0000020071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61142000000000001d430000000000007a0a00fe0000001f6114180000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081504507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5e7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927e2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28e6ce4d9791c73c2d37999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fcf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

10m13.906826201s ago: executing program 3 (id=378):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x3000408, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x4002, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c2)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x8000, 0x5)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}, {@workdir={'workdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x400)

10m13.61723798s ago: executing program 3 (id=381):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = socket$tipc(0x1e, 0x1, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000380)='/', 0x1}], 0x1, 0x0, 0x0, 0x40010}, 0x0)

10m13.293510189s ago: executing program 3 (id=385):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
syz_clone(0x48020000, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89101)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

10m12.975284307s ago: executing program 3 (id=390):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800000, &(0x7f0000000200)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c0074c3fc52ac6365d676e1"], 0x1, 0x3b6, &(0x7f00000006c0)="$eJzs3cFrm2UYAPCnadd20zUFRVARXwYevISu/gMrsoFYUOYi04PwzaYakiUjCZUM0eHFq/+B9+HRmyD+Azvo3Zu3XTzuMPZJ8iVd0mWbtbZh+vtB+Z587/t8fb835OPJITx3r353vbHbrexmvShdSFGKiNK9iPVhVFgYHUvDeDkm3Yo3y1d/f+2Djz5+d2t7++LllC5tXXlrM6W09vrPX3z5w7lfes99+OPaTytxZ/2Tu39u/nHnpTsv331w5fN6N9W7aandS1m61m73smvNWtqpdxuVlN5v1rJuLdVb3Vpnany32b5xo5+y1s7ZMzc6tW43Za1+atT6qddOvbV+yj7L6q1UqVTS2TPB01RvX76cbRXx6hPmXTipBXEMOp2tbPAZXnlkpHp7LgsCAObqqPX/8tHq/9Z0/X8quo3KC28Ulz50/d9R/x/SZP3Pf9Wg/l8efX4jIn/4PUD9DwAAAAAAAAAAAAAAz4J7eV7O87w8Pu7/OGD0es7L45g98v4f+Jv3+jheEz/cW41ofrtX3asWx2J8azfq0YxabEQ57g8eC2NFfOmd7YsbaWg9zl7/eph/7teI6uJ0/vkox/rs/PNFftrPj8HxVJyZzN+Mcrw4O39zZv5ybHw/kV+Jcvz2abSjGTvDx9vD/K/Op/T2e9sH8leG8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4f6iksVej6Hu/V404HXuj/v2VhxPWp/vjF/mj/vql2Ihy3J/dn39jZn/+pXhlab73DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABj3f7NRtZs1jonFYx7/g/PLI+Dx2ctFNNvHRg6HdOTV552nb8f5HmeP8jzfGqodKjrnB7d5IyhwZW/WS2GizM7rX9re1cXTvStPEpwKiKeMCcfbeDk0GL8k//1/P4+z5yzEhHHeqdrg6A0/w0/dHDijyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYu/2m34MXC/NeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPS7d9sZM3mYmcU1KaDpTh4JmsuxmMmPy6Y9z0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8S/4KAAD//xp0CCU=")
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

10m12.52559718s ago: executing program 3 (id=393):
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x100)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12)

10m12.423385983s ago: executing program 32 (id=393):
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x100)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12)

10m10.75613108s ago: executing program 0 (id=405):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x2, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff", 0x0, 0x0, 0x0, 0x0, 0x1})
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r1, r1, r1}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})

10m10.001589661s ago: executing program 0 (id=406):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x81c0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = fanotify_init(0xf00, 0x181000)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0xa880, 0x97)
fanotify_mark(r0, 0x5, 0x4800003e, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000ac0)='./file1\x00', 0x80642, 0x10)

10m9.831586556s ago: executing program 0 (id=407):
socket$pppoe(0x18, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
inotify_init1(0x800)
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')

10m9.061679637s ago: executing program 0 (id=410):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, 0x0)

10m8.857477143s ago: executing program 0 (id=412):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x80104d12, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0})

10m8.585642041s ago: executing program 0 (id=415):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x18, r3, 0x301, 0x70bd29, 0x25dfdbff, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20008890}, 0x10)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10m8.355113547s ago: executing program 33 (id=415):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x18, r3, 0x301, 0x70bd29, 0x25dfdbff, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20008890}, 0x10)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m22.635400635s ago: executing program 2 (id=1410):
syz_io_uring_setup(0x22f, &(0x7f0000019140)={0x0, 0x8ffd, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000), 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001000000000000fffd000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc980000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000006c0003806800008008000340000000025c000b802c0001800a0001006c696d69740000001c0002800c00024000000000000000030c00014000000000000100002c0001800a0001006c696d69740000001c0002800c00024000000000800000000c000140000000000000000814000000110001"], 0xfc}, 0x1, 0x0, 0x0, 0x4000850}, 0x844)
syz_open_procfs(0xffffffffffffffff, 0x0)

5m19.523675603s ago: executing program 2 (id=1415):
unshare(0x2040400)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x7, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
io_setup(0xbf, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[], 0x6)

5m17.734196983s ago: executing program 2 (id=1417):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0xe, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r9, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x6, 0x8d, 0x6, 0xd07f, 0xfff, 0x7, 0x10000, 0x5, 0x8, 0x8, 0x7fffffff, 0x5, 0x0, 0x10001, 0xb85, 0xd, 0x6, 0xbac07f81, 0x9, 0x0, 0x4, 0x200, 0xffffffff, 0xffffffff, 0x7, 0x648, 0x80000001, 0x9, 0x81, 0x8000, 0x10000, 0x9, 0x9, 0x1, 0x3, 0x5, 0x6, 0x10000, 0x5, 0x101, 0xb67d, 0x8e, 0x8, 0x6, 0xfffff801, 0x5, 0xfff, 0x6, 0x1, 0x400, 0x7, 0x10001, 0x80, 0x4, 0x2, 0x0, 0x9, 0x40, 0x4, 0x8878, 0x0, 0x8ce, 0x7b, 0x6, 0x100, 0x0, 0x1, 0x400, 0x2, 0x8, 0x2b, 0x7f, 0x5, 0xfc7, 0x0, 0x6, 0x7, 0x1, 0x0, 0x2, 0x3ff, 0x1, 0x8, 0x5, 0x2, 0x1, 0x1, 0x2, 0x2, 0x4, 0x7, 0x10000000, 0x2, 0xc, 0x8, 0x64e, 0x1, 0x4, 0x3, 0x4, 0x7f, 0x3ff, 0x1, 0x4, 0x1, 0x400, 0x9, 0xc4c, 0x8000, 0x12d170f1, 0x8, 0x7f, 0x2, 0x1, 0xa27a, 0x764, 0x0, 0xc, 0x2, 0x2, 0x7, 0x5, 0x1000, 0x0, 0x0, 0x3, 0xcc4a, 0x4, 0x40, 0x6, 0x9, 0xc, 0x3, 0x3, 0x5, 0x5, 0x6, 0xbf, 0xf, 0x312, 0x4, 0x6, 0x800, 0x9, 0x8f7, 0x7, 0xfffffffe, 0x1ff, 0xfff, 0x9, 0x1, 0x4, 0xf, 0x6b5, 0x0, 0x40, 0x7, 0xb, 0x7, 0xc4, 0x3, 0x5, 0x3, 0x6, 0x5, 0x100, 0x1d6, 0x3, 0x7f, 0x6d5, 0xb9de, 0x0, 0x7fffffff, 0x7, 0x8, 0x9, 0xc54, 0x8001, 0x4, 0x7fffffff, 0x8, 0x81, 0x1, 0x8, 0x6, 0x8, 0x5, 0xf3, 0x9, 0x81, 0x5, 0x10000, 0xfff, 0x64, 0x5, 0xf1f8, 0x0, 0xe, 0xfffff001, 0x8, 0x8001, 0x2b0000, 0x7f, 0x5, 0x6, 0xffffffff, 0xc7, 0x7ff00000, 0x9, 0x200, 0xb9c, 0x2, 0x4, 0x800, 0x7, 0x7f, 0x8, 0x20000, 0x7, 0xac6, 0x9, 0x9, 0xfffffce9, 0x1, 0x2, 0x80, 0x38, 0x16e1d229, 0x8, 0x9, 0x4, 0x6, 0x80000000, 0x4, 0x5, 0x3, 0xb3e1, 0x0, 0x100, 0x4, 0x7, 0x1, 0x8, 0x7fffffff, 0x2, 0x7fffffff, 0xe3, 0x7, 0x5, 0x9, 0x3, 0x2, 0x7ff, 0x8, 0x3, 0x30000000]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg(r0, &(0x7f00000023c0)=[{{&(0x7f0000000040)=@ll={0x11, 0x6, r10, 0x1, 0x4}, 0x80, 0x0}}], 0x1, 0x40004)

5m13.510538142s ago: executing program 2 (id=1425):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x21800, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xf2, 0x207fff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
syz_open_dev$dvb_demux(0x0, 0x0, 0x20000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002080), 0x284e83, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote, 0x0, 0x2, 0xff}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
r6 = dup3(r5, r3, 0x0)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)

5m8.737076725s ago: executing program 2 (id=1433):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfffe, r2, 0x0}])
socket(0x10, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280", 0x13}, {&(0x7f00000003c0)}], 0x2}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

5m4.566376013s ago: executing program 2 (id=1436):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r1, 0x801, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000010)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000280))
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000940)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0x804)
fallocate(0xffffffffffffffff, 0x0, 0x8, 0x1000f4)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

4m49.280325822s ago: executing program 34 (id=1436):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r1, 0x801, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000010)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000280))
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000940)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0x804)
fallocate(0xffffffffffffffff, 0x0, 0x8, 0x1000f4)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

21.553891605s ago: executing program 5 (id=1902):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x8, 0x3, 0x248, 0xd8, 0x43, 0xa0, 0x0, 0x98, 0x1b0, 0x178, 0x178, 0x1b0, 0x178, 0x49, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'bridge_slave_0\x00', {0xff}, {}, 0x11, 0x2}, 0x12a, 0x70, 0xd8, 0x0, {0x0, 0x7a010000}}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7fff, 0x0, '\x00', 'syz1\x00'}}}, {{@ip={@local, @empty, 0xff000000, 0xff, 'pim6reg0\x00', 'macsec0\x00', {0xff}, {}, 0x0, 0x0, 0x68}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1b, 0x800, 0xd, 0x7, 'syz0\x00', 'syz1\x00', {0x1}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2a8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000000)={[{@debug}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P")
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x88}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x8, 0x201)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2200008, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x6}}, {@norecovery}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@inlinecrypt}, {@grpquota}, {@norecovery}]}, 0x3, 0x5a8, &(0x7f0000000a40)="$eJzs3U1rG0cfAPD/ynLenycOhND2UAw5NCWNHNt9SaGQ9Fja0EB7T4WtmGA5CpYcYjeQ5NBceimhUEoDpR+g9x5Dv0C/Qi+BNhBKMO0hF5WVV7EiW7Yli9i1fj9YeWZ35dn/7sxoVrtiAxhYo+lLLuLViPgmiTjasiwf2cLRlfWWn96aSqck6vXP/koiyeY110+yv4ezzCsR8etXEadza8utLi7NFsvl0nyWH6vNXR+rLi6duTpXnCnNlK5NTE6ee2dy4v333u1brG9e+uf7Tx9+dO7rk8vf/fz42P0kLsSRbFkzjoPbK+JOa2Y0RrN9MhwX2lYc3145u06y0xtAT4aydj4caR9wNIayVg/sfbcjog4MqET7hwHVHAc0z+1bz+cHwZMPV06A1safX/luJA7sT18PLScvnBml57sjfSg/LeOXPx/cT6do+z6l3e0Xs0N9KB4YYHfuRsTZfH5t/5dk/V/vzja+PN5YexmD9vkDO+lhOv55a73xT645/mm8to9/Dq/TdnuxefvPPW5bJenntYZ0/PfBuuPf513XyFCW+19jzDecXLlaLp2NiP9HxKkY3p/mN7qec275Ub3TstbxXzql5TfHgtl2PM7vf/E908VacTsxt3pyN+K11fFvEmv6/wONsW778U/3x6UtlnGi9OD1Tss2j7/V7a0HtkX1nyLeWPf4r9ayZOPrk2ON+jDWrBVr/X3vxG+dyu8u/v57cnelom8Q/0jSer222n0ZPx54Vuq0rNf6vy/5vJHetzLrWb1Yq82PR+xLPmmdHzfT+ROr723mb2brp/X/1MmN+7/16v/BiPhii/HfO36v46rdHv9tXp9eI41/uqvj333i0cdf/tB7/Onxf7uROpXN2Ur/t9UN3M6+AwAAAAAAgN0mFxFHIskVnqdzuUJh5f6O43EoV65Ua6evVBauTUfjt7IjMZxrXuk+2nI/xHh2P2wzP9GWn4yIYxHx7dDBRr4wVSlP73TwAAAAAAAAAAAAAAAAAAAAsEsc7vD7/9QfnjAFe59HfsPg2rT99+NJT8Cu1KH99/9pW8CuY/wPg0v7h8HVaP8dH9EJ7GU+/2Fw9dD+3RoAe4TPfxhc+biz05sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe8mlixfTqb789NZUmp++sbgwW7lxZrpUnS3MLUwVpirz1wszlcpMuVSYqsxt9v/Klcr18YlYuDlWK1VrY9XFpctzlYVrtctX54ozpcul4ZcSFQAAAAAAAAAAAAAAAAAAAPy3VBeXZovlcmm+q8Tv0cu7VhO5bZX+shPnY1dsRs+JZLP9fD47HD0Vkd/5ACW6Swxlx3vDlXeoQwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdfwbAAD//39JMAE=")
lseek(0xffffffffffffffff, 0x101, 0x1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
io_getevents(0x0, 0x6, 0x0, &(0x7f00000003c0), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
write$tun(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000064d0f793016c0600fe800000000000000000000000000025ff010000000000000000000000000001bf000708680000002f08000000000000071800000002040408008000000000000000060000000000000001080000000000000000c910000000000000000000000000000000010104000000000401090502000405020009000102000000000000c910ff02000000000000000000000000000100000000000062000828640000003306e30000000000fc00000000000000000000000000000000000000000000000000000000000001fc0000000000000000000000000000002c00d110680000003c0100000000000001050000000000000100000000000000730c01040000000000000000000000000000fffffffffffffc01000000000000000000000000000000000000000000000000000000000000ff010000000000000000000000000001fe80000000000000000000000000002cfc020000000000000000000000000000000000000000000000000000000000020000"], 0x1ac)

19.23813357s ago: executing program 5 (id=1906):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r2, @ANYRES8=r3], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local}}}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000001b80)=@ethtool_gstrings})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1, 0x12)

17.494109169s ago: executing program 5 (id=1909):
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f6003300", 0x10)
listen(r1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
semop(0x0, 0x0, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000240)=[0x7fff])
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
truncate(0x0, 0x400000f003)

13.169531711s ago: executing program 6 (id=1915):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x8)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f0000000080)='securityfs\x00', 0x0, &(0x7f0000000280)='\x02\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\xff\x01\x00\x00\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w\x04\xa2,\xda\xcep\x00nT\xfb\x99\xc7-2\x00\x00\xf8\xe5TW\xcd\xd7\x0e\x9c\bh\xae!]{x\xc1\x1fm )>\xfaC\x93\xc0S\xaf\f\x1a\fEik\x86\x15\xab\x909\xf8i\xc0\xa7\xa9\xb1\xbe\xc7\x1d\xe0\x18\xd2\xbaG|\xd5fC\x8d\t\x00/I\x8b\xbf\x94\xf4\x96[us\x96\x90\x8d\x9d\xfb\xdc\x7f0&\xab\x17@)\xf1\xc3Q\xb2M :\xaa\x99G\xdd\xa9E6A]@>\f\xb1n\x1a\x8c\xc6e7{@\x90\x8fz\xfcf\x88\x15A\x0e\xbf\xb8\xff\xa8\xb9\xab\x83>\xf9I0\xdd\x93#\x1e\x00\xed#\xc9\xd0Uk\xa6b\xa6/\x15\x92\xc6,p\xc9\xce\xe1\xc3\xd5\x89Lw\x17\x16\x18\xddh\xc8\x81w\x1e\x7f\xc7\x16\xe5\x96\x03\t\xc3\x94\xc7\xeb\xd6.\xfa\xb3\xe0\x1f\xa9\x19\xfaS\x1f[T\x1e\xc5nX\x84\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00=0\xc3\xbc\xfd\xce~\xe3\xcaO\"\xbb\xd1\x15\xf2y\xb91\x1d\xab\xeaO\x19\rH4\xc2\xe4\x922~K^K`55\xb7\xd1\n\xba\xb7,\xdb\xc2\x86\xc30bnc\x06\x06q\xe9\x97\fHA<\x94`\xf7H?\x86\xb8C9\b\x18vFWRdNee\xf1A\x06\x8f\x97\x99\xa5A\xfa\x94IfB\xa9\xf5\xd8\x83\xc5\b\x0eL\\Z\x80](f6D\x1a\xf7si\xa4l\xa8\x0f\xcc\xa1\xef\x1bCq\x0e\xf87\xfc\xce\x96cm\x83\x05S\x01Zj`dP:d\xba\x02\x14\xaa\x051\xd7\x87\x1b\xcb\xa2.\x89\x16CRx\x9b\x04\x1f\x8fA\t<\x99/\'tk\xcb\xd7|\x0f\xc9m\x95\x9a\n\v&\xca\xcd\x11\xec\xfd\x17a$.\xe9\x14\x8f\n\x15\x8d\rJ\x99\x8a\x87\x81\xc4S\x85L\xe5w\xa1\xbf\x91Q&6\x8e\xd1\x02\x19K\xd3\xab\xe5\xdc\xac\x05\x8dQ\xf4\x1aa\x86\xbc6\\\x06\xdf\x84\x00+F|\xa6\xc4\xab\x00G\xd0\x14N+\xf9\x84i?C\x81\x8eu\xd3\xcbg\xb7\a\xd9\x9a*\x17>\xac\x9d\x9d\xf6\t\xd8b\x19\x8a\x1e&\xde\x87-%\xf3\x8a2L\x1cQ2\f\x94\xf7\xf9\xadI\xedU\xabr\xe2\xe1\xc2{\b\xa8\xc2\n4\x0f\'\xed\xcc\xd7qG\xa7p\x8ct\xe3/l\v\x93\x8a\x95R\xd6\x19L\x85\x80\x18\x15\xcezn\xa8,i\xf1\x91@\xc0\xb1\a\xfd\xec\x95>\b(\xfa~O\xfd\xe2\a6b\x97\xc6$?;\x8eJ/P\x9d\x17\xaaU\xc4\b')
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, 0x0)
readv(r4, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/162, 0xa2}, {0x0}], 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x6, 0xfefe, 0x0, 'syz0\x00', 0xfffffefd}, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x20000080)

11.609367794s ago: executing program 1 (id=1918):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
read$FUSE(0xffffffffffffffff, &(0x7f0000000e80)={0x2020}, 0x2020)
r0 = socket(0x11, 0x3, 0xff)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000180)={0x28, 0x0, 0x2710, @hyper}, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001300)='/sys/kernel/address_bits', 0x80201, 0xe4)
write$cgroup_pid(r2, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x140301, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r7 = epoll_create1(0x80000)
poll(&(0x7f00000000c0), 0x0, 0x50c00000)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r7, 0x942e, 0x0)
rt_tgsigqueueinfo(0x0, 0xffffffffffffffff, 0x35, &(0x7f0000000140)={0x15, 0x81, 0x4})
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2})
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x2)

9.401898096s ago: executing program 1 (id=1919):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x45, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000080)={0x84, @local, 0x15, 0x3, 'sh\x00', 0x28, 0x5, 0x72}, 0x2c)
r1 = socket$kcm(0xa, 0x2, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e24, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x10000, 0xc, 0x2}}, 0x44)
sendmsg$sock(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffc}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000d40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20008014}], 0x1, 0x4814)
r5 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r5, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x8000}, 0xfffffffffffffdc5)

7.227391807s ago: executing program 6 (id=1921):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x9)
socket$rxrpc(0x21, 0x2, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101100, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x1f, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

7.225411477s ago: executing program 4 (id=1922):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r0 = socket(0xa, 0x3, 0x3a)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r1, 0x0, 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f0000ffd000/0x1000)=nil)
socket(0x10, 0x2, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
pipe(0x0)
r3 = open(0x0, 0x141b42, 0x8)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x1000, 0x800000000000000)
munlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f00000001c0)={0x18, 0x0, {0x0, @local, 'veth0_to_bridge\x00'}}, 0x1e)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x4, @local}, {0xa, 0x4e22, 0x5, @empty}, 0x0, {[0x0, 0xfffffff8, 0x0, 0xfffffffc]}}, 0x5c)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0xfffe, 0x9, @mcast2={0xff, 0x3}, 0x80}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x8)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10)
sendto$inet6(r4, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)

7.166738559s ago: executing program 1 (id=1923):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x1501)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f00000001c0))
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x4b5a9da54893e123, 0x3, 0x18, 0x3}, 0x8, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa9525000)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)

7.12196673s ago: executing program 4 (id=1924):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x0, 0xfffffffffffffffe, 0x0, 0x0, &(0x7f0000000000))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0xa5)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, r5, 0x533, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x2004c040}, 0x4000)
mknodat$loop(r3, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r3, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./file0\x00', 0x1400)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./bus\x00')

6.221343715s ago: executing program 6 (id=1925):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000400000006000000450000000010"], 0x48)
r2 = openat$iommufd(0xffffff9c, &(0x7f0000000340), 0x200, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r2, 0x3ba0, &(0x7f0000000600)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x4, 0x2c32dd, 0x7d, &(0x7f0000000500)="30181b18cdf82b2fe1f19a426f4ef031548ad89e8a6c7a919adc77d91c2269856056f5135bfd781b1104bbda3daac0be057f1a55191e42c73d406bcac9c4ef14175ee13b5a58cc1f69ee1d2058fb5b20aad0bd6879b4367a28d1a8522c08b087f02a676a7c7224ced6ea1ab8436410cfe04a4af08b6b1995885c4cb4f4"})
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty}, @can, @nl=@unspec, 0xa00, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYBLOB="0840000000000000280012800b0001006272696467650000180002800c002e0003000000030000000500070008000000c1b80e9945683563cbb828941db538a23b153fecb7239db28aea5aa3aab9b3d0d0c9a3af0a70a817445b56cfd5b3586912a5"], 0x48}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r5, 0x11, 0x64, 0x0, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000380)=0x9)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000002900)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x50, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x40000010)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000011}, 0x20000084)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x1)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
r7 = openat$hwrng(0xffffff9c, &(0x7f0000000380), 0x800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x200000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000321, 0xe, 0x0, &(0x7f00000007c0)="63eced8e460100000001acf12a04", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5.973505782s ago: executing program 5 (id=1926):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000))
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x2, 0x0, 0x4000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
ioctl$int_in(r4, 0x5452, &(0x7f0000001840)=0x5d4)
keyctl$get_persistent(0x16, 0x0, 0xfffffffffffffffb)
write$P9_RLOPEN(r4, &(0x7f00000000c0)={0x18, 0xd, 0x1, {{0x1, 0x4, 0x7}, 0x3}}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
semget$private(0x0, 0x0, 0x39d)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000314000/0x3000)=nil, 0x3000, 0x8)

5.972866652s ago: executing program 1 (id=1927):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000008c0)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010029bd7000fedbdf2507100000", @ANYRES32=r1, @ANYBLOB="80007e0a0a000200aaaaaaaaaa1c"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x24008000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40)=@newtaction={0x1ec0, 0x30, 0x1, 0x1070bd2b, 0x25dfdbde, {}, [{0x1eac, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0xef, 0x1, 0x8000, 0x2}}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x16, 0xf2, 0x3, 0x7}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_pedit={0x1e50, 0x1a, 0x0, 0x0, {{0xa}, {0x1d78, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x74, 0x5, 0x0, 0x1, [{0x4}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x2c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}, @TCA_PEDIT_PARMS={0xec8, 0x2, {{{0x4532b05a, 0x80000001, 0x3, 0x9, 0x800}, 0x4, 0x1, [{0xff06, 0xea, 0x80000001, 0x7c, 0x95a6, 0xffffffff}, {0x2, 0xfffff001, 0x6, 0x200, 0x10000, 0x1}, {0x6, 0x10001, 0x2, 0x8, 0x9, 0x8}, {0x0, 0x5, 0xc1, 0x4, 0x6, 0xa}, {0x1ff, 0xb, 0x200, 0x5a5, 0x4, 0x7f}, {0x56, 0x2, 0xfffff801, 0x9, 0xd, 0xfffffff4}, {0x80000000, 0x0, 0xd, 0x9, 0xffffffff}]}, [{0xe, 0xf, 0xb, 0xc3, 0xffffff4b, 0x1}, {0x9, 0x7, 0x2, 0x9, 0x80, 0x5}, {0x3, 0x277, 0x0, 0x800008, 0x5, 0x80000001}, {0x8, 0x4, 0x8, 0xcc, 0x3a, 0xb}, {0xb, 0x8001, 0x8, 0x40, 0x7f}, {0x0, 0x6, 0x7f, 0x0, 0x37e1, 0xc5}, {0x9, 0x0, 0x0, 0x7, 0x1, 0x7}, {0x4, 0xa18, 0x2, 0xbbae, 0x2, 0x6}, {0xffffc72a, 0x3, 0xfffffff3, 0x68be5e74, 0x6, 0x7ff}, {0x7f, 0x9, 0x4, 0x10, 0xff, 0x1ff}, {0x2, 0x101, 0x800, 0x0, 0x1000, 0x8}, {0x3, 0x1, 0x800, 0x0, 0xdf, 0x1}, {0x1ff, 0x1c400000, 0x10001, 0x8, 0x5, 0xfffffffd}, {0x81, 0x1, 0x3, 0x4, 0x7, 0x5}, {0x4, 0x3f5, 0x2, 0x1, 0x3, 0x4}, {0x6, 0x6, 0x2226, 0x4, 0xe, 0xfffffffb}, {0xfffffff8, 0x7f, 0x200, 0x4, 0x1, 0x4}, {0x4, 0xde2, 0x1, 0x2, 0x0, 0x5}, {0xffffffff, 0x2, 0x2, 0x8000, 0x101, 0x1}, {0x3, 0x0, 0x7, 0x1, 0x2, 0x5}, {0x401, 0x4, 0xffff, 0x9, 0x0, 0xffff}, {0x101, 0x6, 0xd7cd, 0xfff, 0x6, 0x5}, {0x3, 0x7, 0x80000000, 0x6, 0x2, 0x37}, {0x800, 0x4, 0x3, 0x9, 0x7fffffff, 0x2}, {0x6, 0x3, 0xd, 0x75c, 0x8, 0xa}, {0x8001, 0x9, 0x6, 0xf6, 0x9, 0x8}, {0x6, 0x6, 0x5, 0x9, 0x2, 0x9b}, {0x4, 0x9, 0x100, 0x0, 0x10, 0x10001}, {0x8, 0x6, 0x2, 0xfffffffb, 0x1, 0xdb}, {0x3, 0x9, 0x80000000, 0x6, 0x3, 0x7}, {0x4384, 0xffffff55, 0x6, 0x7, 0x10, 0x22}, {0x6002dc86, 0x48e, 0x7, 0x3ff, 0x8000, 0x1ff}, {0x5, 0x7ff, 0x311ed267, 0x2, 0x7}, {0xfffffffd, 0x80, 0x4, 0x1000, 0x1, 0x40}, {0x7, 0x7fffffff, 0x8000, 0x0, 0x2, 0xb}, {0x6, 0x3ff, 0xfff00000, 0x6d, 0x6, 0x7fff}, {0x8, 0x80000000, 0x0, 0x5, 0xa, 0x1}, {0x4, 0x7, 0x3, 0x7fff, 0x0, 0xff}, {0x52, 0xb9, 0x7, 0x4, 0x0, 0xfffffc01}, {0x9, 0x6, 0x8, 0x1, 0xe0000, 0x8}, {0x9, 0x24, 0x3a, 0x200, 0x9, 0x1}, {0x0, 0x200, 0xc7, 0x9, 0x3ff, 0x400}, {0x8001, 0x9, 0x9, 0xc9, 0x8, 0x8}, {0x5, 0x8, 0x3, 0x3ff, 0x80000001, 0x4}, {0x3673, 0x40, 0x607, 0x10, 0x7f2, 0x3}, {0x7fff, 0x7fffffff, 0x2, 0x8000, 0x7ff, 0xffffffff}, {0x1, 0x7, 0xd993, 0xffff5457, 0xfffffff8}, {0x1, 0x4, 0xb, 0x5, 0x41a4, 0x9}, {0x7fff, 0x9, 0xfd, 0x0, 0xffff}, {0x91, 0xea0a, 0x4, 0x9, 0x3}, {0x4c, 0x6, 0x48f, 0x0, 0x7}, {0x3, 0x8a, 0x9, 0xe, 0x7, 0xfffffffc}, {0x4, 0x0, 0x7fffffff, 0x6, 0x8001, 0x7fffffff}, {0x200, 0x2748, 0x1, 0x401, 0xb, 0x8}, {0x90, 0x1ff, 0x9, 0x800, 0xc1f4, 0xbe9}, {0xf, 0x7f, 0xfffff801, 0x6, 0x2, 0xe}, {0x4, 0x7, 0x4, 0x9, 0x8001, 0x4}, {0x9, 0x9, 0x800, 0x800, 0x2, 0x1f}, {0xfffffffe, 0x5, 0x3, 0xf, 0xfff, 0x3}, {0x500, 0x4, 0x7fff, 0x10, 0x5, 0x100}, {0xe49e, 0xfffffffa, 0x7, 0x1, 0x100, 0x7}, {0x3, 0x4, 0x3, 0x80000001, 0x6d, 0x7f}, {0x5, 0x306e, 0x4, 0x7, 0xffffffff, 0xc42}, {0x5, 0x8, 0x6000000, 0x9, 0x3ff, 0x81}, {0xcf, 0x7a3f, 0x2, 0x10, 0x7a, 0x5}, {0x81, 0x7, 0x0, 0x5, 0x7ff, 0xbac2}, {0x2, 0x2, 0x9e65, 0xc6f, 0x169c, 0x2c}, {0x311a, 0x9, 0x10, 0xf, 0x6, 0x3}, {0x80, 0x10001, 0xcbab, 0x3, 0x7, 0x4}, {0x100, 0x3ffc000, 0x7eb2, 0xfff, 0x4, 0x1}, {0x7, 0x9, 0x3, 0x0, 0x101, 0x3}, {0x5, 0x3, 0x4, 0x1, 0x4, 0x7}, {0x7, 0x4, 0x7ff, 0x13, 0x0, 0x3b}, {0x401, 0x5, 0xffff, 0x9, 0x3, 0xffffff72}, {0x3, 0x7fffffff, 0x5, 0xffff786e, 0x3}, {0x4, 0x8b3, 0x17, 0x2, 0x1, 0x7}, {0x7, 0xdf0e, 0x6, 0x6, 0x6, 0x200}, {0x800, 0x5, 0x0, 0x200, 0x9137}, {0x5, 0x4, 0x0, 0x0, 0xa, 0x9a28}, {0x10000, 0xe1, 0x5, 0x9, 0xffffffff, 0x1}, {0x7, 0x6, 0x4, 0x98, 0x34, 0xfffffffd}, {0x3618, 0x6, 0xaec, 0x9, 0x4, 0xfffffffc}, {0xa, 0x101, 0x40, 0x3, 0x2, 0x80000001}, {0x400, 0x1, 0x1, 0x4, 0x101, 0x7}, {0x9, 0x7f, 0xff, 0x1, 0x2, 0xbd}, {0xa827, 0x1e5, 0xccc, 0xffffffff, 0x5c, 0xf}, {0xb, 0x1, 0x8, 0x5, 0x4, 0x27}, {0x1a23, 0x8, 0x6, 0x4, 0xffff7fff, 0xba9}, {0x4, 0x3, 0x8, 0x8, 0x0, 0x9}, {0xff, 0x9, 0x7, 0x10001, 0x2, 0x40000}, {0x0, 0xa2, 0x4, 0x8, 0x80, 0x80000000}, {0x7fff, 0xa, 0x3, 0x8, 0x401, 0x54}, {0x9, 0x4, 0x81, 0x80, 0x2a, 0x7}, {0x6, 0x7fffffff, 0xff, 0x5a8, 0x38e6, 0xf7}, {0x1, 0x8, 0x3, 0x7, 0x6, 0x8}, {0x2, 0xb, 0xecbc, 0x1, 0x3, 0x7}, {0x9, 0x1, 0x2, 0x2, 0x5, 0x1}, {0x2, 0x5, 0x2, 0x3, 0x3, 0x10001}, {0x1ae, 0x3, 0x5b739eed, 0x7, 0x6f9, 0x7fff}, {0x3, 0xecd, 0x4ab1, 0x1, 0x7fffffff, 0x5}, {0x3, 0x10001, 0x9, 0x4, 0x2, 0x3}, {0x80000000, 0x0, 0x2, 0xfffffff2, 0x5, 0x9}, {0x1, 0xffffffff, 0x1, 0x1, 0x840, 0x2}, {0x57, 0x10001, 0x0, 0x5, 0xa8, 0x8}, {0x0, 0x9, 0x5, 0x7, 0xfffffff8, 0x80000000}, {0x2, 0x9, 0x6, 0x3, 0x6, 0x7800}, {0x514c, 0x3, 0x2, 0x3, 0xf, 0x7}, {0x3ff, 0x0, 0x1, 0x5, 0x5, 0x6}, {0x329b, 0x223, 0x3, 0x9, 0x5, 0xf}, {0x2, 0xa, 0x3, 0x8, 0x1, 0xfffffff8}, {0x5, 0x8001, 0x1, 0x4, 0x3, 0xffff}, {0x8, 0x5, 0x372, 0x9, 0x7f, 0x9}, {0x1, 0x9, 0x4, 0x5, 0x9, 0x96be}, {0x4, 0x9f, 0x6, 0x4, 0x2, 0x4}, {0x3, 0x2, 0x5, 0xf, 0x6b17}, {0x8001, 0x40, 0x2, 0x9, 0xffff8000, 0xf}, {0x5, 0x8, 0x1, 0xa00, 0x80, 0x6}, {0x10001, 0x0, 0x1000, 0xfffffff9, 0x3ff, 0x1000}, {0x4, 0x6, 0x4, 0x6, 0x0, 0x9}, {0xfffffffb, 0x7, 0x9, 0x5, 0x2, 0x8}, {0x9, 0x4, 0x7fff, 0x8, 0x8, 0x81}, {0x7, 0x5, 0x10, 0x4, 0xc4da, 0x8001}, {0x2, 0x2, 0xf49, 0x7ff, 0x3, 0x6000000}, {0x8, 0x9, 0x7ff, 0x7233, 0x1000}, {0x200, 0x8bd, 0x1, 0x8, 0x200, 0x9}, {0x100, 0x9407, 0x5, 0x8, 0x0, 0x6}, {0x5, 0x5, 0x2, 0xe6, 0x3, 0x5}, {0x3, 0x3, 0xc0000000, 0xd, 0x7, 0x9}], [{0x2}, {0x1, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x1}, {0x0, 0x1}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x5}, {0x4}, {0x2}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x3, 0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x0, 0x28e1bf8e76b2579d}, {0x2, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x5}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x3}, {}, {0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2}, {0x4}, {0x0, 0x1}, {}, {}, {0x3}, {0x2, 0x1}, {}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {0x5}, {0x237c0e8f9fe9ab90, 0x1}, {0x3}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x8, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x4}, {0x3, 0x1}, {0x3, 0x1}, {}, {0x1}, {0x4, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x1}, {0x5, 0x1}, {}, {0x3}, {0x2}, {0x5, 0x1}, {0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x3, 0xbb37bf05cb3b7a1e}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x2}, {0x2, 0x1}, {0x4}, {0x5}, {}, {0x1}, {0x2, 0x1}, {0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x3}, {0x5}, {0x3}, {0x2}, {0x5}, {}, {0x3}, {0x1}, {0x6, 0x1}]}}, @TCA_PEDIT_PARMS_EX={0xe38, 0x4, {{{0x5, 0x0, 0x8, 0x10}, 0x6, 0xb, [{0xb, 0x2, 0x1, 0x6, 0x3}]}, [{0x8, 0x9, 0x5, 0x7ff, 0x7, 0x4c1e}, {0x4, 0x8, 0x0, 0x1}, {0x3, 0x4, 0x1, 0x7, 0x80, 0x100}, {0x1, 0x9, 0x200, 0x0, 0x1}, {0x6, 0xfffffffa, 0x3, 0xffffffed, 0x40, 0x3}, {0x87, 0x0, 0x1, 0x2, 0xc8, 0xe000000}, {0x7, 0xa0, 0x3ff, 0x4, 0x200, 0x1}, {0x1, 0x4, 0xd, 0x5, 0x0, 0xdd2}, {0x2, 0x1, 0xc0000000, 0x64, 0x2, 0x8}, {0x5, 0x3, 0x0, 0xe00, 0xb28, 0x7ff}, {0x1, 0x9, 0x80000000, 0x1, 0x5}, {0x4, 0x1000, 0x5, 0x9, 0x0, 0xa}, {0x0, 0x1, 0x81, 0x2, 0x2, 0x8001}, {0x2, 0x7fffffff, 0x2, 0x2, 0x9d, 0x93b3}, {0xb2, 0xffffffff, 0x7, 0xfff, 0x2, 0xb}, {0x3, 0x6, 0x2, 0x3, 0x6, 0x2}, {0x0, 0x10, 0x1a87, 0x8, 0x7, 0x800}, {0xbc0, 0x2, 0x0, 0x80, 0x1, 0x2}, {0x6, 0x2, 0x5, 0x7ff, 0x6, 0x8}, {0x40db, 0x0, 0x3ffd, 0x4, 0x8d44, 0x5}, {0x0, 0x9, 0x3, 0x100, 0x9, 0x2e4}, {0xbe5, 0x6, 0x4, 0x2b, 0x2, 0x2}, {0x1, 0x80000000, 0x10, 0x9, 0x2, 0x5}, {0x9299, 0x661b, 0x9, 0x2, 0x90000000, 0x3}, {0xffffffff, 0x7, 0x9, 0xb759, 0xcf4a, 0x3}, {0x7, 0x4, 0xf1f51af, 0x1e, 0x0, 0x7ff}, {0xe, 0x0, 0x8, 0x0, 0x0, 0x2}, {0x4, 0x6, 0x62, 0x44, 0x9, 0x9}, {0x8a1, 0xb2b, 0x40, 0xffff, 0x6, 0x7}, {0xde73, 0x2, 0x1, 0x3, 0x7, 0x7}, {0x0, 0x0, 0x1, 0x2543fe95, 0xf, 0x2}, {0x3, 0x8, 0x6, 0x6, 0x5, 0x101}, {0xfffff800, 0xfffffff7, 0x984, 0x80, 0xff}, {0x8, 0x3c1d9059, 0xe, 0xff, 0x7fff, 0xc}, {0x7, 0xfffffffa, 0x4, 0x5, 0xddc5, 0x6}, {0x0, 0x5, 0xfffffff7, 0xfffffffc, 0x5, 0x7}, {0x5, 0x3, 0x5, 0x7, 0x101, 0xf}, {0x0, 0xc, 0x1, 0xff, 0xbcbe, 0x35fb936b}, {0xfffffff8, 0x5, 0xee1, 0x8000, 0x7, 0x80}, {0x73, 0xc8, 0xd, 0x0, 0xa, 0x81}, {0x3af, 0xf, 0xd, 0x5, 0xffff, 0xae}, {0x92, 0x9, 0x3, 0x3, 0x400, 0x6}, {0x4, 0x0, 0x776, 0x7f, 0x4, 0x2}, {0x8, 0x7, 0x10001, 0xf7, 0x3, 0xe18}, {0x2a52, 0x888, 0xceb4, 0xff, 0x7, 0x6}, {0x7, 0x1, 0xffffffff, 0xb, 0x1c20000, 0x46}, {0x3, 0x7f, 0x2, 0x5, 0x2, 0x2}, {0x0, 0x200, 0x5, 0x0, 0x7ff, 0x4}, {0xb0, 0x4e54, 0x0, 0x2, 0x6, 0x8}, {0xffffff99, 0xa, 0x0, 0xff, 0x8001, 0x4}, {0x1, 0x6, 0x0, 0x1000, 0x7f, 0x5}, {0xc08, 0x6, 0x503, 0xa, 0xa, 0x5b43b3e2}, {0x2, 0x1, 0x7604, 0xf5a, 0x100, 0xff}, {0x6, 0x8, 0xa94, 0xe, 0x200}, {0xfffffffd, 0x9d5, 0x80, 0x8, 0x9, 0x8000}, {0x3ff, 0x1, 0x7fffffff, 0x157, 0x2, 0x4}, {0xffffffff, 0x75, 0x2, 0xb29, 0x3, 0x2}, {0x9, 0x5, 0x8, 0x3, 0x1, 0xe61}, {0x1, 0x7, 0x400, 0x7, 0x0, 0xedb3}, {0x4, 0x446ccfb4, 0xb35, 0xffff, 0x5, 0x1}, {0x0, 0x9976, 0x400, 0x4, 0x6, 0x7}, {0x66, 0x1000, 0x7, 0x3ff, 0x4, 0x5}, {0x7, 0x1, 0xf, 0x40, 0x8000, 0x10}, {0x1, 0x94, 0x0, 0x3, 0x40, 0xa23}, {0x4, 0x96, 0x6, 0x3ff, 0x9, 0x9}, {0x9, 0x4, 0x1, 0x8, 0x5, 0x7}, {0xffffffff, 0x6, 0x3ed, 0x9, 0x1, 0x2801}, {0xb82, 0x2, 0x5, 0x0, 0xc58d, 0x1}, {0x3bd4, 0x9, 0x401, 0x8, 0x9, 0x3}, {0x52ef, 0x8, 0x4, 0x6, 0xbc, 0x3}, {0x63, 0x1, 0x1, 0xffffffff, 0xbf6, 0x6}, {0x7, 0x7, 0xca9, 0x4, 0x8000, 0xfffffffc}, {0x100, 0x2, 0x6, 0x4, 0x8000, 0x20c}, {0x6, 0x6, 0x13, 0x5, 0x0, 0x7fff}, {0xb, 0x2, 0x8f8a, 0x401, 0xfffffffd}, {0x74b, 0x4, 0x2, 0x7f, 0xff}, {0x84d, 0x7, 0x8, 0x1, 0x3, 0x7f}, {0x9, 0x2, 0x6, 0x4, 0x2, 0xe}, {0xc, 0x5, 0x45, 0x8, 0x7, 0x9}, {0x10000, 0x2, 0x1, 0x6, 0x2fc1ea3, 0x9}, {0x0, 0x1, 0xa0, 0x6, 0x6, 0x5}, {0x6, 0x4, 0x9, 0x5, 0xfff, 0x606}, {0xa, 0x9, 0x9, 0x0, 0x6, 0x6}, {0xc, 0x5, 0x0, 0x1ff}, {0xbe, 0x800, 0x43, 0x3, 0xffff57f3, 0x3}, {0x3, 0x6, 0xbf9, 0x0, 0x100, 0x3}, {0xc, 0x6, 0x5, 0xfff, 0x10001, 0x9}, {0x3, 0x80000000, 0x6, 0x201b, 0x6, 0x80000001}, {0x224, 0x3, 0x4, 0xe, 0x8, 0x72c}, {0x86, 0x9, 0x2, 0xff, 0x6, 0x5}, {0x4, 0x2, 0x1000, 0x2, 0x9, 0xffffffff}, {0x8, 0x9, 0x9, 0x5, 0x9db0, 0x7}, {0x2c00, 0x1, 0x9, 0x5, 0xcd95, 0x3ff}, {0x7, 0x8, 0x9, 0x0, 0x200, 0xcaf}, {0x7d26, 0xffffffff, 0x5, 0xd, 0x6, 0x1000}, {0x2000000, 0x80000001, 0x6, 0x9, 0x4, 0x81}, {0x8ca, 0x6, 0x0, 0x9, 0xffffffff, 0xf9a4}, {0x2, 0x3df, 0xfffffffd, 0x28a, 0xa0, 0x6}, {0x80000001, 0x8, 0x8, 0x5000000, 0xfff, 0x4}, {0x3ff, 0x5, 0x0, 0x9, 0x2, 0x2}, {0x4e, 0x1, 0xed3e, 0x0, 0x0, 0x3ff}, {0x4, 0xaa8, 0x4, 0xfbb, 0x12, 0x5}, {0xffffff81, 0x6, 0xffff, 0x4, 0x5, 0x1}, {0x40, 0x6, 0x3, 0x8, 0xfff, 0x4}, {0x6, 0xc, 0x1, 0xaef, 0x5, 0x3}, {0x7, 0x4b, 0xdfce, 0x0, 0x3, 0x5}, {0xbf8, 0xfff, 0x22a, 0x0, 0xcf}, {0x7, 0x8, 0x22, 0x6, 0x2, 0x5deefeec}, {0x5, 0x71, 0x9, 0x0, 0xcb24, 0x7}, {0x12f, 0x100, 0x7, 0xfffffff7, 0x10001}, {0x7, 0x400, 0x4, 0x6, 0x3, 0x6}, {0x5, 0x517, 0x400, 0x3, 0xfffffffe, 0x4}, {0xc, 0x7, 0x8, 0x100, 0xb, 0x3}, {0x9, 0x1, 0x4, 0x6, 0x5c75, 0x6}, {0x8, 0x9, 0x2cb, 0xe, 0x2, 0x9}, {0xfffffffb, 0x9, 0x2, 0x1e, 0x3, 0x3}, {0x0, 0x7fffffff, 0x400080, 0x2, 0xe, 0x6}, {0x5, 0x5, 0x6, 0x80000000, 0x0, 0x80000001}, {0x6, 0xd27, 0x200, 0x9, 0x2, 0x800}, {0x1, 0x3, 0x1, 0x1, 0x0, 0x29}, {0xb3d7, 0x7, 0x7e9c, 0x100, 0x7fffffff, 0xfffffffc}, {0x7, 0x188, 0x20000000, 0x7, 0x400}, {0x9, 0x6, 0xc06, 0x0, 0x9, 0x6}, {0x3, 0x7, 0x4, 0x0, 0xd, 0x2}, {0x9, 0x2, 0x8, 0x9}, {0x1, 0xffffffc0, 0x2, 0x3, 0x8, 0x5}, {0x3f12, 0x9, 0x5, 0x8, 0xf}, {0x60, 0x6, 0xfffff548, 0x8, 0x10, 0x2}], [{0x1}, {0x4}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x1}, {0x3, 0x1}, {0x5}, {0x5, 0x1}, {0x3}, {0x3}, {0x4}, {0x2}, {}, {0x0, 0x1}, {0x4}, {0x1}, {0x5, 0x1}, {0x1}, {0x4}, {0x2, 0x1}, {0x4}, {}, {0x4}, {0x1}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x5, 0x1}, {0x7, 0x1}, {0x4}, {0x2}, {0x1}, {0x3}, {0x0, 0x1}, {0x6}, {0x1}, {0x3, 0x1}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x2, 0x1}, {}, {0x1, 0x1}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x0, 0x1}, {0x23c014049601dbd9, 0x1}, {0x0, 0x1}, {0x4}, {0x3, 0x1}, {}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x7}, {0x3}, {0x5, 0x1}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x5}, {0x5, 0x1}, {0x0, 0x1}, {0x1}, {0x5, 0x1}, {0x796fd6896b29d8b3}, {0x1, 0x1}, {0x3}, {0x2, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5}, {0x2}, {0x4, 0x1}, {0x5}, {0x3}, {0x3}, {0x4, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x1, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {0x5, 0x1}, {0x2}, {}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x6}, {0x3}, {0x7}, {}, {}, {0x3}]}}]}, {0xae, 0x6, "14abd646d3a7f45551eef3735fb648e4e15e90dd979174e1f11ea0035960002dc3be7e179bea10e353c3c1755b499a336bf54fdbcc0cb8672818d8d2d36f733e39000662833ad852aba16d1123fd427bc844b0016032e989690d5525e592d3cb0fd21d9ef8a24a20b556715c37b3e83e0dfe67241d5f9ebd2f5f6a554d8f781b247873895c01091e5b01b20d95fa78fda22abbd8e58e340674dac1732ab6e42b1609c609f9f3552b8bc7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x1ec0}, 0x1, 0x0, 0x0, 0xc044}, 0x4000814)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6701c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x20000010})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r8})
socket$packet(0x11, 0x3, 0x300)
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f00000007c0)={0x28, 0x3, r8, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000002c0)={0x0, &(0x7f0000000280)})

5.972732402s ago: executing program 4 (id=1928):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
rt_tgsigqueueinfo(r0, r0, 0x2a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000002740), 0x80080)
fsopen(0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x2204c96, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000001c0)='\x00', 0x0, r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r5, 0xfffd, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r6 = socket(0x10, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000022c0)=ANY=[@ANYBLOB="9feb01001800000000000000400000004000000002000000000000000000000300000000020000000200000003000000000000000000000105000000080000000000000001000005000000000000000001000000000000000000a122d481344281c0bb15a77142f5c1de50b2f0400350b2d8548651b10d6af451b983e9cc134849cab4c6f15d498e"], 0x0, 0x5a}, 0x28)
write(r6, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x89ff, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xd1, 0x0, 0x0, @loopback, @multicast1}}}})

5.970005212s ago: executing program 6 (id=1929):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0x10, 0x2, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCRMFF(r1, 0x40095505, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
r3 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f0000000100)=0xffda)
write(r2, &(0x7f0000000040)="1c000000210025123510dbda164216270bdc3e51b6", 0x15)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8)
sendmmsg$sock(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@txtime={{0x18, 0x1, 0x3d, 0x800000000}}], 0x18}}], 0x1, 0x800)

4.98180931s ago: executing program 4 (id=1930):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x8)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f0000000080)='securityfs\x00', 0x0, &(0x7f0000000280)='\x02\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\xff\x01\x00\x00\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w\x04\xa2,\xda\xcep\x00nT\xfb\x99\xc7-2\x00\x00\xf8\xe5TW\xcd\xd7\x0e\x9c\bh\xae!]{x\xc1\x1fm )>\xfaC\x93\xc0S\xaf\f\x1a\fEik\x86\x15\xab\x909\xf8i\xc0\xa7\xa9\xb1\xbe\xc7\x1d\xe0\x18\xd2\xbaG|\xd5fC\x8d\t\x00/I\x8b\xbf\x94\xf4\x96[us\x96\x90\x8d\x9d\xfb\xdc\x7f0&\xab\x17@)\xf1\xc3Q\xb2M :\xaa\x99G\xdd\xa9E6A]@>\f\xb1n\x1a\x8c\xc6e7{@\x90\x8fz\xfcf\x88\x15A\x0e\xbf\xb8\xff\xa8\xb9\xab\x83>\xf9I0\xdd\x93#\x1e\x00\xed#\xc9\xd0Uk\xa6b\xa6/\x15\x92\xc6,p\xc9\xce\xe1\xc3\xd5\x89Lw\x17\x16\x18\xddh\xc8\x81w\x1e\x7f\xc7\x16\xe5\x96\x03\t\xc3\x94\xc7\xeb\xd6.\xfa\xb3\xe0\x1f\xa9\x19\xfaS\x1f[T\x1e\xc5nX\x84\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00=0\xc3\xbc\xfd\xce~\xe3\xcaO\"\xbb\xd1\x15\xf2y\xb91\x1d\xab\xeaO\x19\rH4\xc2\xe4\x922~K^K`55\xb7\xd1\n\xba\xb7,\xdb\xc2\x86\xc30bnc\x06\x06q\xe9\x97\fHA<\x94`\xf7H?\x86\xb8C9\b\x18vFWRdNee\xf1A\x06\x8f\x97\x99\xa5A\xfa\x94IfB\xa9\xf5\xd8\x83\xc5\b\x0eL\\Z\x80](f6D\x1a\xf7si\xa4l\xa8\x0f\xcc\xa1\xef\x1bCq\x0e\xf87\xfc\xce\x96cm\x83\x05S\x01Zj`dP:d\xba\x02\x14\xaa\x051\xd7\x87\x1b\xcb\xa2.\x89\x16CRx\x9b\x04\x1f\x8fA\t<\x99/\'tk\xcb\xd7|\x0f\xc9m\x95\x9a\n\v&\xca\xcd\x11\xec\xfd\x17a$.\xe9\x14\x8f\n\x15\x8d\rJ\x99\x8a\x87\x81\xc4S\x85L\xe5w\xa1\xbf\x91Q&6\x8e\xd1\x02\x19K\xd3\xab\xe5\xdc\xac\x05\x8dQ\xf4\x1aa\x86\xbc6\\\x06\xdf\x84\x00+F|\xa6\xc4\xab\x00G\xd0\x14N+\xf9\x84i?C\x81\x8eu\xd3\xcbg\xb7\a\xd9\x9a*\x17>\xac\x9d\x9d\xf6\t\xd8b\x19\x8a\x1e&\xde\x87-%\xf3\x8a2L\x1cQ2\f\x94\xf7\xf9\xadI\xedU\xabr\xe2\xe1\xc2{\b\xa8\xc2\n4\x0f\'\xed\xcc\xd7qG\xa7p\x8ct\xe3/l\v\x93\x8a\x95R\xd6\x19L\x85\x80\x18\x15\xcezn\xa8,i\xf1\x91@\xc0\xb1\a\xfd\xec\x95>\b(\xfa~O\xfd\xe2\a6b\x97\xc6$?;\x8eJ/P\x9d\x17\xaaU\xc4\b')
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, 0x0)
readv(r4, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/162, 0xa2}, {0x0}], 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x6, 0xfefe, 0x0, 'syz0\x00', 0xfffffefd}, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x20000080)

4.9815551s ago: executing program 6 (id=1931):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000300)=ANY=[], 0xff2e)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

2.753217712s ago: executing program 1 (id=1932):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x8)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000e780)=[{{0x0, 0x0, &(0x7f000000e3c0), 0x0, 0x0, 0x0, 0x400c000}}], 0x1, 0x41)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x1000000e, 0x8001, 0x5, 0x9, 0x638c, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket(0x1d, 0x4, 0x6)
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newqdisc={0x40, 0x24, 0xf0b, 0x4, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_TIMER_SLACK={0x8, 0xd, 0xc}, @TCA_FQ_INITIAL_QUANTUM={0x8, 0x4, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4015}, 0x8404)
r4 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, 0x0, 0xe4)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
mount$fuse(0x0, 0x0, 0x0, 0x84000, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
open_tree(0xffffffffffffff9c, 0x0, 0x101)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xfffffffd, 0x4, 0xb, 0x8001}})

2.049054283s ago: executing program 6 (id=1933):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

1.816945619s ago: executing program 5 (id=1934):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x1501)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f00000001c0))
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x4b5a9da54893e123, 0x3, 0x18, 0x3}, 0x8, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa9525000)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)

1.7574849s ago: executing program 1 (id=1935):
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f6003300", 0x10)
listen(r1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
semop(0x0, 0x0, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000240)=[0x7fff])
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
truncate(0x0, 0x400000f003)

910.188264ms ago: executing program 4 (id=1936):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, 0x0}, 0x4)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="6c000000090603000000000000000000f60000000900020073797a3100000061050001000700000044000780060004404e210000050007000c000180080001400a01010118000280140002400c00148008000140ffffffff10000000000000000000000000000000164640b6b9393bebe099b2e2d9513616cae2fa730223f959d55d6c2555e84978e07cd2d68135888b10f3f1e09e81896c6d80e9e91b3c62f9d9e46ef932f4b4ef60a1857adbf3ea362fa43fe52092d0350f7657bc25ed06e657"], 0x6c}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x44, 0x4, 0x2, 0x0, 0x1}, 0x50)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
io_uring_enter(0xffffffffffffffff, 0x4c5f, 0x2915, 0x2, &(0x7f0000000040)={[0x1000]}, 0x8)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r6=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r8, 0x0, 0x0}, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB, @ANYRES32=r6], 0x44}}, 0x28000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r1, &(0x7f00000003c0), &(0x7f0000000580)=@tcp=r3}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f00000003c0), &(0x7f0000000300)=@tcp=r2, 0x1}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000500)={'syztnl2\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x29, 0xff, 0x9, 0x3, 0x30, @ipv4={'\x00', '\xff\xff', @loopback}, @remote, 0x700, 0x8, 0x7, 0x7}})

244.982433ms ago: executing program 5 (id=1937):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x48}, {0x28, 0x0, 0x0, 0xffffefff}]}, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, r6, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)
fsopen(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000280)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x10007}}, {@test_dummy_encryption_v1}, {@acl}, {@data_ordered}, {@errors_continue}, {}, {@noblock_validity}]}, 0x1, 0x483, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnZn+WHZLS5ducT+fZLrvzcz2ve++eds37+02gJ41kv1IIjZGxOWIGI6ISvMJI/nDjWvna/9cO19Lol5/6+8ke1pcv3a+VvyKxpbZkO+o14v8uhblXnw3ojo9PXW6yI/NnPhg7MzZc88eO1E9OnV06uTEoUP79+0cODhxoCNxZnFd3/7xqR3bXn3n0uu1w5fe+/X7rL4bi+NlHJ00kr+6LT3R6cK6bNO8dFLpYkVYlqzd+ovtcgxHXwzNHhuOVz7rauWAO63S6u9z4UId+B/LBupALyr/0Gf3v+W2SuOONeHqi/mERxb3jWLLj1QiLc7pb7q/7aTBiDh84d9vsi3u0DwEAMB8P2bjn2dajf/SeGDeefcUayibI+LeiNgSEfdFxNaIuD+ice6DEfHQMstvXiG5efyTXlmQrfcts4TFZeO/54u1rYXjv3L0F5v7itymRvz9yZFj01N7i9dkT/Svy/LjC56y0E8v//FV874vi2n2kXnjv2zLyl8YYXqleYJusjpTXXnkuaufRmyvtIo/mV0HTCJiW0Rsv80yjj313Y52x1rFX46Fb6kD60z1byOezNv/QjTFX0rark+OP3dw4sDYYExP7R0rr4qb/fb7xTfblb+i+Dsga//1La//PP7sHjEZjDhz9tzxxnrtmdso5M/Pa0mbQ1tvGf/N139td8RA8nYjPVCeVTwOJK9lD0Pl/o+qMzOnJ+aeW+Ybj+N5/Ht2zcVfjbn+vyW/PWu8Eg9HRHYR74yIRyLi0aLtHouIxyNi1yLh//LS7vfbHWvf/ovMyndQFv/kIu2fveVlqbn2X36i7/jPP7Qrv76k9t/fSO0p9izl/W+pFVzJawcAAAB3i7TxGfgkHZ1Np+noaP4Z/q2xPq1ExNNHTn14cjL/rPzm6E/Lma7hefOh48XccJmfaMrvK+aNv+4bauRHa6emJ7sdPPS4DW36f+avzi61AGuR72tB79L/oXfp/9C79H/oXS90uwJAdwy03v3JatcD6Irlj/8H70g9gNXn/h96l/4PvUv/h57U9rvx6Yq+8n+3JiqN/1cQ3a5Gy8TQ2qhGmYh0TVRjLpFdziv5PW98kXeJNRLObKKy5H9mcZuJdS0PdfmNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEP+CwAA///fhNem")
socket$kcm(0x10, 0x3, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r8, 0xc008ae88, &(0x7f0000000240)={0x1, 0x0, [{0x40000108, 0x0, 0x149}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x800700, &(0x7f0000000300)={[{@data_err_ignore}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@stripe={'stripe', 0x3d, 0x2000}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq")

0s ago: executing program 4 (id=1938):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f0000000140)={'c6xdigio\x00', [0x9e0, 0x5, 0xfffffffe, 0x0, 0x8, 0x0, 0x5, 0x10, 0x1002, 0xffffffff, 0x1, 0x5, 0x344, 0x1, 0x4007, 0x7ff8, 0xf02, 0x3, 0x3, 0xe, 0x100, 0x6, 0x7, 0x80007, 0x5, 0x1, 0xb0c4, 0x7df, 0x9, 0x400007, 0x1]})
unshare(0x2c020400)
r4 = msgget$private(0x0, 0x0)
msgrcv(r4, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$kcm(0x2c, 0x3, 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000000)='vxfs\x00', 0x1000080, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)

kernel console output (not intermixed with test programs):

amed from eth3
[  157.265585][ T7520] binder: 7518:7520 ioctl c0306201 0 returned -14
[  157.334366][ T7413] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.412064][ T7413] 8021q: adding VLAN 0 to HW filter on device team0
[  157.431118][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.438276][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.465300][ T4226] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.472516][ T4226] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.621221][ T7534] overlayfs: failed to clone upperpath
[  157.923131][ T7413] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.990266][ T7413] veth0_vlan: entered promiscuous mode
[  158.007856][ T7413] veth1_vlan: entered promiscuous mode
[  158.055571][ T5774] Bluetooth: hci3: command tx timeout
[  158.082984][ T7413] veth0_macvtap: entered promiscuous mode
[  158.103664][ T7413] veth1_macvtap: entered promiscuous mode
[  158.130357][   T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  158.149433][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.168162][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.194926][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.212213][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.222449][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.238423][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.253652][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.285260][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.307289][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.323193][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.324463][   T23] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  158.335600][ T7413] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.347668][   T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.378796][   T23] usb 5-1: config 0 descriptor??
[  158.380231][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.395986][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.397059][   T23] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  158.406457][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.432609][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.442677][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.453999][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.463947][ T7413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.474498][ T7413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.486298][ T7413] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.502533][ T7413] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.512204][ T7413] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.521070][ T7413] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.531401][ T7413] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.624366][ T4226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.632922][ T4226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.679149][ T3504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.687203][ T3504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.423375][   T23] gspca_stv06xx: HDCS-1000/1100 sensor detected
[  160.095882][ T5774] Bluetooth: hci3: command tx timeout
[  160.156770][   T23] STV06xx: probe of 5-1:0.0 failed with error -71
[  160.190444][   T23] usb 5-1: USB disconnect, device number 2
[  160.822830][ T7596] kvm: pic: non byte write
[  161.138540][ T7606] loop5: detected capacity change from 0 to 2048
[  161.234707][ T7606] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.293264][ T7606] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  161.330189][ T7606] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  161.349341][ T7606] EXT4-fs (loop5): This should not happen!! Data will be lost
[  161.349341][ T7606] 
[  161.372394][ T7606] EXT4-fs (loop5): Total free blocks count 0
[  161.397052][ T7606] EXT4-fs (loop5): Free/Dirty block details
[  161.403065][ T7606] EXT4-fs (loop5): free_blocks=66060288
[  161.413311][ T7606] EXT4-fs (loop5): dirty_blocks=48
[  161.420205][ T7606] EXT4-fs (loop5): Block reservation details
[  161.435423][ T7606] EXT4-fs (loop5): i_reserved_data_blocks=3
[  161.493436][   T27] kauditd_printk_skb: 221 callbacks suppressed
[  161.493445][   T27] audit: type=1326 audit(1777515370.150:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.5.500" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4046d9cdd9 code=0x0
[  161.932819][ T4247] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[  162.175816][ T5774] Bluetooth: hci3: command tx timeout
[  162.732741][ T7667] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  163.445796][ T5805] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  163.660325][ T5805] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  163.690344][ T5805] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.730745][ T5805] usb 6-1: config 0 descriptor??
[  163.744537][ T5805] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  164.423234][ T7695] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  165.661998][ T5805] usb 6-1: USB disconnect, device number 2
[  166.200443][ T7706] loop4: detected capacity change from 0 to 32768
[  166.755268][ T7712] loop1: detected capacity change from 0 to 32768
[  166.906472][ T7712] JBD2: Ignoring recovery information on journal
[  166.994580][ T7712] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  167.814206][ T7413] ocfs2: Unmounting device (7,1) on (node local)
[  171.641180][ T7849] Bluetooth: MGMT ver 1.22
[  173.438215][ T7892] netlink: 'syz.4.561': attribute type 4 has an invalid length.
[  173.446614][ T7892] netlink: 17 bytes leftover after parsing attributes in process `syz.4.561'.
[  174.295559][   T42] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  174.485481][   T42] usb 2-1: Using ep0 maxpacket: 32
[  174.497669][   T42] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  174.506538][   T42] usb 2-1: config 0 has no interface number 0
[  174.515827][   T42] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  174.548010][   T42] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  174.562740][   T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.581923][   T42] usb 2-1: Product: syz
[  174.587467][   T42] usb 2-1: Manufacturer: syz
[  174.595850][  T788] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  174.599269][   T42] usb 2-1: SerialNumber: syz
[  174.623794][   T42] usb 2-1: config 0 descriptor??
[  174.635785][ T7895] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  174.795547][  T788] usb 5-1: Using ep0 maxpacket: 16
[  174.805274][  T788] usb 5-1: config 0 has an invalid interface number: 34 but max is 0
[  174.815482][  T788] usb 5-1: config 0 has no interface number 0
[  174.843769][  T788] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023
[  174.861380][  T788] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[  174.875958][ T7895] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  174.881686][  T788] usb 5-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[  174.900614][  T788] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.914588][  T788] usb 5-1: Product: syz
[  174.926709][  T788] usb 5-1: Manufacturer: syz
[  174.941702][  T788] usb 5-1: SerialNumber: syz
[  174.969133][  T788] usb 5-1: config 0 descriptor??
[  174.982600][ T7903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  174.993408][ T7903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  175.240365][ T7903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  175.284587][ T7903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  176.817631][   T42] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  176.848423][   T42] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  176.880799][   T42] asix: probe of 2-1:0.188 failed with error -71
[  176.915303][   T42] usb 2-1: USB disconnect, device number 7
[  177.295565][  T788] asix 5-1:0.34 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  177.325584][  T788] asix 5-1:0.34 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  177.365579][  T788] asix: probe of 5-1:0.34 failed with error -71
[  177.405589][  T788] usb 5-1: USB disconnect, device number 3
[  177.628941][ T7982] overlayfs: failed to clone upperpath
[  178.283757][ T7992] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 4294967272. macoff=96
[  179.445487][ T8024] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  179.458796][ T8024] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  179.495471][ T8024] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  179.512668][ T8024] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  179.521283][ T8024] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  179.540080][ T8024] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  179.583164][ T8024] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  179.605616][ T8024] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  179.619235][ T8024] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  179.647448][ T8024] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  179.667882][ T8024] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  179.701236][ T8024] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  179.904748][ T8031] warning: `syz.2.593' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  180.370985][ T8043] overlayfs: failed to clone upperpath
[  181.456247][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  181.491879][ T8072] overlayfs: failed to clone upperpath
[  181.535896][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  181.617139][ T5774] Bluetooth: hci2: command 0x0c1a tx timeout
[  181.697612][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout
[  182.555871][  T788] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  182.765481][  T788] usb 6-1: Using ep0 maxpacket: 32
[  182.773361][  T788] usb 6-1: config 0 has no interfaces?
[  182.784624][  T788] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  182.794253][  T788] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.815078][  T788] usb 6-1: config 0 descriptor??
[  182.945552][  T968] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  183.086569][  T788] usb 6-1: USB disconnect, device number 3
[  183.129551][  T968] usb 2-1: Using ep0 maxpacket: 32
[  183.152343][  T968] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  183.172223][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.185757][  T968] usb 2-1: Product: syz
[  183.198598][  T968] usb 2-1: Manufacturer: syz
[  183.216271][  T968] usb 2-1: SerialNumber: syz
[  183.225030][ T8126] Invalid argument reading file caps for ./file0
[  183.231950][  T968] usb 2-1: config 0 descriptor??
[  183.241373][  T968] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  183.535718][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  183.615574][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  183.632657][ T5755] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  183.710700][ T5774] Bluetooth: hci2: command 0x0c1a tx timeout
[  183.785629][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout
[  183.905475][ T5755] usb 5-1: Using ep0 maxpacket: 32
[  183.917822][ T5755] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.944669][ T5755] usb 5-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.958604][ T5755] usb 5-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.983300][ T5755] usb 5-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  184.005448][ T5755] usb 5-1: config 0 interface 0 has no altsetting 0
[  184.022674][ T5755] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  184.052433][ T5755] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.081898][ T5755] usb 5-1: config 0 descriptor??
[  184.539123][ T5755] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  184.558746][ T5755] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  184.571819][ T5755] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  184.585441][ T5755] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  184.600763][ T5755] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  184.638671][ T5755] corsair-psu 0003:1B1C:1C09.0006: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.4-1/input0
[  184.725523][ T5755] corsair-psu 0003:1B1C:1C09.0006: unable to initialize device (-38)
[  184.739231][ T5755] corsair-psu: probe of 0003:1B1C:1C09.0006 failed with error -38
[  184.812234][ T8128] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.824423][ T8128] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.839871][  T788] usb 5-1: USB disconnect, device number 4
[  185.283019][  T968] gspca_ov534_9: reg_r err -71
[  185.545197][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.646'.
[  185.595406][  T968] gspca_ov534_9: Unknown sensor 0000
[  185.595491][  T968] ov534_9: probe of 2-1:0.0 failed with error -22
[  185.602440][ T8181] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  185.618559][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  185.653510][  T968] usb 2-1: USB disconnect, device number 8
[  185.695883][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  185.783231][ T5774] Bluetooth: hci2: command 0x0c1a tx timeout
[  185.830402][ T8183] bond1: entered allmulticast mode
[  185.855503][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout
[  185.980089][ T8185] 8021q: adding VLAN 0 to HW filter on device bond2
[  186.011641][ T8185] bond2: entered allmulticast mode
[  186.023772][ T8185] bond1: (slave bond2): Enslaving as an active interface with an up link
[  186.115312][ T8196] loop4: detected capacity change from 0 to 1024
[  186.127638][ T8196] EXT4-fs: Ignoring removed i_version option
[  186.162705][ T8196] EXT4-fs: Ignoring removed nobh option
[  186.172679][ T8196] EXT4-fs: Ignoring removed bh option
[  186.292544][ T8196] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.507188][ T8196] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  186.544470][ T8196] EXT4-fs (loop4): Remounting filesystem read-only
[  186.636805][ T7145] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.651496][ T8253] syzkaller0: entered promiscuous mode
[  190.668105][ T8253] syzkaller0: entered allmulticast mode
[  190.866586][ T8259] md2: using deprecated bitmap file support
[  190.872738][ T8259] md2: error: bitmap file must open for write
[  191.133278][ T8273] loop5: detected capacity change from 0 to 128
[  191.199351][ T8273] VFS: Found a Xenix FS (block size = 512) on device loop5
[  191.266458][ T8273] sysv_free_block: trying to free block not in datazone
[  191.493736][ T7206] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  192.064418][ T8284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.677'.
[  192.431072][ T8301] netlink: 12 bytes leftover after parsing attributes in process `syz.2.682'.
[  193.568899][ T8319] netlink: 'syz.2.688': attribute type 11 has an invalid length.
[  193.775672][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  194.435927][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  194.442313][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  194.552921][ T8346] kvm: pic: non byte write
[  194.818482][ T8360] loop4: detected capacity change from 0 to 164
[  194.863488][ T8360] rock: directory entry would overflow storage
[  194.893688][ T8360] rock: sig=0x66, size=4, remaining=3
[  194.953963][ T8360] rock: directory entry would overflow storage
[  194.983862][ T8360] rock: sig=0x66, size=4, remaining=3
[  195.004807][ T8360] iso9660: Corrupted directory entry in block 4 of inode 1792
[  195.107783][ T8360] block device autoloading is deprecated and will be removed.
[  195.235173][ T8378] Set syz1 is full, maxelem 14 reached
[  196.105476][ T5810] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  196.303025][ T5810] usb 5-1: config 0 has no interfaces?
[  196.320698][ T5810] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  196.347777][ T5810] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.383354][ T5810] usb 5-1: Product: syz
[  196.387782][ T5810] usb 5-1: Manufacturer: syz
[  196.392398][ T5810] usb 5-1: SerialNumber: syz
[  196.425438][ T5810] usb 5-1: config 0 descriptor??
[  196.781568][ T8402] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.973832][ T5810] usb 5-1: USB disconnect, device number 5
[  197.824151][   T27] audit: type=1326 audit(1777515406.480:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.5.730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4046d9cdd9 code=0x0
[  199.429375][ T8484] kvm: pic: non byte write
[  199.436339][  T788] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  199.661122][  T788] usb 6-1: config 0 has no interfaces?
[  199.683548][  T788] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  199.705506][  T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.737675][  T788] usb 6-1: Product: syz
[  199.741892][  T788] usb 6-1: Manufacturer: syz
[  199.765480][  T788] usb 6-1: SerialNumber: syz
[  199.791918][  T788] usb 6-1: config 0 descriptor??
[  200.337619][ T8475] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.515910][ T5755] usb 6-1: USB disconnect, device number 4
[  201.237493][ T5774] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  201.352968][ T8528] binder: 8527:8528 ioctl c0306201 200000000080 returned -14
[  201.463930][ T8528] binder: 8527:8528 ioctl c0306201 2000000003c0 returned -14
[  201.542085][ T5755] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  201.775734][ T5755] usb 6-1: Using ep0 maxpacket: 32
[  201.912348][ T5755] usb 6-1: unable to get BOS descriptor or descriptor too short
[  201.939595][ T8533] overlayfs: failed to clone upperpath
[  202.020409][ T5755] usb 6-1: config 1 has an invalid interface number: 2 but max is 0
[  202.042356][ T5755] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.102973][ T5755] usb 6-1: config 1 has no interface number 0
[  202.180342][ T5755] usb 6-1: New USB device found, idVendor=04b4, idProduct=931d, bcdDevice= 0.40
[  202.215322][ T5755] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.244383][ T5755] usb 6-1: Product: syz
[  202.260266][ T8541] syzkaller0: entered promiscuous mode
[  202.264639][ T5755] usb 6-1: Manufacturer: syz
[  202.271514][ T5755] usb 6-1: SerialNumber: syz
[  202.283477][ T8541] syzkaller0: entered allmulticast mode
[  202.521405][ T5755] usb 6-1: can't set first interface for hiFace device.
[  202.545480][ T5755] snd-usb-hiface: probe of 6-1:1.2 failed with error -5
[  202.583531][ T5755] usb 6-1: USB disconnect, device number 5
[  203.884092][ T8575] loop5: detected capacity change from 0 to 32768
[  203.930449][ T8575] JBD2: Ignoring recovery information on journal
[  203.979997][ T8575] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  204.359041][ T7206] ocfs2: Unmounting device (7,5) on (node local)
[  206.517471][ T8592] syzkaller0: entered promiscuous mode
[  206.522999][ T8592] syzkaller0: entered allmulticast mode
[  207.684970][ T8613] loop4: detected capacity change from 0 to 4096
[  207.743383][ T8615] netlink: 'syz.2.771': attribute type 10 has an invalid length.
[  207.771768][ T8615] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  208.012368][ T8613] EXT4-fs (loop4): Test dummy encryption mode enabled
[  208.026288][ T8613] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  209.127264][ T8669] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  209.597896][ T8681] loop9: detected capacity change from 0 to 7
[  209.655760][ T8681] Dev loop9: unable to read RDB block 7
[  209.702227][ T8681]  loop9: unable to read partition table
[  209.731679][ T8681] loop9: partition table beyond EOD, truncated
[  209.765536][ T8681] loop_reread_partitions: partition scan of loop9 (úù) failed (rc=-5)
[  210.810334][ T8693] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  210.841144][ T8693] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  210.885706][ T8693] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  210.909812][ T8693] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  211.199700][ T8712] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  211.933643][ T8739] netlink: 16 bytes leftover after parsing attributes in process `syz.5.794'.
[  212.577236][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  212.895593][ T5774] Bluetooth: hci2: command 0x0c1a tx timeout
[  212.901689][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  212.948197][ T8756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.798'.
[  212.977986][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout
[  213.415432][ T5805] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  213.612664][ T5805] usb 6-1: Using ep0 maxpacket: 16
[  213.636390][ T5805] usb 6-1: config index 0 descriptor too short (expected 51443, got 18)
[  213.645207][ T5805] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.699433][ T5805] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  213.728089][ T5805] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  213.745402][ T5805] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.755766][ T5805] usb 6-1: Product: syz
[  213.759960][ T5805] usb 6-1: Manufacturer: syz
[  213.775100][ T5805] usb 6-1: SerialNumber: syz
[  213.796240][ T5805] r8152-cfgselector 6-1: config 0 descriptor??
[  214.075176][ T8767] raw_sendmsg: syz.5.800 forgot to set AF_INET. Fix it!
[  218.633060][ T8834] sched: RT throttling activated
[  219.037519][ T5805] r8152-cfgselector 6-1: Unknown version 0x0000
[  219.147197][ T5805] r8152-cfgselector 6-1: USB disconnect, device number 6
[  219.204571][ T8841] fuse: Bad value for 'fd'
[  219.321641][ T8848] loop5: detected capacity change from 0 to 64
[  219.583129][ T8855] syzkaller0: entered promiscuous mode
[  219.615135][ T8855] syzkaller0: entered allmulticast mode
[  220.697350][ T8875] loop4: detected capacity change from 0 to 4096
[  220.713413][ T8875] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  220.797151][ T8875] ntfs3: loop4: Failed to load root (-22).
[  220.945761][ T8883] netlink: 100 bytes leftover after parsing attributes in process `syz.1.837'.
[  221.379117][ T5774] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  223.113810][ T8950] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  228.331464][ T9058] kvm: pic: non byte write
[  229.529566][ T9081] syzkaller0: entered promiscuous mode
[  229.556016][ T9081] syzkaller0: entered allmulticast mode
[  229.976126][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  230.175529][    T8] usb 6-1: Using ep0 maxpacket: 32
[  230.184864][    T8] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  230.197614][    T8] usb 6-1: config 0 has no interface number 0
[  230.215055][    T8] usb 6-1: config 0 interface 12 has no altsetting 0
[  230.244159][    T8] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  230.272133][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.290138][    T8] usb 6-1: Product: syz
[  230.310489][    T8] usb 6-1: Manufacturer: syz
[  230.315327][    T8] usb 6-1: SerialNumber: syz
[  230.384818][    T8] usb 6-1: config 0 descriptor??
[  231.333102][ T9101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'.
[  231.536203][ T9101] bond1: entered promiscuous mode
[  231.566029][ T9101] bond1: entered allmulticast mode
[  232.425391][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  233.675369][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  234.418650][    T8] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  234.438305][    T8] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  234.455572][    T8] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  234.463495][    T8] f81534: probe of 6-1:0.12 failed with error -71
[  234.482747][    T8] usb 6-1: USB disconnect, device number 7
[  234.972398][ T9148] kvm: pic: single mode not supported
[  234.972748][ T9148] kvm: pic: single mode not supported
[  234.985404][ T9148] kvm: pic: level sensitive irq not supported
[  237.927707][ T9169] binder_alloc: 9166: binder_alloc_buf, no vma
[  239.301077][ T9182] xt_HMARK: spi-set and port-set can't be combined
[  239.515786][ T9175] syzkaller0: entered promiscuous mode
[  239.568935][ T9175] syzkaller0: entered allmulticast mode
[  241.208815][ T9205] binder_alloc: 9204: binder_alloc_buf, no vma
[  241.378491][ T9210] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  241.743635][ T9225] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  241.789147][ T9226] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.232851][ T9233] netlink: 'syz.2.927': attribute type 4 has an invalid length.
[  244.183413][ T9261] loop4: detected capacity change from 0 to 1024
[  245.206238][ T9275] tipc: Failed to obtain node identity
[  245.234104][ T9275] tipc: Enabling of bearer <ib:wg1> rejected, failed to enable media
[  245.274545][ T9271] kvm: pic: non byte write
[  246.715443][ T5805] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  246.775819][ T5755] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  246.905638][ T5805] usb 5-1: Using ep0 maxpacket: 16
[  246.920679][ T5805] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.936947][ T5805] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  246.960144][ T5805] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  246.971553][ T5805] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.982436][ T5805] usb 5-1: Product: syz
[  246.984280][ T5755] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  246.993912][ T5805] usb 5-1: Manufacturer: syz
[  247.011867][ T5805] usb 5-1: SerialNumber: syz
[  247.020744][ T5755] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.068705][ T5755] usb 6-1: config 0 descriptor??
[  247.104154][ T5755] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  247.318550][ T5805] usb 5-1: 0:2 : does not exist
[  247.339682][ T5805] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  247.406551][ T5805] usb 5-1: USB disconnect, device number 6
[  247.530604][ T5760] udevd[5760]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  249.017245][ T5755] usb 6-1: USB disconnect, device number 8
[  252.635585][ T5755] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  252.725460][   T42] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  252.825426][ T5755] usb 5-1: Using ep0 maxpacket: 32
[  252.832761][ T5755] usb 5-1: unable to read config index 0 descriptor/start: -61
[  252.845886][ T5755] usb 5-1: can't read configurations, error -61
[  252.915478][   T42] usb 6-1: Using ep0 maxpacket: 32
[  252.926679][   T42] usb 6-1: unable to get BOS descriptor or descriptor too short
[  252.938844][   T42] usb 6-1: config 7 has an invalid interface number: 187 but max is 0
[  252.953232][   T42] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  252.972343][   T42] usb 6-1: config 7 has no interface number 0
[  252.983677][   T42] usb 6-1: config 7 interface 187 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  253.010868][ T5755] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  253.020756][   T42] usb 6-1: config 7 interface 187 has no altsetting 0
[  253.034901][   T42] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  253.051001][   T42] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.065035][   T42] usb 6-1: Product: syz
[  253.072661][   T42] usb 6-1: Manufacturer: syz
[  253.080810][   T42] usb 6-1: SerialNumber: syz
[  253.205510][ T5755] usb 5-1: Using ep0 maxpacket: 32
[  253.217737][ T5755] usb 5-1: unable to read config index 0 descriptor/start: -61
[  253.228893][ T5755] usb 5-1: can't read configurations, error -61
[  253.265799][ T5755] usb usb5-port1: attempt power cycle
[  253.310046][   T42] usb 6-1: Unknown endpoint type found, address 0x07
[  253.328269][   T42] usb 6-1: Not enough endpoints found in device, aborting!
[  253.567865][    T8] usb 6-1: USB disconnect, device number 9
[  253.685516][ T5755] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  253.746176][ T5755] usb 5-1: Using ep0 maxpacket: 32
[  253.753555][ T5755] usb 5-1: unable to read config index 0 descriptor/start: -61
[  253.761537][ T5755] usb 5-1: can't read configurations, error -61
[  253.925507][ T5755] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  253.961235][ T9378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.974'.
[  253.976154][ T5755] usb 5-1: Using ep0 maxpacket: 32
[  253.987404][ T5755] usb 5-1: unable to read config index 0 descriptor/start: -61
[  253.994966][ T5755] usb 5-1: can't read configurations, error -61
[  254.017091][ T5755] usb usb5-port1: unable to enumerate USB device
[  254.161749][ T9385] netlink: 'syz.5.977': attribute type 1 has an invalid length.
[  254.190779][ T9385] bond1: entered promiscuous mode
[  254.197627][ T9385] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.499399][ T9385] netlink: 28 bytes leftover after parsing attributes in process `syz.5.977'.
[  254.518058][ T9385] bond1: entered allmulticast mode
[  254.676191][ T9391] bond1: (slave bridge1): making interface the new active one
[  254.703865][ T9391] bridge1: entered promiscuous mode
[  254.713598][ T9391] bridge1: entered allmulticast mode
[  254.722804][ T9391] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  254.979564][ T9402] netlink: 'syz.5.983': attribute type 39 has an invalid length.
[  255.863131][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  255.870275][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  255.878731][ T9412] loop4: detected capacity change from 0 to 64
[  255.968287][ T9412] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  262.348591][ T9462] smc: net device bond0 applied user defined pnetid SYZ2
[  262.396070][ T9462] netlink: 14 bytes leftover after parsing attributes in process `syz.1.996'.
[  262.738740][ T9462] smc: removing net device bond0 with user defined pnetid SYZ2
[  263.584705][ T9462] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  263.872397][ T9462] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  263.938308][ T9462] bond0 (unregistering): Released all slaves
[  264.343246][ T9465] loop4: detected capacity change from 0 to 32768
[  264.353025][ T9523] binder: 9522:9523 ioctl c0306201 2000000007c0 returned -14
[  264.435914][ T9465] JBD2: Ignoring recovery information on journal
[  264.506609][ T9465] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  264.899626][   T27] audit: type=1800 audit(1777515473.540:239): pid=9465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.997" name="file7" dev="loop4" ino=17062 res=0 errno=0
[  264.957376][ T9537] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  264.999608][ T5774] Bluetooth: hci1: unexpected event for opcode 0x0c03
[  265.245788][ T9465] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  265.409805][ T9537] kvm: pic: non byte read
[  265.565176][ T9537] kvm: pic: level sensitive irq not supported
[  265.565313][ T9537] kvm: pic: non byte read
[  265.584399][ T9537] kvm: pic: level sensitive irq not supported
[  265.584521][ T9537] kvm: pic: non byte read
[  265.796558][ T9542] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  265.816813][ T9542] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  265.823177][ T9542] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  265.845695][ T9542] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  265.996842][ T7145] ocfs2: Unmounting device (7,4) on (node local)
[  266.103251][ T9554] capability: warning: `syz.2.1006' uses 32-bit capabilities (legacy support in use)
[  266.790141][ T9566] syzkaller0: entered promiscuous mode
[  266.801054][ T9566] syzkaller0: entered allmulticast mode
[  267.865615][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout
[  267.871785][ T5770] Bluetooth: hci2: command 0x0c1a tx timeout
[  267.871789][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  268.130321][ T9590] loop5: detected capacity change from 0 to 512
[  268.166417][ T9590] EXT4-fs: Ignoring removed bh option
[  268.225455][ T9590] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  268.261378][ T9590] EXT4-fs (loop5): 1 truncate cleaned up
[  268.493880][ T9590] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.378220][ T9595] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  269.962814][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.904694][ T9628] syzkaller0: entered promiscuous mode
[  271.927553][ T9628] syzkaller0: entered allmulticast mode
[  272.407645][ T9640] netlink: 'syz.2.1035': attribute type 1 has an invalid length.
[  272.487358][ T9640] bond2: entered promiscuous mode
[  272.492715][ T9640] 8021q: adding VLAN 0 to HW filter on device bond2
[  272.670705][ T9646] bridge1: entered promiscuous mode
[  273.179443][ T9640] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1035'.
[  273.195472][ T9640] bond2: entered allmulticast mode
[  273.242597][ T9640] bond2: (slave bridge2): making interface the new active one
[  273.266410][ T9640] bridge2: entered promiscuous mode
[  273.271868][ T9640] bridge2: entered allmulticast mode
[  273.278210][ T9640] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  273.336440][ T9648] binder_alloc: 9647: pid 9647 spamming oneway? 2 buffers allocated for a total size of 5120
[  273.533129][ T9653] syzkaller0: entered promiscuous mode
[  273.539919][ T9653] syzkaller0: entered allmulticast mode
[  274.564684][ T9665] netlink: 'syz.1.1042': attribute type 1 has an invalid length.
[  274.830491][ T9665] smc: adding net device bond0 with user defined pnetid SYZ2
[  274.874432][ T9665] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.910374][ T9668] vlan2: entered allmulticast mode
[  274.925842][ T9670] overlayfs: failed to clone upperpath
[  274.955508][ T9668] bond0: entered allmulticast mode
[  275.021353][ T9665] bond0: (slave geneve2): making interface the new active one
[  275.054809][ T9665] geneve2: entered allmulticast mode
[  275.074255][ T9665] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  276.703140][ T9672] loop5: detected capacity change from 0 to 40427
[  276.715537][ T5774] Bluetooth: hci0: unexpected event for opcode 0x0c03
[  276.754057][ T9672] F2FS-fs (loop5): Invalid SB checksum offset: 0
[  276.766664][ T9672] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  276.808359][ T9672] F2FS-fs (loop5): invalid crc value
[  277.009804][ T9672] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  277.025957][ T9672] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  277.908434][ T9672] overlayfs: conflicting lowerdir path
[  278.160413][ T7206] syz-executor: attempt to access beyond end of device
[  278.160413][ T7206] loop5: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  278.207371][ T7206] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  278.216349][ T7206] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  278.223257][ T7206] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  278.570936][ T9706] loop4: detected capacity change from 0 to 32768
[  278.625808][ T9706] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  278.677129][ T9706] XFS (loop4): Ending clean mount
[  278.715140][ T9706] XFS (loop4): Quotacheck needed: Please wait.
[  278.857690][ T9706] XFS (loop4): Quotacheck: Done.
[  279.735502][   T27] audit: type=1800 audit(1777515488.070:240): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1053" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=4429 res=0 errno=0
[  280.048185][ T7145] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  280.110177][ T9760] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1058'.
[  282.535178][ T9778] netlink: 'syz.1.1063': attribute type 39 has an invalid length.
[  282.729035][ T9781] tipc: Failed to remove unknown binding: 66,0,0/0:3769440303/3769440305
[  282.744211][ T9781] tipc: Failed to remove unknown binding: 66,0,0/0:3769440303/3769440304
[  282.780653][ T9781] tipc: Failed to remove unknown binding: 66,0,0/0:3769440303/3769440305
[  282.817235][ T9781] tipc: Failed to remove unknown binding: 66,0,0/0:3769440303/3769440304
[  282.843778][ T9779] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1062'.
[  283.060862][ T9791] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  283.084791][ T9791] syzkaller0: entered promiscuous mode
[  283.094434][ T9791] syzkaller0: entered allmulticast mode
[  283.241264][ T9791] tipc: Resetting bearer <eth:syzkaller0>
[  283.284566][ T9790] tipc: Resetting bearer <eth:syzkaller0>
[  283.337338][ T9790] tipc: Disabling bearer <eth:syzkaller0>
[  285.587266][ T9821] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  285.598062][ T9821] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  289.021243][ T9865] syzkaller0: entered promiscuous mode
[  289.031147][ T9865] syzkaller0: entered allmulticast mode
[  289.115648][ T9865] tipc: Started in network mode
[  289.134225][ T9865] tipc: Node identity 1268c6defdff, cluster identity 4711
[  289.152218][ T9865] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  289.176142][ T9864] tipc: Resetting bearer <eth:syzkaller0>
[  289.977092][ T9864] tipc: Disabling bearer <eth:syzkaller0>
[  290.165750][ T9875] syzkaller0: entered promiscuous mode
[  290.185718][ T9875] syzkaller0: entered allmulticast mode
[  293.579595][ T5755] libceph: connect (1)[c::]:6789 error -101
[  294.310114][ T5755] libceph: mon0 (1)[c::]:6789 connect error
[  294.323782][ T9913] ceph: No mds server is up or the cluster is laggy
[  294.595037][ T5835] libceph: connect (1)[c::]:6789 error -101
[  294.603013][ T5835] libceph: mon0 (1)[c::]:6789 connect error
[  297.463283][ T9960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1120'.
[  298.376478][ T9967] syzkaller0: entered promiscuous mode
[  298.381997][ T9967] syzkaller0: entered allmulticast mode
[  299.247452][ T9971] overlayfs: failed to clone upperpath
[  299.711831][ T9987] syzkaller0: entered promiscuous mode
[  299.717688][ T9987] syzkaller0: entered allmulticast mode
[  300.621895][ T5835] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  300.711098][ T9991] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  300.815468][ T5835] usb 6-1: Using ep0 maxpacket: 32
[  300.829841][ T5835] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  300.841692][ T5835] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  300.867148][ T5835] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  300.917191][ T5835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  300.962473][ T5835] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  301.004815][ T5835] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  301.038241][ T5835] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  301.054466][ T5835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.073464][ T5835] usb 6-1: config 0 descriptor??
[  301.312270][ T5835] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  301.572767][    C1] usblp0: nonzero read bulk status received: -71
[  301.580899][ T9980] usblp0: error -71 reading from printer
[  301.590321][ T5835] usb 6-1: USB disconnect, device number 10
[  301.624588][ T9980] usblp0: removed
[  303.374745][T10019] kvm: vcpu 0: requested 32768 ns lapic timer period limited to 200000 ns
[  303.383458][T10019] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  303.460433][T10019] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  303.694823][T10029] loop4: detected capacity change from 0 to 512
[  303.733062][T10029] FAT-fs (loop4): bogus number of FAT sectors
[  303.740956][T10029] FAT-fs (loop4): Can't find a valid FAT filesystem
[  304.043191][T10035] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1135'.
[  306.326398][   T41] hsr_slave_0: left promiscuous mode
[  306.358892][   T41] hsr_slave_1: left promiscuous mode
[  306.539007][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  306.618487][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.764788][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  306.897109][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  307.046833][   T41] bridge_slave_1: left allmulticast mode
[  307.140446][   T41] bridge_slave_1: left promiscuous mode
[  307.172761][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.183258][   T41] bridge_slave_0: left allmulticast mode
[  307.192112][   T41] bridge_slave_0: left promiscuous mode
[  307.200104][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.409793][   T41] veth1_macvtap: left promiscuous mode
[  307.440398][   T41] veth0_macvtap: left promiscuous mode
[  308.057232][   T41] veth1_vlan: left promiscuous mode
[  308.123708][   T41] veth0_vlan: left promiscuous mode
[  310.186069][T10066] overlayfs: failed to clone upperpath
[  312.060675][   T41] team0 (unregistering): Port device team_slave_1 removed
[  312.168080][   T41] team0 (unregistering): Port device team_slave_0 removed
[  313.602370][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  313.759708][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.933239][   T41] bond0 (unregistering): Released all slaves
[  317.566219][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.605562][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.783997][T10167] syz.5.1169 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  319.652195][T10167] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1169'.
[  322.324308][T10193] batman_adv: batadv0: Adding interface: dummy0
[  322.330983][T10193] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.356302][T10193] batman_adv: batadv0: Interface activated: dummy0
[  322.372530][T10193] batadv0: mtu less than device minimum
[  322.380161][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.393048][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.405449][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.417802][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.430238][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.442632][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.455014][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.467425][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.479869][T10193] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  326.057811][   T27] audit: type=1326 audit(1777515534.720:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.1.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7fc00000
[  326.080968][T10218] vlan2: entered promiscuous mode
[  326.120534][T10218] vlan2: entered allmulticast mode
[  326.144307][T10218] hsr_slave_1: entered allmulticast mode
[  326.327413][T10218] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1185'.
[  326.402037][T10220] syz.5.1184 (10220): drop_caches: 2
[  326.437758][T10220] syz.5.1184 (10220): drop_caches: 2
[  326.595164][T10227] loop4: detected capacity change from 0 to 128
[  326.603251][T10227] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  328.474476][T10227] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  330.129461][T10241] trusted_key: encrypted_key: insufficient parameters specified
[  330.140459][T10241] 9pnet_fd: Insufficient options for proto=fd
[  330.712356][T10252] syzkaller0: entered promiscuous mode
[  330.721330][T10252] syzkaller0: entered allmulticast mode
[  331.314179][T10261] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.1197'.
[  331.325059][T10261] net_ratelimit: 10 callbacks suppressed
[  331.325115][T10261] openvswitch: netlink: ct_state flags 00030000 unsupported
[  334.587657][T10287] team0: Port device bridge3 added
[  337.975534][ T5755] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  338.585771][ T5755] usb 5-1: Using ep0 maxpacket: 16
[  338.612029][ T5755] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[  338.634636][ T5755] usb 5-1: config 0 has no interface number 0
[  338.666002][ T5755] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  338.803128][ T5755] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.816560][ T5755] usb 5-1: Product: syz
[  338.820766][ T5755] usb 5-1: Manufacturer: syz
[  338.831808][ T5755] usb 5-1: SerialNumber: syz
[  338.841260][ T5755] usb 5-1: config 0 descriptor??
[  338.858453][ T5755] hub 5-1:0.132: bad descriptor, ignoring hub
[  338.864571][ T5755] hub: probe of 5-1:0.132 failed with error -5
[  338.900639][ T5755] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input6
[  340.191801][T10356] loop5: detected capacity change from 0 to 32768
[  340.471022][T10356] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  340.999393][T10356] XFS (loop5): Ending clean mount
[  341.012084][T10356] XFS (loop5): Quotacheck needed: Please wait.
[  341.122719][T10356] XFS (loop5): Quotacheck: Done.
[  341.462095][T10381] xt_hashlimit: size too large, truncated to 1048576
[  341.740503][   T27] audit: type=1800 audit(1777515550.100:242): pid=10381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1224" name="file0" dev="loop5" ino=4420 res=0 errno=0
[  341.880617][T10381] syz.5.1224: vmalloc error: size 8392704, failed to allocated page array size 16392, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  341.899186][T10381] CPU: 1 PID: 10381 Comm: syz.5.1224 Not tainted syzkaller #0
[  341.906676][T10381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  341.916757][T10381] Call Trace:
[  341.920040][T10381]  <TASK>
[  341.922965][T10381]  dump_stack_lvl+0x18c/0x250
[  341.927656][T10381]  ? show_regs_print_info+0x20/0x20
[  341.932849][T10381]  ? load_image+0x420/0x420
[  341.937353][T10381]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  341.943764][T10381]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  341.950265][T10381]  warn_alloc+0x246/0x340
[  341.954609][T10381]  ? zone_watermark_ok_safe+0x230/0x230
[  341.960165][T10381]  ? _raw_spin_unlock+0x3a/0x40
[  341.965015][T10381]  __vmalloc_node_range+0x662/0x1330
[  341.970322][T10381]  ? free_vm_area+0x50/0x50
[  341.974823][T10381]  ? hashlimit_pernet+0x23/0x230
[  341.979758][T10381]  ? htable_create+0xf2/0x790
[  341.984429][T10381]  vmalloc+0x79/0x90
[  341.988319][T10381]  ? htable_create+0xf2/0x790
[  341.992990][T10381]  htable_create+0xf2/0x790
[  341.997495][T10381]  hashlimit_mt_check_common+0x6ca/0x9e0
[  342.003129][T10381]  xt_check_match+0x4ea/0xc50
[  342.007807][T10381]  ? xt_check_proc_name+0x270/0x270
[  342.013003][T10381]  ? strcmp+0x28/0xb0
[  342.016987][T10381]  ? xt_find_match+0x1f1/0x230
[  342.021750][T10381]  translate_table+0x1533/0x2090
[  342.026695][T10381]  ? ip6t_register_table+0x7e0/0x7e0
[  342.031974][T10381]  ? __might_fault+0xaa/0x120
[  342.036650][T10381]  ? __might_fault+0xc6/0x120
[  342.041321][T10381]  ? __might_fault+0xaa/0x120
[  342.045994][T10381]  do_ip6t_set_ctl+0x9fc/0xe10
[  342.050759][T10381]  ? ip6t_unregister_table_exit+0x230/0x230
[  342.056649][T10381]  ? __lock_acquire+0x7d40/0x7d40
[  342.061663][T10381]  ? rcu_is_watching+0x15/0xb0
[  342.066422][T10381]  ? trace_contention_end+0x39/0xe0
[  342.071619][T10381]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  342.077245][T10381]  ? mutex_unlock+0x10/0x10
[  342.081750][T10381]  nf_setsockopt+0x263/0x280
[  342.086340][T10381]  rawv6_setsockopt+0x276/0x5e0
[  342.091192][T10381]  ? raw6_destroy+0x30/0x30
[  342.095688][T10381]  ? __fget_files+0x28/0x4b0
[  342.100276][T10381]  ? aa_sock_opt_perm+0x74/0x100
[  342.105205][T10381]  ? sock_common_setsockopt+0x36/0xc0
[  342.110572][T10381]  ? sock_common_recvmsg+0x190/0x190
[  342.115859][T10381]  do_sock_setsockopt+0x175/0x1a0
[  342.120875][T10381]  ? __fdget+0x180/0x210
[  342.125111][T10381]  __x64_sys_setsockopt+0x182/0x200
[  342.130303][T10381]  do_syscall_64+0x55/0xa0
[  342.134707][T10381]  ? clear_bhb_loop+0x40/0x90
[  342.139375][T10381]  ? clear_bhb_loop+0x40/0x90
[  342.144054][T10381]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  342.149938][T10381] RIP: 0033:0x7f4046d9cdd9
[  342.154356][T10381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.173954][T10381] RSP: 002b:00007f4047c5b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  342.182361][T10381] RAX: ffffffffffffffda RBX: 00007f4047016180 RCX: 00007f4046d9cdd9
[  342.190331][T10381] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[  342.198297][T10381] RBP: 00007f4046e32d69 R08: 0000000000000528 R09: 0000000000000000
[  342.206265][T10381] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000000
[  342.214225][T10381] R13: 00007f4047016218 R14: 00007f4047016180 R15: 00007ffdeabc6d88
[  342.222198][T10381]  </TASK>
[  342.227155][T10381] Mem-Info:
[  342.230305][T10381] active_anon:35284 inactive_anon:0 isolated_anon:0
[  342.230305][T10381]  active_file:18532 inactive_file:40160 isolated_file:0
[  342.230305][T10381]  unevictable:17731 dirty:233 writeback:0
[  342.230305][T10381]  slab_reclaimable:6387 slab_unreclaimable:99707
[  342.230305][T10381]  mapped:32502 shmem:27732 pagetables:720
[  342.230305][T10381]  sec_pagetables:0 bounce:0
[  342.230305][T10381]  kernel_misc_reclaimable:0
[  342.230305][T10381]  free:1296132 free_pcp:5415 free_cma:0
[  342.277449][T10381] Node 0 active_anon:141808kB inactive_anon:0kB active_file:74128kB inactive_file:160440kB unevictable:69388kB isolated(anon):0kB isolated(file):0kB mapped:130728kB dirty:932kB writeback:0kB shmem:110016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11952kB pagetables:2788kB sec_pagetables:0kB all_unreclaimable? no
[  342.310196][T10381] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  342.340543][T10381] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  342.368427][T10381] lowmem_reserve[]: 0 2521 2522 2522 2522
[  342.374214][T10381] Node 0 DMA32 free:1269752kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:130168kB inactive_anon:0kB active_file:74128kB inactive_file:159612kB unevictable:69388kB writepending:932kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:15704kB local_pcp:976kB free_cma:0kB
[  342.404828][T10381] lowmem_reserve[]: 0 0 0 0 0
[  342.409603][T10381] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  342.437336][T10381] lowmem_reserve[]: 0 0 0 0 0
[  342.442096][T10381] Node 1 Normal free:3898908kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17376kB local_pcp:11680kB free_cma:0kB
[  342.472093][T10381] lowmem_reserve[]: 0 0 0 0 0
[  342.476889][T10381] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  342.489711][T10381] Node 0 DMA32: 22*4kB (ME) 388*8kB (UE) 136*16kB (UE) 335*32kB (UE) 217*64kB (UME) 172*128kB (UME) 88*256kB (UME) 46*512kB (UME) 16*1024kB (UME) 6*2048kB (UM) 279*4096kB (UM) = 1269528kB
[  342.508489][T10381] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  342.520418][T10381] Node 1 Normal: 213*4kB (UME) 53*8kB (UME) 42*16kB (UME) 112*32kB (UME) 38*64kB (UME) 4*128kB (UE) 3*256kB (UE) 3*512kB (UM) 3*1024kB (UE) 1*2048kB (E) 948*4096kB (M) = 3898908kB
[  342.538477][T10381] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.548142][T10381] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  342.557573][T10381] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.567638][T10381] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  342.577046][T10381] 101052 total pagecache pages
[  342.581822][T10381] 0 pages in swap cache
[  342.586047][T10381] Free swap  = 124436kB
[  342.590206][T10381] Total swap = 124996kB
[  342.594361][T10381] 2097051 pages RAM
[  342.598240][T10381] 0 pages HighMem/MovableOnly
[  342.603050][T10381] 416927 pages reserved
[  342.607286][T10381] 0 pages cma reserved
[  342.783305][ T7206] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  342.882706][   T27] audit: type=1326 audit(1777515551.540:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz.1.1233" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x0
[  344.413588][T10410] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  344.447975][T10410] syzkaller0: entered promiscuous mode
[  344.454593][T10410] syzkaller0: entered allmulticast mode
[  345.758459][T10425] tipc: Resetting bearer <eth:syzkaller0>
[  345.814637][T10409] tipc: Resetting bearer <eth:syzkaller0>
[  345.928133][T10409] tipc: Disabling bearer <eth:syzkaller0>
[  345.938439][ T5810] tipc: Node number set to 699981010
[  348.236220][ T5755] usb 5-1: USB disconnect, device number 11
[  351.410452][T10475] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  352.536542][ T5755] IPVS: starting estimator thread 0...
[  352.645975][T10490] IPVS: using max 25 ests per chain, 60000 per kthread
[  353.446376][T10504] ptrace attach of "./syz-executor exec"[7145] was attempted by "./syz-executor exec"[10504]
[  359.089082][T10571] team0: Port device bridge1 added
[  360.069252][T10574] syzkaller0: entered promiscuous mode
[  360.076978][T10574] syzkaller0: entered allmulticast mode
[  366.625729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  367.750199][T10631] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 4, id = 0
[  374.722815][T10674] syzkaller0: entered promiscuous mode
[  375.547771][T10674] syzkaller0: entered allmulticast mode
[  377.646579][T10698] loop4: detected capacity change from 0 to 8192
[  378.940920][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  378.951679][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  388.159269][T10782] binder: BINDER_SET_CONTEXT_MGR already set
[  388.171286][T10779] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.179352][T10779] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.187681][T10782] binder: 10780:10782 ioctl 4018620d 2000000002c0 returned -16
[  388.281904][T10779] bridge0: entered allmulticast mode
[  388.594058][T10786] bridge_slave_1: left allmulticast mode
[  388.715693][T10786] bridge_slave_1: left promiscuous mode
[  388.724725][T10786] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.843014][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.851835][T10786] bridge_slave_0: left allmulticast mode
[  388.865148][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.876426][T10786] bridge_slave_0: left promiscuous mode
[  388.881511][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.894883][T10786] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.901533][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.928380][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.945002][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.963556][T10793] loop5: detected capacity change from 0 to 4096
[  388.970447][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.982464][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  388.993953][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  389.002158][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  389.010877][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  389.021798][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  389.040805][T10793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.054839][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  389.063732][T10791] binder: 10788:10791 ioctl 4020ae46 7f414268cfc0 returned -22
[  390.774467][T10790] batman_adv: batadv0: Adding interface: dummy0
[  390.780819][T10790] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.806524][T10790] batman_adv: batadv0: Interface activated: dummy0
[  390.834238][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.888776][T10800] syzkaller0: entered promiscuous mode
[  390.896042][T10800] syzkaller0: entered allmulticast mode
[  392.617645][T10817] loop4: detected capacity change from 0 to 512
[  392.724973][T10817] Quota error (device loop4): v2_read_file_info: Block with free entry 5 out of range (1, 0).
[  393.825953][T10817] EXT4-fs warning (device loop4): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  393.918508][T10817] EXT4-fs (loop4): mount failed
[  395.195369][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  396.108735][T10834] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.118273][T10834] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.138924][T10834] bridge0: entered allmulticast mode
[  398.326520][T10859] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1345'.
[  399.271443][T10859] team0: Failed to send options change via netlink (err -105)
[  399.288075][T10859] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  399.348159][T10859] team0: Port device team_slave_0 removed
[  400.658816][T10876] loop5: detected capacity change from 0 to 4096
[  400.834526][T10876] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.129000][T10901] loop4: detected capacity change from 0 to 2048
[  406.298657][T10901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  406.523966][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.585689][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  410.615719][T10904] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  410.808718][ T7145] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.097876][T10941] loop4: detected capacity change from 0 to 128
[  413.126228][T10941] ADFS-fs (loop4): unrecognised mount option "gid=0xffffffffffffffff184467440737095516151844674407370955161500000000000000000000003ÿÿÿÿÿÿÿÿÿÿÿÿ" or missing value
[  414.545676][T10916] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  416.446690][T10959] syzkaller0: entered promiscuous mode
[  416.532601][T10961] overlayfs: failed to clone upperpath
[  416.546211][T10959] 0: reclassify loop, rule prio 0, protocol 700
[  416.677033][T10963] syzkaller0: entered promiscuous mode
[  416.704210][T10963] syzkaller0: entered allmulticast mode
[  416.842306][T10966] bridge_slave_0: left allmulticast mode
[  416.849807][T10966] bridge_slave_0: left promiscuous mode
[  416.870923][T10966] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.933057][T10969] loop4: detected capacity change from 0 to 512
[  416.950544][T10966] bridge_slave_1: left allmulticast mode
[  416.965870][T10966] bridge_slave_1: left promiscuous mode
[  417.023153][T10966] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.069664][T10966] bond0: (slave bond_slave_0): Releasing backup interface
[  417.098098][T10969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.208679][T10969] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  418.039157][T10966] bond0: (slave bond_slave_1): Releasing backup interface
[  418.237635][T10966] team0: Port device team_slave_0 removed
[  418.257257][T10966] team0: Port device team_slave_1 removed
[  418.410530][T10966] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  418.418646][T10966] batman_adv: batadv0: Removing interface: batadv_slave_0
[  418.428425][T10966] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  418.442816][T10966] batman_adv: batadv0: Removing interface: batadv_slave_1
[  418.506212][T10986] Invalid option length (57448) for dns_resolver key
[  419.125488][T10966] bond1: (slave bond2): Releasing backup interface
[  419.137396][T10972] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  419.166398][T10966] bond2: left allmulticast mode
[  419.254614][T10966] team0: Port device bridge1 removed
[  419.473878][T10969] team0: Mode changed to "loadbalance"
[  419.518702][T10978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1377'.
[  420.544892][   T27] audit: type=1326 audit(1777515629.200:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1387" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9d379cdd9 code=0x0
[  421.077154][ T7145] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.288728][T11016] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  422.187095][T11026] netlink: 'syz.4.1391': attribute type 17 has an invalid length.
[  422.204457][T11026] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1391'.
[  422.276239][T11026] bond0: option all_slaves_active: invalid value (111)
[  422.309111][T11031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1392'.
[  425.915395][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  427.266660][   T27] audit: type=1326 audit(1777515635.930:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.1405" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa5eaf9cdd9 code=0x0
[  427.849944][T11087] loop5: detected capacity change from 0 to 512
[  428.437446][T11087] EXT4-fs: test_dummy_encryption requires encrypt feature
[  428.540528][T10916] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  428.967836][T11091] xt_CT: You must specify a L4 protocol and not use inversions on it
[  434.681111][T11114] kvm: kvm [11113]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x255100000000
[  440.517632][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  440.523971][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  440.785795][T11184] hub 8-0:1.0: USB hub found
[  440.792704][T11184] hub 8-0:1.0: 1 port detected
[  442.039375][ T1145] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.363888][ T1145] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.449881][ T1145] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.130235][ T1145] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.892587][T11216] loop5: detected capacity change from 0 to 256
[  451.105706][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  453.813891][T11266] loop4: detected capacity change from 0 to 32768
[  453.861928][T11266] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  454.032588][T11266] XFS (loop4): Torn write (CRC failure) detected at log block 0x40. Truncating head block from 0x50.
[  454.051774][T11266] XFS (loop4): Starting recovery (logdev: internal)
[  454.070380][T11266] XFS (loop4): Ending recovery (logdev: internal)
[  454.325032][ T7145] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  455.481084][T11294] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  455.488727][T11294] syzkaller0: entered promiscuous mode
[  455.494220][T11294] syzkaller0: entered allmulticast mode
[  457.720613][T11298] tipc: Resetting bearer <eth:syzkaller0>
[  458.543531][T11293] tipc: Resetting bearer <eth:syzkaller0>
[  459.125197][T11293] tipc: Disabling bearer <eth:syzkaller0>
[  459.177377][   T23] tipc: Node number set to 4019701470
[  460.021080][ T1145] hsr_slave_0: left promiscuous mode
[  460.422862][ T1145] hsr_slave_1: left promiscuous mode
[  460.477346][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  460.501074][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  460.624186][   T27] audit: type=1326 audit(1777515669.140:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  460.653500][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.430468][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.440559][   T27] audit: type=1326 audit(1777515669.150:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  461.478358][ T1145] bridge_slave_1: left allmulticast mode
[  461.484101][ T1145] bridge_slave_1: left promiscuous mode
[  461.541522][   T27] audit: type=1326 audit(1777515669.150:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  461.560266][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.612586][   T27] audit: type=1326 audit(1777515669.150:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc9d379cb42 code=0x7ffc0000
[  461.636640][   T27] audit: type=1326 audit(1777515669.150:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc9d375d60e code=0x7ffc0000
[  461.660579][   T27] audit: type=1326 audit(1777515669.150:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc9d379cc07 code=0x7ffc0000
[  461.661343][ T1145] bridge_slave_0: left allmulticast mode
[  461.817623][ T1145] bridge_slave_0: left promiscuous mode
[  461.823896][   T27] audit: type=1326 audit(1777515669.150:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc9d375d60e code=0x7ffc0000
[  461.848196][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.991130][   T27] audit: type=1326 audit(1777515669.150:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc9d379ca6b code=0x7ffc0000
[  462.024508][   T27] audit: type=1326 audit(1777515669.150:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc9d375d60e code=0x7ffc0000
[  462.206294][T11362] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1459'.
[  462.742602][   T27] audit: type=1326 audit(1777515669.150:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc9d375d60e code=0x7ffc0000
[  462.923911][ T1145] veth1_macvtap: left promiscuous mode
[  462.934985][ T1145] veth0_macvtap: left promiscuous mode
[  462.951868][ T1145] veth1_vlan: left promiscuous mode
[  462.975627][ T1145] veth0_vlan: left promiscuous mode
[  464.538182][T11392] hub 8-0:1.0: USB hub found
[  464.543854][T11392] hub 8-0:1.0: 1 port detected
[  464.770061][ T5085] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  464.824059][ T5085] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  464.843512][ T5085] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  464.856353][ T5085] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  464.867591][ T5085] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  464.876152][ T5085] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  466.429126][T11220] Set syz1 is full, maxelem 65536 reached
[  466.832587][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  466.901289][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  466.962216][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.985181][ T5085] Bluetooth: hci4: command tx timeout
[  467.023236][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  467.416273][ T1145] bond0 (unregistering): Released all slaves
[  468.731728][T11389] chnl_net:caif_netlink_parms(): no params data found
[  469.069319][ T5085] Bluetooth: hci4: command tx timeout
[  469.437225][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!!
[  470.041243][ T1145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.051444][ T1145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.377425][ T5085] Bluetooth: hci4: command tx timeout
[  471.625873][T11389] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.633044][T11389] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.672071][T11389] bridge_slave_0: entered allmulticast mode
[  471.705094][T11389] bridge_slave_0: entered promiscuous mode
[  471.728162][T11466] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  471.807290][ T1145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.862346][T11389] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.894064][T11389] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.915574][T11389] bridge_slave_1: entered allmulticast mode
[  471.952504][T11389] bridge_slave_1: entered promiscuous mode
[  472.042437][ T1145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.160303][T11389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  472.205316][T11389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  472.403929][T11389] team0: Port device team_slave_0 added
[  472.480957][T11389] team0: Port device team_slave_1 added
[  472.549340][T11389] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.560608][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.613457][T11389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.659678][T11389] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.691665][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.812749][T11389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  473.553725][ T5085] Bluetooth: hci4: command tx timeout
[  475.065139][T11389] hsr_slave_0: entered promiscuous mode
[  475.097658][T11389] hsr_slave_1: entered promiscuous mode
[  475.525812][T11498] kvm: kvm [11497]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x255100000000
[  475.536194][T11498] kvm: kvm [11497]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x21d900000000
[  475.564348][T11498] kvm: kvm [11497]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x4ee000000000
[  476.195679][T11498] kvm: kvm [11497]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  476.381125][T11389] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  476.519519][T11389] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  476.543770][T11389] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  476.562355][T11389] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  476.752541][T11521] loop4: detected capacity change from 0 to 2048
[  476.847987][T11521] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  480.077672][T11389] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.111868][T11389] 8021q: adding VLAN 0 to HW filter on device team0
[  481.825800][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  482.235384][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  482.512014][ T4226] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.519244][ T4226] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.669269][ T4226] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.676540][ T4226] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.758759][ T1145] IPVS: stopping backup sync thread 10631 ...
[  486.896443][    C1] sd 0:0:1:0: [sda] tag#2731 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.906959][    C1] sd 0:0:1:0: [sda] tag#2731 CDB: Read(6) 08 00 00 00 00 00
[  486.914573][    C1] sd 0:0:1:0: [sda] tag#2732 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.925057][    C1] sd 0:0:1:0: [sda] tag#2732 CDB: Read(6) 08 00 00 00 00 00
[  486.932503][    C1] sd 0:0:1:0: [sda] tag#2733 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.942953][    C1] sd 0:0:1:0: [sda] tag#2733 CDB: Read(6) 08 00 00 00 00 00
[  486.950399][    C1] sd 0:0:1:0: [sda] tag#2734 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.960820][    C1] sd 0:0:1:0: [sda] tag#2734 CDB: Read(6) 08 00 00 00 00 00
[  486.968245][    C1] sd 0:0:1:0: [sda] tag#2735 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.978669][    C1] sd 0:0:1:0: [sda] tag#2735 CDB: Read(6) 08 00 00 00 00 00
[  486.986108][    C1] sd 0:0:1:0: [sda] tag#2736 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  486.996519][    C1] sd 0:0:1:0: [sda] tag#2736 CDB: Read(6) 08 00 00 00 00 00
[  487.003862][    C1] sd 0:0:1:0: [sda] tag#2737 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  487.014248][    C1] sd 0:0:1:0: [sda] tag#2737 CDB: Read(6) 08 00 00 00 00 00
[  487.021597][    C1] sd 0:0:1:0: [sda] tag#2738 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  487.031966][    C1] sd 0:0:1:0: [sda] tag#2738 CDB: Read(6) 08 00 00 00 00 00
[  487.039337][    C1] sd 0:0:1:0: [sda] tag#2739 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  487.049692][    C1] sd 0:0:1:0: [sda] tag#2739 CDB: Read(6) 08 00 00 00 00 00
[  487.057098][    C1] sd 0:0:1:0: [sda] tag#2740 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  487.067522][    C1] sd 0:0:1:0: [sda] tag#2740 CDB: Read(6) 08 00 00 00 00 00
[  487.187045][ T1145] bond0: (slave wlan1): Releasing backup interface
[  487.490854][T11389] 8021q: adding VLAN 0 to HW filter on device batadv0
[  487.665397][ T1145] hsr_slave_0: left promiscuous mode
[  488.502011][ T1145] batman_adv: batadv0: Interface deactivated: dummy0
[  488.513147][ T1145] batman_adv: batadv0: Removing interface: dummy0
[  488.544299][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  488.574599][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  488.644461][ T1145] veth1_macvtap: left promiscuous mode
[  488.653003][ T1145] veth0_macvtap: left promiscuous mode
[  488.663462][ T1145] veth1_vlan: left promiscuous mode
[  488.684106][ T1145] veth0_vlan: left promiscuous mode
[  488.970253][ T1145] team0 (unregistering): Port device bridge3 removed
[  489.097768][ T1145] bond2 (unregistering): (slave bridge2): Releasing backup interface
[  489.112990][ T1145] bridge2 (unregistering): left promiscuous mode
[  489.123757][ T1145] bridge2 (unregistering): left allmulticast mode
[  489.315189][ T5810] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  489.837543][ T5810] usb 5-1: device descriptor read/64, error -71
[  489.906961][ T1145] bond2 (unregistering): Released all slaves
[  490.043901][ T1145] bond1 (unregistering): Released all slaves
[  490.125619][ T5810] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  490.375714][ T5810] usb 5-1: device descriptor read/64, error -71
[  490.516468][ T5810] usb usb5-port1: attempt power cycle
[  491.015598][ T5810] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  491.046895][ T5810] usb 5-1: device descriptor read/8, error -71
[  491.338552][ T5810] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  491.361889][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  491.401588][ T5810] usb 5-1: device descriptor read/8, error -71
[  491.454435][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.529262][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.540281][ T5810] usb usb5-port1: unable to enumerate USB device
[  492.284689][ T5085] Bluetooth: hci1: unknown advertising packet type: 0x75
[  492.286932][ T5085] Bluetooth: hci1: Malformed LE Event: 0x02
[  493.551834][ T1145] bond0 (unregistering): Released all slaves
[  498.704595][ T1145] IPVS: stop unused estimator thread 0...
[  498.903413][T11389] veth0_vlan: entered promiscuous mode
[  498.992320][T11389] veth1_vlan: entered promiscuous mode
[  499.238970][T11389] veth0_macvtap: entered promiscuous mode
[  499.339212][T11389] veth1_macvtap: entered promiscuous mode
[  499.777829][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.862109][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.911974][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.951202][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.996827][T11389] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.060710][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.091574][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.135452][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.156343][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.177229][T11389] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.306676][T11389] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.315486][T11389] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.324183][T11389] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.332967][T11389] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.014533][ T9521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.053283][ T9521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.158080][   T27] kauditd_printk_skb: 23 callbacks suppressed
[  501.158094][   T27] audit: type=1326 audit(1777515709.820:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4046d9cdd9 code=0x7ffc0000
[  501.191189][  T739] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.214043][T11767] loop5: detected capacity change from 0 to 512
[  501.232840][  T739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.260843][T11767] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #12: comm syz.5.1514: missing EA_INODE flag
[  501.276585][T11767] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1514: error while reading EA inode 12 err=-117
[  501.283407][   T27] audit: type=1326 audit(1777515709.870:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4046d9cdd9 code=0x7ffc0000
[  501.325549][T11767] EXT4-fs (loop5): 1 orphan inode deleted
[  501.332515][T11767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.393107][   T27] audit: type=1326 audit(1777515709.870:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4046d9cb42 code=0x7ffc0000
[  501.531781][   T27] audit: type=1326 audit(1777515709.870:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4046d5d60e code=0x7ffc0000
[  501.618394][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  501.624791][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  501.949922][   T27] audit: type=1326 audit(1777515709.870:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4046d9cc07 code=0x7ffc0000
[  502.217813][   T27] audit: type=1326 audit(1777515709.870:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4046d5d60e code=0x7ffc0000
[  502.288240][   T27] audit: type=1326 audit(1777515709.870:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4046d9ca6b code=0x7ffc0000
[  502.320093][   T27] audit: type=1326 audit(1777515709.910:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4046d5d60e code=0x7ffc0000
[  502.362990][   T27] audit: type=1326 audit(1777515709.910:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4046d5d60e code=0x7ffc0000
[  502.418688][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.419955][   T27] audit: type=1326 audit(1777515709.910:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.5.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f4046d9bc47 code=0x7ffc0000
[  504.061914][T11803] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  510.020973][   T23] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  510.055689][T11832] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[  510.062668][T11832] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  510.512118][T11832] vhci_hcd vhci_hcd.0: Device attached
[  511.322085][    T9] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  511.362199][T11843] vhci_hcd: connection reset by peer
[  511.845489][   T59] vhci_hcd: stop threads
[  511.969882][   T59] vhci_hcd: release socket
[  512.128773][   T59] vhci_hcd: disconnect device
[  512.379454][T11869] loop6: detected capacity change from 0 to 512
[  513.356426][T11873] loop4: detected capacity change from 0 to 16
[  513.363203][T11873] erofs: Unknown parameter './cgroup.net/syz1'
[  515.764252][T11869] FAT-fs (loop6): Directory bread(block 199916) failed
[  515.825951][T11758] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  516.016912][T11869] FAT-fs (loop6): Directory bread(block 199917) failed
[  516.063741][T11869] FAT-fs (loop6): Directory bread(block 199918) failed
[  516.140587][T11869] FAT-fs (loop6): Directory bread(block 199919) failed
[  516.352013][T11869] FAT-fs (loop6): Directory bread(block 199920) failed
[  517.377905][T11882] netlink: 'syz.4.1539': attribute type 10 has an invalid length.
[  517.385832][T11869] FAT-fs (loop6): Directory bread(block 199921) failed
[  517.385894][T11869] FAT-fs (loop6): Directory bread(block 199922) failed
[  517.385919][T11869] FAT-fs (loop6): Directory bread(block 199923) failed
[  517.425565][    T9] vhci_hcd: vhci_device speed not set
[  517.462341][T11882] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  517.941963][T11882] 8021q: adding VLAN 0 to HW filter on device bond3
[  519.446179][T11888] syz_tun: entered promiscuous mode
[  519.486518][T11888] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  519.567737][T11888] bond3: (slave macvlan2): Enslaving as a backup interface with an up link
[  522.778204][T11928] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1545'.
[  524.035692][ T5810] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  524.557063][ T5810] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  526.256502][ T5810] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  526.285026][ T5810] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  526.385393][ T5810] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.949589][ T5810] usb 7-1: can't set config #27, error -71
[  526.975047][ T5810] usb 7-1: USB disconnect, device number 3
[  527.221388][T11968] loop5: detected capacity change from 0 to 512
[  527.258205][T11968] EXT4-fs error (device loop5): ext4_get_branch:178: inode #13: block 2: comm syz.5.1554: invalid block
[  527.285572][T11968] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1554: invalid indirect mapped block 10 (level 1)
[  527.302930][T11968] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1554: invalid indirect mapped block 8 (level 1)
[  527.322709][T11968] EXT4-fs (loop5): 1 truncate cleaned up
[  527.329680][T11968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.428091][T11968] EXT4-fs error (device loop5): ext4_iget_extra_inode:4739: inode #15: comm syz.5.1554: corrupted in-inode xattr: invalid ea_ino
[  528.825449][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.012526][T11997] loop5: detected capacity change from 0 to 512
[  530.040793][T11997] EXT4-fs: Ignoring removed orlov option
[  530.070974][T11997] EXT4-fs (loop5): Test dummy encryption mode enabled
[  530.093259][T11997] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  530.193092][T11997] EXT4-fs (loop5): 1 truncate cleaned up
[  530.222202][T11997] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.433570][T12011] loop6: detected capacity change from 0 to 512
[  530.686410][T12011] EXT4-fs: test_dummy_encryption requires encrypt feature
[  532.038077][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.475768][T12035] loop5: detected capacity change from 0 to 2048
[  533.987177][T12035] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  535.392119][   T27] kauditd_printk_skb: 31 callbacks suppressed
[  535.392134][   T27] audit: type=1800 audit(1777515744.040:320): pid=12035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1564" name="file1" dev="loop5" ino=1415 res=0 errno=0
[  535.711748][T12053] Malformed UNC in devname
[  535.711748][T12053] 
[  535.718944][T12053] CIFS: VFS: Malformed UNC in devname
[  535.798557][T12054] SET target dimension over the limit!
[  536.591648][T12056] netlink: 'syz.4.1568': attribute type 4 has an invalid length.
[  536.713929][T12056] netlink: 'syz.4.1568': attribute type 4 has an invalid length.
[  542.193981][T12106] loop6: detected capacity change from 0 to 64
[  542.213515][T12099] loop5: detected capacity change from 0 to 64
[  542.614445][T12111] ptrace attach of "./syz-executor exec"[11389] was attempted by "./syz-executor exec"[12111]
[  551.912256][T12171] geneve2: entered promiscuous mode
[  551.917638][T12171] geneve2: entered allmulticast mode
[  558.157738][ T5085] Bluetooth: hci1: unexpected event for opcode 0x0c38
[  562.013093][T12255] can0: slcan on ttyS3.
[  563.065873][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  563.072221][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  563.127320][T12246] can0 (unregistered): slcan off ttyS3.
[  565.906884][T12288] loop4: detected capacity change from 0 to 256
[  567.132836][T12288] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  567.171796][   T27] audit: type=1800 audit(1777515775.830:321): pid=12287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1618" name="file1" dev="loop4" ino=1048636 res=0 errno=0
[  567.204859][T12287] FAT-fs (loop4): error, corrupted file size (i_pos 196, 269308)
[  567.213001][T12287] FAT-fs (loop4): Filesystem has been set read-only
[  567.219791][T12287] FAT-fs (loop4): error, corrupted file size (i_pos 196, 269308)
[  567.230371][T12287] FAT-fs (loop4): error, corrupted file size (i_pos 196, 269308)
[  567.238187][T12287] FAT-fs (loop4): error, corrupted file size (i_pos 196, 269308)
[  567.452910][T12288] FAT-fs (loop4): error, corrupted file size (i_pos 196, 269308)
[  570.486230][T12326] loop4: detected capacity change from 0 to 64
[  570.846384][T12329] syz.6.1635: attempt to access beyond end of device
[  570.846384][T12329] nbd6: rw=0, sector=2, nr_sectors = 2 limit=0
[  570.859720][T12329] vxfs: unable to read disk superblock at 1
[  570.867621][T12329] syz.6.1635: attempt to access beyond end of device
[  570.867621][T12329] nbd6: rw=0, sector=16, nr_sectors = 2 limit=0
[  570.889078][T12329] vxfs: unable to read disk superblock at 8
[  570.895149][T12329] vxfs: can't find superblock.
[  574.373486][T12347] syzkaller0: entered promiscuous mode
[  574.418281][T12347] syzkaller0: entered allmulticast mode
[  575.194094][T12360] loop4: detected capacity change from 0 to 32768
[  575.928936][T12360] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  576.221300][T12360] XFS (loop4): Ending clean mount
[  576.843560][   T27] audit: type=1800 audit(1777515785.460:322): pid=12383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1634" name="file1" dev="loop4" ino=6150 res=0 errno=0
[  578.819391][T12409] loop5: detected capacity change from 0 to 256
[  578.873597][T12409] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  579.008129][T12409] FAT-fs (loop5): error, corrupted file size (i_pos 196, 269308)
[  579.016025][T12409] FAT-fs (loop5): Filesystem has been set read-only
[  579.023029][T12409] FAT-fs (loop5): error, corrupted file size (i_pos 196, 269308)
[  579.033784][T12409] FAT-fs (loop5): error, corrupted file size (i_pos 196, 269308)
[  579.042074][T12409] FAT-fs (loop5): error, corrupted file size (i_pos 196, 269308)
[  579.189266][   T27] audit: type=1800 audit(1777515787.590:323): pid=12409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1640" name="file1" dev="loop5" ino=1048637 res=0 errno=0
[  579.612500][T12409] FAT-fs (loop5): error, corrupted file size (i_pos 196, 269308)
[  579.631792][ T7145] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  581.035540][T10777] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  582.496598][T10777] usb 5-1: config 0 has an invalid interface number: 69 but max is 0
[  582.504725][T10777] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  582.515703][T10777] usb 5-1: config 0 has no interface number 0
[  582.525002][T10777] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  582.535517][T10777] usb 5-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  582.565852][T10777] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  582.579025][T10777] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.588193][T10777] usb 5-1: Product: syz
[  582.592381][T10777] usb 5-1: Manufacturer: syz
[  582.597145][T10777] usb 5-1: SerialNumber: syz
[  582.606542][T10777] usb 5-1: config 0 descriptor??
[  582.623482][T10777] cyberjack 5-1:0.69: required endpoints missing
[  582.939624][T12425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.973562][T12425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.905131][T12451] loop6: detected capacity change from 0 to 32768
[  583.971630][T12425] mmap: syz.4.1641 (12425) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  583.983869][T12451] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  584.063035][T12451] XFS (loop6): Torn write (CRC failure) detected at log block 0x40. Truncating head block from 0x50.
[  584.098494][T12451] XFS (loop6): Starting recovery (logdev: internal)
[  584.115833][T12451] XFS (loop6): Ending recovery (logdev: internal)
[  584.315755][T11389] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  584.449817][    T8] usb 5-1: USB disconnect, device number 16
[  585.384240][T10777] IPVS: starting estimator thread 0...
[  585.545561][T12475] IPVS: using max 24 ests per chain, 57600 per kthread
[  591.563168][T12506] Bluetooth: hci4: command 0x0406 tx timeout
[  592.249466][T12542] binder: Binderfs stats mode cannot be changed during a remount
[  594.838936][T12551] NILFS (nullb0): couldn't find nilfs on the device
[  600.331032][T12620] loop6: detected capacity change from 0 to 4096
[  600.614878][T12620] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  600.628542][T12620] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  600.659815][T12620] ntfs: (device loop6): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  600.671459][T12620] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  600.684848][T12620] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  600.785635][T12620] ntfs: volume version 3.1.
[  600.832292][T12620] ntfs: (device loop6): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  600.843732][T12620] ntfs: (device loop6): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  600.855396][T12620] ntfs: (device loop6): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  600.915935][T12620] ntfs: (device loop6): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt.
[  600.926700][T12620] ntfs: (device loop6): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2.
[  605.975923][T12675] 9pnet_fd: Insufficient options for proto=fd
[  609.090970][T12709] 9pnet_virtio: no channels available for device syz
[  609.618298][T12715] overlayfs: failed to clone lowerpath
[  612.615478][T10777] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  612.815623][T10777] usb 7-1: config 0 has an invalid interface number: 69 but max is 0
[  612.835520][T10777] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  612.885535][T10777] usb 7-1: config 0 has no interface number 0
[  612.901955][T10777] usb 7-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  612.945470][T10777] usb 7-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.987808][T10777] usb 7-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  612.997338][T10777] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.027622][T10777] usb 7-1: Product: syz
[  613.031842][T10777] usb 7-1: Manufacturer: syz
[  613.065438][T10777] usb 7-1: SerialNumber: syz
[  613.087725][T10777] usb 7-1: config 0 descriptor??
[  613.114365][T10777] cyberjack 7-1:0.69: required endpoints missing
[  613.371889][T12732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  613.420640][T12732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  613.872990][T12753] loop4: detected capacity change from 0 to 32768
[  613.944237][T12753] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  613.990709][ T5809] usb 7-1: USB disconnect, device number 4
[  614.060307][T12753] XFS (loop4): Ending clean mount
[  614.071607][T12753] XFS (loop4): Quotacheck needed: Please wait.
[  614.123451][T12753] XFS (loop4): Quotacheck: Done.
[  614.648998][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  614.649014][   T27] audit: type=1800 audit(1777515823.090:324): pid=12771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1699" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=4429 res=0 errno=0
[  614.875492][ T7145] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  615.068485][T12780] loop6: detected capacity change from 0 to 256
[  615.296270][T12780] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  615.383122][T12780] FAT-fs (loop6): error, corrupted file size (i_pos 196, 269308)
[  615.391227][T12780] FAT-fs (loop6): Filesystem has been set read-only
[  615.398341][T12780] FAT-fs (loop6): error, corrupted file size (i_pos 196, 269308)
[  615.406519][T12780] FAT-fs (loop6): error, corrupted file size (i_pos 196, 269308)
[  615.417232][T12780] FAT-fs (loop6): error, corrupted file size (i_pos 196, 269308)
[  615.489785][   T27] audit: type=1800 audit(1777515824.010:325): pid=12780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1702" name="file1" dev="loop6" ino=1048648 res=0 errno=0
[  615.851591][T12779] FAT-fs (loop6): error, corrupted file size (i_pos 196, 269308)
[  618.860358][T12804] loop5: detected capacity change from 0 to 512
[  619.075282][T12804] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  619.105630][T12804] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  619.456360][T12817] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  619.475936][T12817] Quota error (device loop5): write_blk: dquota write failed
[  619.484508][T12817] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  619.494667][T12817] EXT4-fs error (device loop5): ext4_acquire_dquot:6953: comm syz.5.1708: Failed to acquire dquot type 0
[  619.975571][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.776447][ T5809] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  622.988676][ T5809] usb 5-1: unable to get BOS descriptor or descriptor too short
[  623.007978][ T5809] usb 5-1: not running at top speed; connect to a high speed hub
[  623.039296][ T5809] usb 5-1: config 12 has an invalid interface number: 231 but max is 0
[  623.067909][T12862] 9pnet_fd: Insufficient options for proto=fd
[  623.069272][ T5809] usb 5-1: config 12 has no interface number 0
[  623.099200][ T5809] usb 5-1: config 12 interface 231 has no altsetting 0
[  623.131508][ T5809] usb 5-1: New USB device found, idVendor=2040, idProduct=9941, bcdDevice=93.b7
[  623.279969][ T5809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.295623][ T5809] usb 5-1: Product: syz
[  623.299975][ T5809] usb 5-1: Manufacturer: syz
[  623.304583][ T5809] usb 5-1: SerialNumber: syz
[  624.021715][T12855] xt_recent: hitcount (262144) is larger than allowed maximum (255)
[  624.044330][T12855] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1715'.
[  624.140885][T12885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  624.175085][T12885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  624.998578][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  625.004897][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  625.093912][ T5809] dvb-usb: found a 'Hauppauge Nova-T 500 Dual DVB-T' in cold state, will try to load a firmware
[  625.526854][ T5809] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  625.539038][ T5809] dib0700: firmware download failed at 7 with -71
[  625.873041][ T5809] usb 5-1: USB disconnect, device number 17
[  626.925414][T12903] netlink: 'syz.6.1724': attribute type 3 has an invalid length.
[  627.020647][T12903] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1724'.
[  627.208153][ T5085] Bluetooth: hci1: unexpected event 0x30 length: 255 > 3
[  629.119756][T12935] netlink: 'syz.6.1730': attribute type 1 has an invalid length.
[  631.267761][T12935] 8021q: adding VLAN 0 to HW filter on device bond1
[  631.686754][T12940] bond1: (slave geneve2): making interface the new active one
[  631.758610][T12940] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  636.899302][T13014] žÿ: renamed from team_slave_1
[  638.826569][T13037] 9pnet_fd: Insufficient options for proto=fd
[  643.492519][T13080] 9pnet_virtio: no channels available for device syz
[  643.628540][T13083] loop4: detected capacity change from 0 to 128
[  643.836296][T13087] futex_wake_op: syz.4.1754 tries to shift op by -1; fix this program
[  646.310496][T13103] loop4: detected capacity change from 0 to 128
[  646.567283][T13103] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  646.584764][T13103] hpfs: filesystem error: improperly stopped
[  646.591802][T13103] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  646.599968][T13103] hpfs: You really don't want any checks? You are crazy...
[  646.618582][T13103] hpfs: hpfs_map_sector(): read error
[  646.624083][T13103] hpfs: code page support is disabled
[  646.698357][T13103] hpfs: hpfs_map_4sectors(): unaligned read
[  646.704965][T13103] hpfs: hpfs_map_4sectors(): unaligned read
[  646.710959][T13103] hpfs: filesystem error: unable to find root dir
[  647.202136][T13117] capability: warning: `syz.6.1760' uses deprecated v2 capabilities in a way that may be insecure
[  649.323191][ T5085] Bluetooth: hci3: unexpected event 0x30 length: 255 > 3
[  649.411362][T13126] 9pnet_fd: Insufficient options for proto=fd
[  662.587563][T13247] loop6: detected capacity change from 0 to 256
[  662.709376][T13248] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1788'.
[  665.076164][   T27] audit: type=1326 audit(1777515873.720:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.110791][   T27] audit: type=1326 audit(1777515873.720:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.163467][   T27] audit: type=1326 audit(1777515873.720:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.221936][   T27] audit: type=1326 audit(1777515873.730:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.493316][   T27] audit: type=1326 audit(1777515873.730:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.554482][   T27] audit: type=1326 audit(1777515873.730:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  665.988497][   T27] audit: type=1326 audit(1777515873.730:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  666.218226][   T27] audit: type=1326 audit(1777515873.730:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  666.296325][   T27] audit: type=1326 audit(1777515873.730:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  666.355244][   T27] audit: type=1326 audit(1777515873.730:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.1.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  668.300162][T13314] loop4: detected capacity change from 0 to 16
[  668.307459][T13314] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  672.107265][T13347] loop5: detected capacity change from 0 to 40427
[  672.156689][T13347] F2FS-fs (loop5): invalid crc value
[  672.184614][T13347] F2FS-fs (loop5): Found nat_bits in checkpoint
[  672.214767][T13347] F2FS-fs (loop5): Start checkpoint disabled!
[  672.253648][T13347] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  674.143734][T13369] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1807'.
[  674.485206][ T9511] kworker/u4:16: attempt to access beyond end of device
[  674.485206][ T9511] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  674.533378][ T9511] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  674.555934][ T9511] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  680.055264][T13420] loop5: detected capacity change from 0 to 2048
[  681.697135][T13420] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  681.749732][T13420] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  681.845504][    T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  681.881786][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.129086][    T8] usb 7-1: device descriptor read/64, error -71
[  682.515656][    T8] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  684.065043][T13447] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1820'.
[  685.951005][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  685.957886][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  687.271700][T13465] loop5: detected capacity change from 0 to 512
[  687.279282][T13465] ext2: Unknown parameter 'permit_directio'
[  688.432754][    T8] usb 7-1: device descriptor read/64, error -110
[  688.606297][    T8] usb usb7-port1: attempt power cycle
[  689.025535][T13468] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  689.665570][    T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  689.725924][    T8] usb 7-1: device descriptor read/8, error -32
[  690.400580][    T8] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  690.447097][    T8] usb 7-1: device descriptor read/8, error -32
[  690.603349][T13481] žÿ: renamed from team_slave_1 (while UP)
[  690.652467][    T8] usb usb7-port1: unable to enumerate USB device
[  692.860808][T13497] dlm: Unknown command passed to DLM device : 3
[  692.860808][T13497] 
[  693.817367][T13508] batman_adv: batadv0: Adding interface: macsec1
[  693.824538][T13508] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  693.850210][T13508] batman_adv: batadv0: Interface activated: macsec1
[  694.823024][ T5085] Bluetooth: hci3: unexpected event for opcode 0x0406
[  696.365480][T13526] loop5: detected capacity change from 0 to 32768
[  696.390104][T13526] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1841 (13526)
[  696.427481][T13526] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  696.437713][T13526] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  696.446502][T13526] BTRFS info (device loop5): using free space tree
[  696.520177][T13526] BTRFS info (device loop5): enabling ssd optimizations
[  696.527190][T13526] BTRFS info (device loop5): auto enabling async discard
[  696.658394][    T8] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  696.955725][    T8] usb 7-1: device descriptor read/64, error -71
[  697.516254][    T8] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  697.533513][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  697.533527][   T27] audit: type=1800 audit(1777515906.190:343): pid=13526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1841" name="file1" dev="loop5" ino=260 res=0 errno=0
[  697.907492][T13555] vivid-007: disconnect
[  698.180098][T13524] vivid-007: reconnect
[  700.291801][ T7206] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  701.211040][T11842] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop5 scanned by udevd (11842)
[  701.620302][T13570] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1846'.
[  703.282753][T13582] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  703.984852][T13593] securityfs: Unknown parameter ''
[  706.740169][T13610] loop4: detected capacity change from 0 to 128
[  707.574000][T13612] x_tables: duplicate underflow at hook 2
[  708.547829][T13618] loop6: detected capacity change from 0 to 32768
[  708.578966][T13618] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 10
[  709.297941][T13619] loop4: detected capacity change from 0 to 8192
[  709.422256][T11758] I/O error, dev loop6, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  709.444877][T13619] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  709.587237][T13628] vivid-007: disconnect
[  709.592411][T13619] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  709.844959][T13619] REISERFS (device loop4): using ordered data mode
[  710.268692][T13619] reiserfs: using flush barriers
[  710.562926][T13617] vivid-007: reconnect
[  710.578472][T13619] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  710.596641][T13619] REISERFS (device loop4): checking transaction log (loop4)
[  710.718256][T13619] REISERFS (device loop4): Using r5 hash to sort names
[  710.740887][T13619] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  712.039578][T13645] block device autoloading is deprecated and will be removed.
[  715.076918][T13670] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1869'.
[  715.410439][T13671] vcan0: tx address claim with dlc 0
[  715.494619][T13675] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  715.532899][T13675] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  715.552478][T13675] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  715.572917][T13675] geneve3: entered promiscuous mode
[  715.579574][T13675] geneve3: entered allmulticast mode
[  715.600322][T13675] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  715.745384][T13675] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  716.127833][T13675] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  717.241486][T13689] Cannot find add_set index 0 as target
[  717.876274][T13691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:34) already exists on: macsec1
[  717.886180][T13691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.897666][T13691] batman_adv: batadv0: Adding interface: macsec1
[  717.903999][T13691] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  717.929563][T13691] batman_adv: batadv0: Interface activated: macsec1
[  718.355782][   T27] audit: type=1326 audit(1777515927.010:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  718.389904][T13697] loop4: detected capacity change from 0 to 512
[  718.403820][T13697] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0002]
[  718.572796][T13703] ip6t_REJECT: ECHOREPLY is not supported
[  718.685670][   T27] audit: type=1326 audit(1777515927.010:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  718.769786][   T27] audit: type=1326 audit(1777515927.010:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  719.151962][T13697] System zones: 1-12
[  719.181426][   T27] audit: type=1326 audit(1777515927.010:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  719.272150][T13697] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #12: comm syz.4.1879: missing EA_INODE flag
[  719.323773][   T27] audit: type=1326 audit(1777515927.010:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  719.340750][T13697] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.1879: error while reading EA inode 12 err=-117
[  719.402867][   T27] audit: type=1326 audit(1777515927.010:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  719.437048][T13697] EXT4-fs (loop4): 1 orphan inode deleted
[  719.444121][T13697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  719.665472][   T27] audit: type=1326 audit(1777515927.010:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  719.742745][T13715] overlayfs: missing 'lowerdir'
[  720.563850][   T27] audit: type=1326 audit(1777515927.010:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  720.590227][ T7145] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.536286][   T27] audit: type=1326 audit(1777515927.010:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  721.675498][   T27] audit: type=1326 audit(1777515927.870:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13698 comm="syz.1.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d379cdd9 code=0x7ffc0000
[  725.071146][ T5085] Bluetooth: hci4: unknown advertising packet type: 0x70
[  728.702975][T13772] loop6: detected capacity change from 0 to 128
[  730.869633][T13782] loop5: detected capacity change from 0 to 512
[  730.944094][T13782] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0002]
[  730.994441][T13782] System zones: 1-12
[  731.038888][T13782] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #12: comm syz.5.1902: missing EA_INODE flag
[  731.101493][T13782] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1902: error while reading EA inode 12 err=-117
[  731.131938][T13782] EXT4-fs (loop5): 1 orphan inode deleted
[  731.151335][T13782] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  732.672227][T13797] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1905'.
[  733.217785][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.105754][ T5810] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  737.335463][ T5810] usb 6-1: device descriptor read/64, error -71
[  738.915412][ T5810] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  739.435784][T10777] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  739.554265][T13858] securityfs: Unknown parameter ''
[  739.689951][T10777] usb 5-1: Using ep0 maxpacket: 16
[  739.761625][T10777] usb 5-1: config index 0 descriptor too short (expected 16456, got 72)
[  739.970754][T10777] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  740.760572][T10777] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  740.769455][T10777] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  740.778194][T10777] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  740.787204][T10777] usb 5-1: config 0 has no interface number 0
[  740.793552][T10777] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  740.833001][T10777] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  740.986799][T10777] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  741.080701][T10777] usb 5-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  741.197884][T10777] usb 5-1: config 0 interface 125 has no altsetting 0
[  741.272652][T10777] usb 5-1: config 0 interface 125 has no altsetting 2
[  741.370367][T10777] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  741.461948][T10777] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.554275][T10777] usb 5-1: Product: syz
[  741.597707][T10777] usb 5-1: Manufacturer: syz
[  741.653259][T10777] usb 5-1: SerialNumber: syz
[  742.884193][T10777] usb 5-1: config 0 descriptor??
[  743.642513][T10777] usb 5-1: can't set config #0, error -71
[  743.763124][T10777] usb 5-1: USB disconnect, device number 18
[  744.300110][ T5810] usb 6-1: device descriptor read/64, error -110
[  745.235725][ T5810] usb usb6-port1: attempt power cycle
[  746.355639][ T5810] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  746.490959][T13899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1927'.
[  746.702837][ T5810] usb 6-1: device not accepting address 13, error -71
[  747.167525][T13904] IPv6: syztnl0: Disabled Multicast RS
[  747.384676][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  747.399558][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  749.626528][T13915] securityfs: Unknown parameter ''
[  749.869956][T13915] snd_dummy snd_dummy.0: control 6:65278:0:syz0:-259 is already present
[  752.461894][T13940] loop5: detected capacity change from 0 to 512
[  752.489151][T13940] EXT4-fs: test_dummy_encryption requires encrypt feature
[  753.077702][T13939] loop5: detected capacity change from 0 to 512
[  753.077901][T13872] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  753.126585][T13939] 
[  753.128941][T13939] ======================================================
[  753.135961][T13939] WARNING: possible circular locking dependency detected
[  753.142970][T13939] syzkaller #0 Not tainted
[  753.147362][T13939] ------------------------------------------------------
[  753.154375][T13939] syz.5.1937/13939 is trying to acquire lock:
[  753.160430][T13939] ffff88805b3f8c58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1a4/0x350
[  753.170442][T13939] 
[  753.170442][T13939] but task is already holding lock:
[  753.177796][T13939] ffff88805dfb00c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  753.187614][T13939] 
[  753.187614][T13939] which lock already depends on the new lock.
[  753.187614][T13939] 
[  753.198011][T13939] 
[  753.198011][T13939] the existing dependency chain (in reverse order) is:
[  753.207010][T13939] 
[  753.207010][T13939] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  753.214560][T13939]        down_write+0x97/0x200
[  753.219323][T13939]        ext4_destroy_inline_data+0x28/0xe0
[  753.225205][T13939]        ext4_do_writepages+0x4f0/0x3990
[  753.230826][T13939]        ext4_writepages+0x1dd/0x350
[  753.236109][T13939]        do_writepages+0x3b3/0x630
[  753.241296][T13939]        filemap_fdatawrite_wbc+0x122/0x180
[  753.247177][T13939]        file_write_and_wait_range+0x197/0x280
[  753.253398][T13939]        generic_buffers_fsync_noflush+0x6f/0x160
[  753.259889][T13939]        ext4_sync_file+0x45b/0xd30
[  753.265068][T13939]        ext4_buffered_write_iter+0x2c0/0x350
[  753.271122][T13939]        ext4_file_write_iter+0x1d9/0x1880
[  753.276906][T13939]        vfs_write+0x46c/0x990
[  753.281653][T13939]        __x64_sys_pwrite64+0x19b/0x230
[  753.287181][T13939]        do_syscall_64+0x55/0xa0
[  753.292104][T13939]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  753.298508][T13939] 
[  753.298508][T13939] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  753.306907][T13939]        __lock_acquire+0x2df1/0x7d40
[  753.312257][T13939]        lock_acquire+0x19e/0x420
[  753.317262][T13939]        percpu_down_read+0x44/0x1a0
[  753.322546][T13939]        ext4_writepages+0x1a4/0x350
[  753.327986][T13939]        do_writepages+0x3b3/0x630
[  753.333078][T13939]        __writeback_single_inode+0x153/0xec0
[  753.339133][T13939]        writeback_single_inode+0x21f/0x760
[  753.345003][T13939]        write_inode_now+0x183/0x210
[  753.350290][T13939]        iput+0x5ae/0x920
[  753.354612][T13939]        ext4_xattr_block_set+0x273f/0x32b0
[  753.360499][T13939]        ext4_expand_extra_isize_ea+0x12c5/0x1e80
[  753.366902][T13939]        __ext4_expand_extra_isize+0x306/0x400
[  753.373056][T13939]        __ext4_mark_inode_dirty+0x45d/0x6e0
[  753.379033][T13939]        ext4_evict_inode+0x7f3/0xea0
[  753.384392][T13939]        evict+0x4ca/0x8d0
[  753.388804][T13939]        ext4_orphan_cleanup+0xbec/0x1420
[  753.394513][T13939]        ext4_fill_super+0x5eea/0x67b0
[  753.399958][T13939]        get_tree_bdev+0x3f3/0x520
[  753.405058][T13939]        vfs_get_tree+0x8c/0x280
[  753.409979][T13939]        do_new_mount+0x24b/0xa40
[  753.415020][T13939]        __se_sys_mount+0x2e7/0x3d0
[  753.420203][T13939]        do_syscall_64+0x55/0xa0
[  753.425153][T13939]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  753.431558][T13939] 
[  753.431558][T13939] other info that might help us debug this:
[  753.431558][T13939] 
[  753.441869][T13939]  Possible unsafe locking scenario:
[  753.441869][T13939] 
[  753.449398][T13939]        CPU0                    CPU1
[  753.454857][T13939]        ----                    ----
[  753.460213][T13939]   lock(&ei->xattr_sem);
[  753.464526][T13939]                                lock(&sbi->s_writepages_rwsem);
[  753.472247][T13939]                                lock(&ei->xattr_sem);
[  753.479084][T13939]   rlock(&sbi->s_writepages_rwsem);
[  753.484353][T13939] 
[  753.484353][T13939]  *** DEADLOCK ***
[  753.484353][T13939] 
[  753.492482][T13939] 3 locks held by syz.5.1937/13939:
[  753.497672][T13939]  #0: ffff888055ce60e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x353/0x520
[  753.508008][T13939]  #1: ffff888055ce6608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2bf/0xea0
[  753.517382][T13939]  #2: ffff88805dfb00c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  753.527624][T13939] 
[  753.527624][T13939] stack backtrace:
[  753.533484][T13939] CPU: 0 PID: 13939 Comm: syz.5.1937 Not tainted syzkaller #0
[  753.540919][T13939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  753.550954][T13939] Call Trace:
[  753.554216][T13939]  <TASK>
[  753.557133][T13939]  dump_stack_lvl+0x18c/0x250
[  753.561794][T13939]  ? load_image+0x420/0x420
[  753.566305][T13939]  ? show_regs_print_info+0x20/0x20
[  753.571504][T13939]  ? print_circular_bug+0x12b/0x1a0
[  753.576687][T13939]  check_noncircular+0x2fc/0x400
[  753.581606][T13939]  ? look_up_lock_class+0x75/0x140
[  753.586703][T13939]  ? print_deadlock_bug+0x5d0/0x5d0
[  753.591878][T13939]  ? lockdep_lock+0xf5/0x230
[  753.596454][T13939]  ? _find_first_zero_bit+0xd3/0x100
[  753.601719][T13939]  __lock_acquire+0x2df1/0x7d40
[  753.606552][T13939]  ? mark_lock+0x94/0x320
[  753.610860][T13939]  ? verify_lock_unused+0x140/0x140
[  753.616044][T13939]  ? __lock_acquire+0x1347/0x7d40
[  753.621048][T13939]  ? verify_lock_unused+0x140/0x140
[  753.626226][T13939]  lock_acquire+0x19e/0x420
[  753.630712][T13939]  ? ext4_writepages+0x1a4/0x350
[  753.635632][T13939]  ? __might_sleep+0xe0/0xe0
[  753.640200][T13939]  ? read_lock_is_recursive+0x20/0x20
[  753.645551][T13939]  ? mark_lock+0x94/0x320
[  753.649872][T13939]  ? __lock_acquire+0x1347/0x7d40
[  753.654887][T13939]  percpu_down_read+0x44/0x1a0
[  753.659636][T13939]  ? ext4_writepages+0x1a4/0x350
[  753.664558][T13939]  ext4_writepages+0x1a4/0x350
[  753.669310][T13939]  ? ext4_read_folio+0x2f0/0x2f0
[  753.674235][T13939]  ? __rwlock_init+0x150/0x150
[  753.678991][T13939]  ? do_raw_spin_unlock+0x121/0x230
[  753.684179][T13939]  ? ext4_read_folio+0x2f0/0x2f0
[  753.689105][T13939]  do_writepages+0x3b3/0x630
[  753.693713][T13939]  ? folio_clear_dirty_for_io+0xc30/0xc30
[  753.699435][T13939]  ? writeback_single_inode+0x214/0x760
[  753.704970][T13939]  ? __lock_acquire+0x7d40/0x7d40
[  753.709975][T13939]  ? do_raw_spin_lock+0x11f/0x2c0
[  753.715015][T13939]  __writeback_single_inode+0x153/0xec0
[  753.720553][T13939]  writeback_single_inode+0x21f/0x760
[  753.725912][T13939]  ? write_inode_now+0x210/0x210
[  753.730840][T13939]  write_inode_now+0x183/0x210
[  753.735592][T13939]  ? bdi_split_work_to_wbs+0x910/0x910
[  753.741042][T13939]  ? do_raw_spin_unlock+0x121/0x230
[  753.746225][T13939]  iput+0x5ae/0x920
[  753.750014][T13939]  ext4_xattr_block_set+0x273f/0x32b0
[  753.755400][T13939]  ? __might_sleep+0xe0/0xe0
[  753.760006][T13939]  ? xattr_find_entry+0x12b/0x2f0
[  753.765026][T13939]  ? ext4_xattr_block_find+0x350/0x350
[  753.770482][T13939]  ? ext4_xattr_block_find+0x2d4/0x350
[  753.775937][T13939]  ext4_expand_extra_isize_ea+0x12c5/0x1e80
[  753.781869][T13939]  __ext4_expand_extra_isize+0x306/0x400
[  753.787517][T13939]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  753.792966][T13939]  ext4_evict_inode+0x7f3/0xea0
[  753.797808][T13939]  ? _raw_spin_unlock+0x28/0x40
[  753.802645][T13939]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  753.808535][T13939]  ? do_raw_spin_unlock+0x121/0x230
[  753.813735][T13939]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  753.819614][T13939]  evict+0x4ca/0x8d0
[  753.823496][T13939]  ? proc_nr_inodes+0x230/0x230
[  753.828339][T13939]  ? do_raw_spin_unlock+0x121/0x230
[  753.833520][T13939]  ? _raw_spin_unlock+0x28/0x40
[  753.838352][T13939]  ? iput+0x706/0x920
[  753.842316][T13939]  ext4_orphan_cleanup+0xbec/0x1420
[  753.847497][T13939]  ? ext4_orphan_del+0xbf0/0xbf0
[  753.852415][T13939]  ? ext4_register_li_request+0x183/0x940
[  753.858120][T13939]  ? errseq_check_and_advance+0x66/0x120
[  753.863736][T13939]  ext4_fill_super+0x5eea/0x67b0
[  753.868676][T13939]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  753.874911][T13939]  ? __might_sleep+0xe0/0xe0
[  753.879503][T13939]  ? read_lock_is_recursive+0x20/0x20
[  753.884877][T13939]  ? snprintf+0xe9/0x140
[  753.889111][T13939]  ? down_read_killable+0x340/0x340
[  753.894294][T13939]  ? setup_bdev_super+0x56b/0x660
[  753.899305][T13939]  get_tree_bdev+0x3f3/0x520
[  753.903903][T13939]  ? vfs_parse_fs_string+0x170/0x170
[  753.909177][T13939]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  753.915402][T13939]  ? setup_bdev_super+0x660/0x660
[  753.920415][T13939]  ? apparmor_capable+0x137/0x1a0
[  753.925424][T13939]  ? bpf_lsm_capable+0x9/0x10
[  753.930097][T13939]  ? security_capable+0x89/0xb0
[  753.934945][T13939]  vfs_get_tree+0x8c/0x280
[  753.939346][T13939]  do_new_mount+0x24b/0xa40
[  753.943829][T13939]  __se_sys_mount+0x2e7/0x3d0
[  753.948487][T13939]  ? __x64_sys_mount+0xc0/0xc0
[  753.953226][T13939]  ? lockdep_hardirqs_on+0x98/0x150
[  753.958407][T13939]  ? __x64_sys_mount+0x20/0xc0
[  753.963146][T13939]  do_syscall_64+0x55/0xa0
[  753.967537][T13939]  ? clear_bhb_loop+0x40/0x90
[  753.972211][T13939]  ? clear_bhb_loop+0x40/0x90
[  753.976873][T13939]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  753.982747][T13939] RIP: 0033:0x7f4046d9e04a
[  753.987141][T13939] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  754.006730][T13939] RSP: 002b:00007f4047c7be58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  754.015120][T13939] RAX: ffffffffffffffda RBX: 00007f4047c7bee0 RCX: 00007f4046d9e04a
[  754.023069][T13939] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f4047c7bea0
[  754.031022][T13939] RBP: 0000200000000180 R08: 00007f4047c7bee0 R09: 0000000000800700
[  754.038989][T13939] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000000
[  754.046942][T13939] R13: 00007f4047c7bea0 R14: 000000000000047a R15: 0000200000000300
[  754.054896][T13939]  </TASK>
[  754.073341][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.1937: iget: bad extra_isize 90 (inode size 256)
[  754.087029][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1937: error while reading EA inode 11 err=-117
[  754.846437][T13939] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  754.861052][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.1937: iget: bad extra_isize 90 (inode size 256)
[  754.874737][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1937: error while reading EA inode 11 err=-117
[  754.887312][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.1937: iget: bad extra_isize 90 (inode size 256)
[  754.900979][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1937: error while reading EA inode 18 err=-117
[  754.913622][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.1937: iget: bad extra_isize 90 (inode size 256)
[  754.928596][T13939] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1937: error while reading EA inode 18 err=-117
[  754.941287][T13939] EXT4-fs (loop5): 1 orphan inode deleted
[  754.948024][T13939] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  755.113301][ T7206] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.