last executing test programs:

4m48.056106595s ago: executing program 4 (id=1132):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80}, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20402, 0x0)
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
r3 = syz_io_uring_setup(0x254c, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000900)={&(0x7f0000003000), 0x0, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r3, 0x17, 0x0, 0x1)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1006, &(0x7f0000002080)=""/4102, 0x0, 0x3}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r2, 0xffffffffffffffff, 0x0, 0x22, &(0x7f0000000240)='cg\x89\x9b@\xc4\xbf\xc1\x9b\xc7\xa9h\xad\xbbmn\x19\xb3\xb1\xa3K8*\xe9\x00'/34}, 0xffffff63)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x5, 0x1, 0x0, 0x5, 0x43, <r5=>r2})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000340)={'\x00', 0x5, 0x8, 0x40a, 0x4, 0x7fffffff, r5})
syz_open_dev$video4linux(&(0x7f00000060c0), 0x7, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x5}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8003, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)

4m46.412016119s ago: executing program 4 (id=1139):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
ioprio_set$pid(0x3, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
pwritev2(r1, &(0x7f0000001300)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1, 0xff, 0xd3fe, 0x33)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000006c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000006,umask=00000000000000000000002,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000005,iocharset=iso8859-3,namecase=1,fmask=00000000000000000000406,fmask=00000000000000000000005,fmask=00000000000000000000006,gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharsjt=iso8859-3,\x00'], 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
creat(&(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xa0000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$rds(r1, &(0x7f00000016c0)={&(0x7f0000000200)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001340)=""/211, 0xd3}, {&(0x7f0000001440)=""/116, 0x74}, {&(0x7f00000014c0)=""/224, 0xe0}], 0x3, &(0x7f0000001640)=[@mask_fadd={0x58, 0x114, 0x8, {{0x2, 0x5}, &(0x7f00000015c0)=0x2, &(0x7f0000001600)=0x1, 0x81, 0xb09a, 0x7, 0x5, 0x8, 0x5}}], 0x58, 0x400a800}, 0x800)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="38000000070a050000200000000000000a0040010900010073797a3100000040090002"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@host})
fanotify_init(0x60, 0x8000)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi2\x00', 0x103040, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x40080)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000080)={'s526\x00', [0x401, 0x181, 0x2, 0xb, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x180, 0x13, 0x100, 0xffffffa7, 0x9, 0x134d, 0x1, 0x3fd, 0x4000009, 0x7, 0xe2df, 0x5, 0x1, 0x4, 0x40000, 0x7, 0xf58, 0x8]})
ioctl$FIBMAP(r5, 0x1, &(0x7f0000001700)=0xfaa2)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x0, 0x0, 0x1, 0x80000001})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000140)={&(0x7f0000000300)=[0x4, 0x6, 0x1, 0x9, 0x5, 0x401, 0x200, 0x4, 0x0, 0xcb0d, 0x770f, 0xff, 0x4, 0x81, 0x2, 0x5, 0x1d, 0x0, 0x78, 0xb, 0x5, 0x6, 0x8, 0x9, 0x69, 0x5, 0xfffffff4, 0x7fff, 0x8, 0xe00, 0x0, 0x3, 0x81, 0x7f, 0x0, 0xfffffff4, 0x15a0, 0xffffff7f, 0x8, 0x5d, 0x800, 0xf94, 0xff, 0x1ff, 0x2, 0xfffffff9, 0xe, 0xffffbb46, 0x7, 0x4, 0x1, 0x3, 0x5, 0x1000, 0x6, 0x3, 0x1, 0x8, 0x80, 0xc, 0x7, 0x8, 0x2, 0x1, 0x3, 0x1800000, 0x3, 0x5, 0x400, 0x5, 0x9, 0x1, 0xd0d, 0x2, 0x1000, 0x9, 0x3, 0x6d, 0xfffffffc, 0x1ff, 0xffffffc0, 0x0, 0x5, 0x8, 0x8, 0x2, 0xf0, 0x5, 0x7, 0x6, 0x4469, 0xb, 0xfffffb4c, 0x80000001, 0xe5f9, 0x0, 0x4, 0xd4, 0xffffffff, 0x200000, 0x9, 0x2, 0x4, 0x5, 0x2, 0x3, 0x8f, 0x7, 0x46, 0x5, 0x4, 0x6d03, 0x8001, 0x9, 0x3, 0x0, 0x8e7a, 0x2, 0x8, 0xfffffff1, 0x5, 0x1000000, 0xfff3, 0x4, 0x1, 0x80000000, 0x3ff, 0x81, 0x100, 0x8, 0xfffffffb, 0x4, 0xfffffffc, 0x1, 0x7, 0x3, 0x0, 0x43, 0xffff6a70, 0xc, 0xa092, 0x8, 0x877, 0x1, 0x3, 0x800, 0x5, 0x0, 0x8001, 0x48c, 0x7, 0x2, 0x13, 0x3, 0x3, 0x9, 0x0, 0x70000000, 0x2, 0x8, 0x2, 0x1b1c, 0x8, 0xb5, 0x8, 0x401, 0xfff, 0x5, 0x1, 0xa008, 0x9, 0x8, 0xe4, 0x898, 0x7, 0x81, 0x0, 0x1ff, 0x5, 0x80000000, 0x1, 0x8, 0x1, 0x5, 0x4251, 0x6, 0x4, 0x6, 0x4008, 0x200, 0x5, 0x73f7, 0x6, 0x8001, 0x80, 0xd5, 0x6, 0x800000, 0x40, 0xfffffe03, 0x2, 0x80000001, 0x7f, 0xfffffffa, 0xff, 0x4, 0x4b031fcb, 0x7, 0xf3, 0x40, 0xffffffff, 0x1, 0x0, 0x3, 0x6, 0xffffffff, 0x5, 0x6, 0x3, 0x9, 0xfd, 0xd, 0x1000, 0x94, 0xd52, 0x3, 0xfffffeff, 0xba7, 0x400, 0x4, 0x0, 0x80000001, 0x7, 0x10001, 0xfff, 0x9, 0x2, 0x9, 0x1, 0xfffffff9, 0x6, 0x62, 0x668, 0xffff, 0x0, 0x7, 0x6, 0x0, 0x49, 0x2, 0x5f4, 0x3fd, 0xfffffffe, 0x4, 0x6, 0x9, 0x0, 0x5, 0x4, 0x6, 0x3, 0x1ff, 0xc3f6, 0x7, 0x8, 0xfffffffe, 0xff, 0x8000, 0x7, 0x100, 0x43, 0x2, 0xc7b, 0xe2a0, 0x5, 0x6, 0x81, 0x6, 0x0, 0x3, 0x75c, 0x1, 0x10000, 0x3f, 0x24f7, 0x5, 0x9, 0xd8c, 0x7ffffffd, 0xe, 0xfffff6d2, 0x0, 0x0, 0x3, 0x9, 0x800, 0x5, 0x9, 0x80000000, 0x1, 0x9dcb, 0x8, 0x4, 0x8001, 0x9, 0x7, 0x6, 0x7, 0x81, 0x7ff, 0x0, 0x7, 0x1c00000, 0x5, 0x10, 0x2, 0x1, 0x4, 0xac, 0x8001, 0xb2, 0x4, 0x84f4, 0xf, 0x0, 0x6, 0x6, 0x3ef, 0x7, 0x101, 0x3, 0x4, 0xa, 0x7f, 0x5, 0x2, 0x7ff, 0xffff094f, 0x9, 0x80, 0x6, 0xfffffffd, 0x63, 0xd, 0x7, 0x9, 0x200, 0x9, 0x7, 0x8, 0xa, 0x10001, 0x8, 0xa21, 0x2, 0x9, 0x7, 0xe207, 0xa4, 0x4, 0x5, 0x7, 0x9, 0x0, 0x0, 0x9, 0x1, 0xd, 0x1, 0xf, 0x1, 0x26d1, 0x9, 0x8b000, 0x6, 0x6, 0x5, 0x80000000, 0xfffffffb, 0x8, 0x7, 0xfffffff9, 0x7, 0x4, 0x2, 0x0, 0x80, 0xffff6c99, 0x5, 0x6bed988b, 0x7f, 0x6, 0xffffff7f, 0x7, 0x7, 0x8, 0x4, 0x10000, 0x6, 0x9, 0x40, 0x0, 0x5, 0x0, 0x2, 0x3, 0x10000, 0x8, 0x9, 0x53fa, 0x0, 0x53, 0x9465, 0x9, 0x3, 0x4, 0x36c9, 0x3ff, 0x3, 0x4, 0x8, 0x68, 0x2, 0x81, 0x8, 0xcd94, 0x75e, 0x1000, 0x9, 0x6, 0x0, 0xfffffff7, 0xe, 0x6, 0x3, 0x7, 0x0, 0x6, 0x80000001, 0x731, 0x6, 0x4, 0x8, 0x3, 0x9, 0x80000001, 0x1, 0xfff, 0x4, 0x6, 0x4, 0x4, 0x2, 0x9, 0x6f9, 0x3, 0x8, 0x475e0e15, 0x80000000, 0x5, 0x4, 0xf3e, 0x9, 0x5, 0x0, 0x3, 0xad64, 0xfffffff9, 0x2, 0x3, 0x10000, 0x4, 0xff, 0x400, 0x7f, 0x7f, 0x7, 0x800, 0x40, 0x7, 0x6, 0x8, 0x1a, 0x0, 0x1000, 0xff, 0x10001, 0x8, 0x2, 0xffff, 0x8, 0x100, 0x100, 0x9, 0x9, 0x37, 0x28, 0xfffffff9, 0x7fffffff, 0x4, 0x3, 0xb, 0x2, 0x85f2, 0xd7f, 0x7, 0x3ff, 0x1000000, 0x2387c5a4, 0x3, 0x8, 0xbc4e, 0xffff, 0x1, 0x2, 0x408, 0x5, 0x0, 0x5, 0x6, 0x2, 0x6, 0x0, 0x51, 0x5, 0x3, 0x2, 0xfaf0, 0x4a46, 0x4, 0x10001, 0x9, 0x4921bb4d, 0x5c, 0x6, 0x3, 0x7, 0x7fff, 0x80, 0x3, 0x29dc2fdf, 0x200, 0x1, 0x9, 0xd2c, 0x8, 0x3, 0x3, 0x66f, 0x5, 0x4bb6, 0x258d, 0x101, 0x10000, 0x662f, 0x401, 0x5, 0x4, 0x4, 0xd3f6, 0x4, 0x3, 0x4, 0x1, 0xc, 0xbf2, 0xff, 0x7, 0x8002, 0x9, 0x3ff, 0x80000000, 0x9, 0x9, 0x9, 0xf01a, 0x2, 0x1, 0x9, 0x100, 0x0, 0xffffffff, 0x80000001, 0x3, 0x3, 0x6, 0x240000, 0x0, 0x1, 0xfffffffa, 0x45, 0x0, 0x0, 0x8, 0x5, 0x0, 0x3, 0x8a8, 0xa, 0x9, 0x0, 0x7, 0x9, 0x583, 0x8, 0x8, 0x1, 0x10002, 0x9, 0xffffff81, 0x6, 0x400, 0x227, 0x6, 0x8, 0xc442, 0x0, 0x3, 0x3ff, 0x5, 0x82a, 0x4, 0x72d2, 0x7, 0x5, 0x7, 0x4, 0x8, 0x8, 0xea1, 0x0, 0x566, 0x0, 0xfffffffe, 0x7, 0x737, 0x4, 0x6, 0x2, 0x1000, 0x4, 0x8, 0xff, 0x9, 0x7, 0x5, 0x3, 0x9, 0xbcea, 0x7, 0x8000, 0x0, 0x1, 0x1, 0x3, 0x3, 0x8, 0x3, 0x4, 0x9, 0x101, 0x1, 0x8, 0x1, 0x6, 0x6, 0x9, 0x7f800, 0x9, 0xd8a8, 0x3, 0x9, 0xfffffffb, 0x8, 0xd0f, 0x7, 0x2005, 0x4, 0x1, 0x7, 0x7, 0x8e, 0x5, 0x0, 0x7, 0xfffffffe, 0x81, 0xad3, 0x4, 0x80000001, 0x7, 0x8, 0x80, 0x8, 0x3ff, 0x6, 0xce1, 0x8, 0x80000001, 0xe, 0x1, 0x400002, 0x8000, 0x4, 0x3, 0xb, 0x2, 0x2, 0x6, 0x1, 0xe30, 0x3ff, 0xa7a, 0x8, 0x8, 0x9, 0x2, 0x401, 0x9, 0x9659, 0x400, 0xa83, 0x6, 0xfffffffe, 0x5082, 0x5, 0x6e82, 0xffff, 0x9, 0x7ff, 0x200800, 0xfffffffb, 0xfffffffb, 0x2, 0xd, 0x401, 0xffffff46, 0x7, 0x8000, 0x5d, 0x70d, 0x7fff, 0x3, 0x4, 0x6, 0x7, 0xa6a0, 0x7, 0x9, 0x1, 0xe8b0c95b, 0x9, 0x3, 0x8a2, 0x4, 0x6, 0x2, 0x3, 0x0, 0x7, 0x3, 0x4, 0x4, 0x5, 0xfffffff9, 0xbffeffff, 0x10, 0xfffffff7, 0x1ff, 0x8, 0x7ffc, 0x9, 0x3, 0xfffffff8, 0x1, 0x434, 0x8, 0x3ab, 0x8, 0x6, 0x0, 0x7, 0x4389, 0x7, 0x800, 0x400, 0x4, 0x0, 0x3, 0x5, 0xc94, 0x9, 0x4, 0x0, 0x4, 0x2, 0x401, 0x6, 0x401, 0x8, 0x1, 0xb, 0xe664, 0x0, 0xc, 0x96, 0x7, 0x101, 0xd, 0x2, 0x6, 0xdc, 0xf, 0x1000, 0x8, 0x7, 0x0, 0x0, 0x10001, 0x9, 0x7, 0x0, 0x40000fff, 0xf9, 0xc8, 0x2400, 0x1, 0x400, 0x9, 0x0, 0x8, 0x8, 0x7, 0x5, 0xfffffffb, 0x6b59b47c, 0x2, 0x4, 0xd64, 0x8, 0xc, 0x0, 0x7, 0x0, 0x9, 0x4, 0x80, 0x3, 0x6, 0x1, 0xc, 0x7, 0x8, 0x8, 0x8000, 0x6, 0x2, 0x385, 0xa0, 0x5, 0x8, 0x3d72e35e, 0xfffffff7, 0x9, 0x80000001, 0x8, 0x1a4, 0x7, 0x8, 0x0, 0x3, 0xe83, 0x3, 0x1, 0x3, 0x0, 0x2, 0x9973, 0x3, 0x4, 0x40, 0x40, 0x4, 0x5, 0x412, 0x4, 0x2, 0x5, 0xb4, 0x1ff, 0xc77c0000, 0xee18, 0x9, 0x8000, 0x47, 0x9, 0xffffff97, 0xffff, 0x3, 0xffffffc0, 0x790, 0x2, 0xfffffe01, 0x7fff, 0x78, 0x8, 0x0, 0xf, 0x40, 0x8, 0xed, 0x3, 0x9, 0x8, 0x0, 0x1, 0x1, 0x7, 0x800, 0xb, 0x5, 0x5, 0x9, 0x2, 0xd, 0x2, 0x6, 0x101, 0x4, 0x6, 0xa6d2, 0xd, 0x8000, 0x2, 0x9, 0x2, 0x0, 0x0, 0x3ff, 0x7, 0xffffff00, 0x7, 0x7, 0x40, 0x3, 0x101, 0x20000000, 0xdc000000, 0x2, 0xfffffffb, 0x401, 0x6, 0x1, 0x9, 0x4, 0xffffffa2, 0x5, 0x5, 0x9015, 0x6, 0x5, 0x5, 0x14b, 0x0, 0x336, 0xcf, 0xd, 0x5, 0xbbe7, 0xa8eb, 0xd0, 0xb, 0x800, 0x2b18, 0x3ec3, 0x0, 0x9, 0x5, 0x1, 0x8, 0x200, 0x2, 0x0, 0x5, 0xff, 0xc, 0x8, 0x2, 0x2, 0x7, 0x8, 0x10, 0xb46, 0x8, 0x1, 0x5dc60e00, 0x4, 0x9, 0x8, 0xd2, 0x9, 0xffff4a7a, 0x88f, 0xbd, 0x4, 0x6, 0x5, 0x4, 0x9, 0xffffffff, 0xda, 0xe, 0x8001000, 0x7b, 0x2, 0x10001, 0x6, 0x136, 0x36, 0x3a12, 0x9, 0x8, 0x4, 0x8], 0x1, 0x400, 0x3ff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

4m45.776414535s ago: executing program 4 (id=1144):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="02030003110000002cbd7040fcdbdf250300090080000000dac6923ef4c71cdc0dca1d9f68846960e56de42944af05000600002000000a004e2300000007ff010000000000000000000000000001010000800000000002000100000000000000070c0000008005"], 0x88}, 0x1, 0x7}, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10e, 0xb, &(0x7f00000001c0), 0x4)
write$cgroup_subtree(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0xfe33)

4m45.629781853s ago: executing program 4 (id=1147):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000140)='./file2\x00', 0x320c8cc, &(0x7f00000003c0)=ANY=[], 0x1, 0x1f3, &(0x7f0000001880)="$eJzslc+q00AUxr+ZxKT3Ij6AGxde8LowbXJB3Fy4d+PKheCfiwvBYtNSTa20XdiCaJ/AvTsXPoaiWxf6BlIF0U3dqOuRyUwmQ0mrMS0Knh90+k3m5MyZM5MzIAjiv+Xjhx8z8X3/cw3AcezA18+/OLkNt+zf174+fH3p4tGTm8/f+LNgq8inEL8/vwvg1aGDd+ZdIWynO/r/KrjR18BxVusjMARa3wLHda1jMNzQ+o6l+9I+CNrdJA5u95OWFA3ZhLKJ2t2EuYvxzacMLSs+Zo0Px5O7zSSJBxsUv8rf/JBj38SHmj1+ASrahpW/EByh1ntguGJs/Sw3KiXW+k+6+fqdlev3UHHZnwDkT9oFNrzqFJnw5FTLbbKFFgwBbF17H52o7ifb87KvO0iFU/p1rtIiT8XmP4AKAu7aHAq/4CT4q85PdfH2pRZ8pfGLA7V/JtRHql9u0oMlQ15JPzrzpj6JZwxnrPqpSsnT9Kqpj3r368Px5Fy31+zEnfheFO2db2wDiOppIVLtsvLnA1tpfdrO/RfeSRKPeXjQHI0GoWpNP1JtUcXlcDGfcuyexjHZl9XUW/D7zdIs/cmvgz1WvV27XConBEEQ/wCnwNKanNblTOjbxAwIEV3+y3ESBEEQBEEQBEEQBPHn/AwAAP//W8NQxQ==")
socket$phonet(0x23, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x378, 0x0, 0x700001b, 0x148, 0x0, 0x148, 0x2e0, 0x206, 0x240, 0x2e0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'bond_slave_1\x00', {0xff}, {}, 0x0, 0x1}, 0x1ea, 0x1e8, 0x208, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'pim6reg1\x00', {0x5, 0x1ff, 0x1, 0x5, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x6275dd3c01ecbf44, 0x2, 0x5, 0x2], 0x4, 0x2}}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d8)

4m43.626185206s ago: executing program 4 (id=1152):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000a40)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="1883cc7594fbeb06afa2fdb600f7b3fb", 0x10}], 0x1, 0x0, 0x0, 0x4004}], 0x1, 0xa841)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[0x0])

4m42.692499625s ago: executing program 4 (id=1155):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
ioprio_set$pid(0x3, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
pwritev2(r1, &(0x7f0000001300)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1, 0xff, 0xd3fe, 0x33)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000006c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000006,umask=00000000000000000000002,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000005,iocharset=iso8859-3,namecase=1,fmask=00000000000000000000406,fmask=00000000000000000000005,fmask=00000000000000000000006,gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharsjt=iso8859-3,\x00'], 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
creat(&(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xa0000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$rds(r1, &(0x7f00000016c0)={&(0x7f0000000200)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001340)=""/211, 0xd3}, {&(0x7f0000001440)=""/116, 0x74}, {&(0x7f00000014c0)=""/224, 0xe0}], 0x3, &(0x7f0000001640)=[@mask_fadd={0x58, 0x114, 0x8, {{0x2, 0x5}, &(0x7f00000015c0)=0x2, &(0x7f0000001600)=0x1, 0x81, 0xb09a, 0x7, 0x5, 0x8, 0x5}}], 0x58, 0x400a800}, 0x800)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="38000000070a050000200000000000000a0040010900010073797a3100000040090002"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@host})
fanotify_init(0x60, 0x8000)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi2\x00', 0x103040, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x40080)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000080)={'s526\x00', [0x401, 0x181, 0x2, 0xb, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x180, 0x13, 0x100, 0xffffffa7, 0x9, 0x134d, 0x1, 0x3fd, 0x4000009, 0x7, 0xe2df, 0x5, 0x1, 0x4, 0x40000, 0x7, 0xf58, 0x8]})
ioctl$FIBMAP(r5, 0x1, &(0x7f0000001700)=0xfaa2)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x0, 0x0, 0x1, 0x80000001})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000140)={&(0x7f0000000300)=[0x4, 0x6, 0x1, 0x9, 0x5, 0x401, 0x200, 0x4, 0x0, 0xcb0d, 0x770f, 0xff, 0x4, 0x81, 0x2, 0x5, 0x1d, 0x0, 0x78, 0xb, 0x5, 0x6, 0x8, 0x9, 0x69, 0x5, 0xfffffff4, 0x7fff, 0x8, 0xe00, 0x0, 0x3, 0x81, 0x7f, 0x0, 0xfffffff4, 0x15a0, 0xffffff7f, 0x8, 0x5d, 0x800, 0xf94, 0xff, 0x1ff, 0x2, 0xfffffff9, 0xe, 0xffffbb46, 0x7, 0x4, 0x1, 0x3, 0x5, 0x1000, 0x6, 0x3, 0x1, 0x8, 0x80, 0xc, 0x7, 0x8, 0x2, 0x1, 0x3, 0x1800000, 0x3, 0x5, 0x400, 0x5, 0x9, 0x1, 0xd0d, 0x2, 0x1000, 0x9, 0x3, 0x6d, 0xfffffffc, 0x1ff, 0xffffffc0, 0x0, 0x5, 0x8, 0x8, 0x2, 0xf0, 0x5, 0x7, 0x6, 0x4469, 0xb, 0xfffffb4c, 0x80000001, 0xe5f9, 0x0, 0x4, 0xd4, 0xffffffff, 0x200000, 0x9, 0x2, 0x4, 0x5, 0x2, 0x3, 0x8f, 0x7, 0x46, 0x5, 0x4, 0x6d03, 0x8001, 0x9, 0x3, 0x0, 0x8e7a, 0x2, 0x8, 0xfffffff1, 0x5, 0x1000000, 0xfff3, 0x4, 0x1, 0x80000000, 0x3ff, 0x81, 0x100, 0x8, 0xfffffffb, 0x4, 0xfffffffc, 0x1, 0x7, 0x3, 0x0, 0x43, 0xffff6a70, 0xc, 0xa092, 0x8, 0x877, 0x1, 0x3, 0x800, 0x5, 0x0, 0x8001, 0x48c, 0x7, 0x2, 0x13, 0x3, 0x3, 0x9, 0x0, 0x70000000, 0x2, 0x8, 0x2, 0x1b1c, 0x8, 0xb5, 0x8, 0x401, 0xfff, 0x5, 0x1, 0xa008, 0x9, 0x8, 0xe4, 0x898, 0x7, 0x81, 0x0, 0x1ff, 0x5, 0x80000000, 0x1, 0x8, 0x1, 0x5, 0x4251, 0x6, 0x4, 0x6, 0x4008, 0x200, 0x5, 0x73f7, 0x6, 0x8001, 0x80, 0xd5, 0x6, 0x800000, 0x40, 0xfffffe03, 0x2, 0x80000001, 0x7f, 0xfffffffa, 0xff, 0x4, 0x4b031fcb, 0x7, 0xf3, 0x40, 0xffffffff, 0x1, 0x0, 0x3, 0x6, 0xffffffff, 0x5, 0x6, 0x3, 0x9, 0xfd, 0xd, 0x1000, 0x94, 0xd52, 0x3, 0xfffffeff, 0xba7, 0x400, 0x4, 0x0, 0x80000001, 0x7, 0x10001, 0xfff, 0x9, 0x2, 0x9, 0x1, 0xfffffff9, 0x6, 0x62, 0x668, 0xffff, 0x0, 0x7, 0x6, 0x0, 0x49, 0x2, 0x5f4, 0x3fd, 0xfffffffe, 0x4, 0x6, 0x9, 0x0, 0x5, 0x4, 0x6, 0x3, 0x1ff, 0xc3f6, 0x7, 0x8, 0xfffffffe, 0xff, 0x8000, 0x7, 0x100, 0x43, 0x2, 0xc7b, 0xe2a0, 0x5, 0x6, 0x81, 0x6, 0x0, 0x3, 0x75c, 0x1, 0x10000, 0x3f, 0x24f7, 0x5, 0x9, 0xd8c, 0x7ffffffd, 0xe, 0xfffff6d2, 0x0, 0x0, 0x3, 0x9, 0x800, 0x5, 0x9, 0x80000000, 0x1, 0x9dcb, 0x8, 0x4, 0x8001, 0x9, 0x7, 0x6, 0x7, 0x81, 0x7ff, 0x0, 0x7, 0x1c00000, 0x5, 0x10, 0x2, 0x1, 0x4, 0xac, 0x8001, 0xb2, 0x4, 0x84f4, 0xf, 0x0, 0x6, 0x6, 0x3ef, 0x7, 0x101, 0x3, 0x4, 0xa, 0x7f, 0x5, 0x2, 0x7ff, 0xffff094f, 0x9, 0x80, 0x6, 0xfffffffd, 0x63, 0xd, 0x7, 0x9, 0x200, 0x9, 0x7, 0x8, 0xa, 0x10001, 0x8, 0xa21, 0x2, 0x9, 0x7, 0xe207, 0xa4, 0x4, 0x5, 0x7, 0x9, 0x0, 0x0, 0x9, 0x1, 0xd, 0x1, 0xf, 0x1, 0x26d1, 0x9, 0x8b000, 0x6, 0x6, 0x5, 0x80000000, 0xfffffffb, 0x8, 0x7, 0xfffffff9, 0x7, 0x4, 0x2, 0x0, 0x80, 0xffff6c99, 0x5, 0x6bed988b, 0x7f, 0x6, 0xffffff7f, 0x7, 0x7, 0x8, 0x4, 0x10000, 0x6, 0x9, 0x40, 0x0, 0x5, 0x0, 0x2, 0x3, 0x10000, 0x8, 0x9, 0x53fa, 0x0, 0x53, 0x9465, 0x9, 0x3, 0x4, 0x36c9, 0x3ff, 0x3, 0x4, 0x8, 0x68, 0x2, 0x81, 0x8, 0xcd94, 0x75e, 0x1000, 0x9, 0x6, 0x0, 0xfffffff7, 0xe, 0x6, 0x3, 0x7, 0x0, 0x6, 0x80000001, 0x731, 0x6, 0x4, 0x8, 0x3, 0x9, 0x80000001, 0x1, 0xfff, 0x4, 0x6, 0x4, 0x4, 0x2, 0x9, 0x6f9, 0x3, 0x8, 0x475e0e15, 0x80000000, 0x5, 0x4, 0xf3e, 0x9, 0x5, 0x0, 0x3, 0xad64, 0xfffffff9, 0x2, 0x3, 0x10000, 0x4, 0xff, 0x400, 0x7f, 0x7f, 0x7, 0x800, 0x40, 0x7, 0x6, 0x8, 0x1a, 0x0, 0x1000, 0xff, 0x10001, 0x8, 0x2, 0xffff, 0x8, 0x100, 0x100, 0x9, 0x9, 0x37, 0x28, 0xfffffff9, 0x7fffffff, 0x4, 0x3, 0xb, 0x2, 0x85f2, 0xd7f, 0x7, 0x3ff, 0x1000000, 0x2387c5a4, 0x3, 0x8, 0xbc4e, 0xffff, 0x1, 0x2, 0x408, 0x5, 0x0, 0x5, 0x6, 0x2, 0x6, 0x0, 0x51, 0x5, 0x3, 0x2, 0xfaf0, 0x4a46, 0x4, 0x10001, 0x9, 0x4921bb4d, 0x5c, 0x6, 0x3, 0x7, 0x7fff, 0x80, 0x3, 0x29dc2fdf, 0x200, 0x1, 0x9, 0xd2c, 0x8, 0x3, 0x3, 0x66f, 0x5, 0x4bb6, 0x258d, 0x101, 0x10000, 0x662f, 0x401, 0x5, 0x4, 0x4, 0xd3f6, 0x4, 0x3, 0x4, 0x1, 0xc, 0xbf2, 0xff, 0x7, 0x8002, 0x9, 0x3ff, 0x80000000, 0x9, 0x9, 0x9, 0xf01a, 0x2, 0x1, 0x9, 0x100, 0x0, 0xffffffff, 0x80000001, 0x3, 0x3, 0x6, 0x240000, 0x0, 0x1, 0xfffffffa, 0x45, 0x0, 0x0, 0x8, 0x5, 0x0, 0x3, 0x8a8, 0xa, 0x9, 0x0, 0x7, 0x9, 0x583, 0x8, 0x8, 0x1, 0x10002, 0x9, 0xffffff81, 0x6, 0x400, 0x227, 0x6, 0x8, 0xc442, 0x0, 0x3, 0x3ff, 0x5, 0x82a, 0x4, 0x72d2, 0x7, 0x5, 0x7, 0x4, 0x8, 0x8, 0xea1, 0x0, 0x566, 0x0, 0xfffffffe, 0x7, 0x737, 0x4, 0x6, 0x2, 0x1000, 0x4, 0x8, 0xff, 0x9, 0x7, 0x5, 0x3, 0x9, 0xbcea, 0x7, 0x8000, 0x0, 0x1, 0x1, 0x3, 0x3, 0x8, 0x3, 0x4, 0x9, 0x101, 0x1, 0x8, 0x1, 0x6, 0x6, 0x9, 0x7f800, 0x9, 0xd8a8, 0x3, 0x9, 0xfffffffb, 0x8, 0xd0f, 0x7, 0x2005, 0x4, 0x1, 0x7, 0x7, 0x8e, 0x5, 0x0, 0x7, 0xfffffffe, 0x81, 0xad3, 0x4, 0x80000001, 0x7, 0x8, 0x80, 0x8, 0x3ff, 0x6, 0xce1, 0x8, 0x80000001, 0xe, 0x1, 0x400002, 0x8000, 0x4, 0x3, 0xb, 0x2, 0x2, 0x6, 0x1, 0xe30, 0x3ff, 0xa7a, 0x8, 0x8, 0x9, 0x2, 0x401, 0x9, 0x9659, 0x400, 0xa83, 0x6, 0xfffffffe, 0x5082, 0x5, 0x6e82, 0xffff, 0x9, 0x7ff, 0x200800, 0xfffffffb, 0xfffffffb, 0x2, 0xd, 0x401, 0xffffff46, 0x7, 0x8000, 0x5d, 0x70d, 0x7fff, 0x3, 0x4, 0x6, 0x7, 0xa6a0, 0x7, 0x9, 0x1, 0xe8b0c95b, 0x9, 0x3, 0x8a2, 0x4, 0x6, 0x2, 0x3, 0x0, 0x7, 0x3, 0x4, 0x4, 0x5, 0xfffffff9, 0xbffeffff, 0x10, 0xfffffff7, 0x1ff, 0x8, 0x7ffc, 0x9, 0x3, 0xfffffff8, 0x1, 0x434, 0x8, 0x3ab, 0x8, 0x6, 0x0, 0x7, 0x4389, 0x7, 0x800, 0x400, 0x4, 0x0, 0x3, 0x5, 0xc94, 0x9, 0x4, 0x0, 0x4, 0x2, 0x401, 0x6, 0x401, 0x8, 0x1, 0xb, 0xe664, 0x0, 0xc, 0x96, 0x7, 0x101, 0xd, 0x2, 0x6, 0xdc, 0xf, 0x1000, 0x8, 0x7, 0x0, 0x0, 0x10001, 0x9, 0x7, 0x0, 0x40000fff, 0xf9, 0xc8, 0x2400, 0x1, 0x400, 0x9, 0x0, 0x8, 0x8, 0x7, 0x5, 0xfffffffb, 0x6b59b47c, 0x2, 0x4, 0xd64, 0x8, 0xc, 0x0, 0x7, 0x0, 0x9, 0x4, 0x80, 0x3, 0x6, 0x1, 0xc, 0x7, 0x8, 0x8, 0x8000, 0x6, 0x2, 0x385, 0xa0, 0x5, 0x8, 0x3d72e35e, 0xfffffff7, 0x9, 0x80000001, 0x8, 0x1a4, 0x7, 0x8, 0x0, 0x3, 0xe83, 0x3, 0x1, 0x3, 0x0, 0x2, 0x9973, 0x3, 0x4, 0x40, 0x40, 0x4, 0x5, 0x412, 0x4, 0x2, 0x5, 0xb4, 0x1ff, 0xc77c0000, 0xee18, 0x9, 0x8000, 0x47, 0x9, 0xffffff97, 0xffff, 0x3, 0xffffffc0, 0x790, 0x2, 0xfffffe01, 0x7fff, 0x78, 0x8, 0x0, 0xf, 0x40, 0x8, 0xed, 0x3, 0x9, 0x8, 0x0, 0x1, 0x1, 0x7, 0x800, 0xb, 0x5, 0x5, 0x9, 0x2, 0xd, 0x2, 0x6, 0x101, 0x4, 0x6, 0xa6d2, 0xd, 0x8000, 0x2, 0x9, 0x2, 0x0, 0x0, 0x3ff, 0x7, 0xffffff00, 0x7, 0x7, 0x40, 0x3, 0x101, 0x20000000, 0xdc000000, 0x2, 0xfffffffb, 0x401, 0x6, 0x1, 0x9, 0x4, 0xffffffa2, 0x5, 0x5, 0x9015, 0x6, 0x5, 0x5, 0x14b, 0x0, 0x336, 0xcf, 0xd, 0x5, 0xbbe7, 0xa8eb, 0xd0, 0xb, 0x800, 0x2b18, 0x3ec3, 0x0, 0x9, 0x5, 0x1, 0x8, 0x200, 0x2, 0x0, 0x5, 0xff, 0xc, 0x8, 0x2, 0x2, 0x7, 0x8, 0x10, 0xb46, 0x8, 0x1, 0x5dc60e00, 0x4, 0x9, 0x8, 0xd2, 0x9, 0xffff4a7a, 0x88f, 0xbd, 0x4, 0x6, 0x5, 0x4, 0x9, 0xffffffff, 0xda, 0xe, 0x8001000, 0x7b, 0x2, 0x10001, 0x6, 0x136, 0x36, 0x3a12, 0x9, 0x8, 0x4, 0x8], 0x1, 0x400, 0x3ff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

4m27.464560943s ago: executing program 32 (id=1155):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
ioprio_set$pid(0x3, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
pwritev2(r1, &(0x7f0000001300)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1, 0xff, 0xd3fe, 0x33)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000006c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000006,umask=00000000000000000000002,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000005,iocharset=iso8859-3,namecase=1,fmask=00000000000000000000406,fmask=00000000000000000000005,fmask=00000000000000000000006,gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharsjt=iso8859-3,\x00'], 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
creat(&(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xa0000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$rds(r1, &(0x7f00000016c0)={&(0x7f0000000200)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001340)=""/211, 0xd3}, {&(0x7f0000001440)=""/116, 0x74}, {&(0x7f00000014c0)=""/224, 0xe0}], 0x3, &(0x7f0000001640)=[@mask_fadd={0x58, 0x114, 0x8, {{0x2, 0x5}, &(0x7f00000015c0)=0x2, &(0x7f0000001600)=0x1, 0x81, 0xb09a, 0x7, 0x5, 0x8, 0x5}}], 0x58, 0x400a800}, 0x800)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="38000000070a050000200000000000000a0040010900010073797a3100000040090002"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@host})
fanotify_init(0x60, 0x8000)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi2\x00', 0x103040, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x40080)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000080)={'s526\x00', [0x401, 0x181, 0x2, 0xb, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x180, 0x13, 0x100, 0xffffffa7, 0x9, 0x134d, 0x1, 0x3fd, 0x4000009, 0x7, 0xe2df, 0x5, 0x1, 0x4, 0x40000, 0x7, 0xf58, 0x8]})
ioctl$FIBMAP(r5, 0x1, &(0x7f0000001700)=0xfaa2)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x0, 0x0, 0x1, 0x80000001})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000140)={&(0x7f0000000300)=[0x4, 0x6, 0x1, 0x9, 0x5, 0x401, 0x200, 0x4, 0x0, 0xcb0d, 0x770f, 0xff, 0x4, 0x81, 0x2, 0x5, 0x1d, 0x0, 0x78, 0xb, 0x5, 0x6, 0x8, 0x9, 0x69, 0x5, 0xfffffff4, 0x7fff, 0x8, 0xe00, 0x0, 0x3, 0x81, 0x7f, 0x0, 0xfffffff4, 0x15a0, 0xffffff7f, 0x8, 0x5d, 0x800, 0xf94, 0xff, 0x1ff, 0x2, 0xfffffff9, 0xe, 0xffffbb46, 0x7, 0x4, 0x1, 0x3, 0x5, 0x1000, 0x6, 0x3, 0x1, 0x8, 0x80, 0xc, 0x7, 0x8, 0x2, 0x1, 0x3, 0x1800000, 0x3, 0x5, 0x400, 0x5, 0x9, 0x1, 0xd0d, 0x2, 0x1000, 0x9, 0x3, 0x6d, 0xfffffffc, 0x1ff, 0xffffffc0, 0x0, 0x5, 0x8, 0x8, 0x2, 0xf0, 0x5, 0x7, 0x6, 0x4469, 0xb, 0xfffffb4c, 0x80000001, 0xe5f9, 0x0, 0x4, 0xd4, 0xffffffff, 0x200000, 0x9, 0x2, 0x4, 0x5, 0x2, 0x3, 0x8f, 0x7, 0x46, 0x5, 0x4, 0x6d03, 0x8001, 0x9, 0x3, 0x0, 0x8e7a, 0x2, 0x8, 0xfffffff1, 0x5, 0x1000000, 0xfff3, 0x4, 0x1, 0x80000000, 0x3ff, 0x81, 0x100, 0x8, 0xfffffffb, 0x4, 0xfffffffc, 0x1, 0x7, 0x3, 0x0, 0x43, 0xffff6a70, 0xc, 0xa092, 0x8, 0x877, 0x1, 0x3, 0x800, 0x5, 0x0, 0x8001, 0x48c, 0x7, 0x2, 0x13, 0x3, 0x3, 0x9, 0x0, 0x70000000, 0x2, 0x8, 0x2, 0x1b1c, 0x8, 0xb5, 0x8, 0x401, 0xfff, 0x5, 0x1, 0xa008, 0x9, 0x8, 0xe4, 0x898, 0x7, 0x81, 0x0, 0x1ff, 0x5, 0x80000000, 0x1, 0x8, 0x1, 0x5, 0x4251, 0x6, 0x4, 0x6, 0x4008, 0x200, 0x5, 0x73f7, 0x6, 0x8001, 0x80, 0xd5, 0x6, 0x800000, 0x40, 0xfffffe03, 0x2, 0x80000001, 0x7f, 0xfffffffa, 0xff, 0x4, 0x4b031fcb, 0x7, 0xf3, 0x40, 0xffffffff, 0x1, 0x0, 0x3, 0x6, 0xffffffff, 0x5, 0x6, 0x3, 0x9, 0xfd, 0xd, 0x1000, 0x94, 0xd52, 0x3, 0xfffffeff, 0xba7, 0x400, 0x4, 0x0, 0x80000001, 0x7, 0x10001, 0xfff, 0x9, 0x2, 0x9, 0x1, 0xfffffff9, 0x6, 0x62, 0x668, 0xffff, 0x0, 0x7, 0x6, 0x0, 0x49, 0x2, 0x5f4, 0x3fd, 0xfffffffe, 0x4, 0x6, 0x9, 0x0, 0x5, 0x4, 0x6, 0x3, 0x1ff, 0xc3f6, 0x7, 0x8, 0xfffffffe, 0xff, 0x8000, 0x7, 0x100, 0x43, 0x2, 0xc7b, 0xe2a0, 0x5, 0x6, 0x81, 0x6, 0x0, 0x3, 0x75c, 0x1, 0x10000, 0x3f, 0x24f7, 0x5, 0x9, 0xd8c, 0x7ffffffd, 0xe, 0xfffff6d2, 0x0, 0x0, 0x3, 0x9, 0x800, 0x5, 0x9, 0x80000000, 0x1, 0x9dcb, 0x8, 0x4, 0x8001, 0x9, 0x7, 0x6, 0x7, 0x81, 0x7ff, 0x0, 0x7, 0x1c00000, 0x5, 0x10, 0x2, 0x1, 0x4, 0xac, 0x8001, 0xb2, 0x4, 0x84f4, 0xf, 0x0, 0x6, 0x6, 0x3ef, 0x7, 0x101, 0x3, 0x4, 0xa, 0x7f, 0x5, 0x2, 0x7ff, 0xffff094f, 0x9, 0x80, 0x6, 0xfffffffd, 0x63, 0xd, 0x7, 0x9, 0x200, 0x9, 0x7, 0x8, 0xa, 0x10001, 0x8, 0xa21, 0x2, 0x9, 0x7, 0xe207, 0xa4, 0x4, 0x5, 0x7, 0x9, 0x0, 0x0, 0x9, 0x1, 0xd, 0x1, 0xf, 0x1, 0x26d1, 0x9, 0x8b000, 0x6, 0x6, 0x5, 0x80000000, 0xfffffffb, 0x8, 0x7, 0xfffffff9, 0x7, 0x4, 0x2, 0x0, 0x80, 0xffff6c99, 0x5, 0x6bed988b, 0x7f, 0x6, 0xffffff7f, 0x7, 0x7, 0x8, 0x4, 0x10000, 0x6, 0x9, 0x40, 0x0, 0x5, 0x0, 0x2, 0x3, 0x10000, 0x8, 0x9, 0x53fa, 0x0, 0x53, 0x9465, 0x9, 0x3, 0x4, 0x36c9, 0x3ff, 0x3, 0x4, 0x8, 0x68, 0x2, 0x81, 0x8, 0xcd94, 0x75e, 0x1000, 0x9, 0x6, 0x0, 0xfffffff7, 0xe, 0x6, 0x3, 0x7, 0x0, 0x6, 0x80000001, 0x731, 0x6, 0x4, 0x8, 0x3, 0x9, 0x80000001, 0x1, 0xfff, 0x4, 0x6, 0x4, 0x4, 0x2, 0x9, 0x6f9, 0x3, 0x8, 0x475e0e15, 0x80000000, 0x5, 0x4, 0xf3e, 0x9, 0x5, 0x0, 0x3, 0xad64, 0xfffffff9, 0x2, 0x3, 0x10000, 0x4, 0xff, 0x400, 0x7f, 0x7f, 0x7, 0x800, 0x40, 0x7, 0x6, 0x8, 0x1a, 0x0, 0x1000, 0xff, 0x10001, 0x8, 0x2, 0xffff, 0x8, 0x100, 0x100, 0x9, 0x9, 0x37, 0x28, 0xfffffff9, 0x7fffffff, 0x4, 0x3, 0xb, 0x2, 0x85f2, 0xd7f, 0x7, 0x3ff, 0x1000000, 0x2387c5a4, 0x3, 0x8, 0xbc4e, 0xffff, 0x1, 0x2, 0x408, 0x5, 0x0, 0x5, 0x6, 0x2, 0x6, 0x0, 0x51, 0x5, 0x3, 0x2, 0xfaf0, 0x4a46, 0x4, 0x10001, 0x9, 0x4921bb4d, 0x5c, 0x6, 0x3, 0x7, 0x7fff, 0x80, 0x3, 0x29dc2fdf, 0x200, 0x1, 0x9, 0xd2c, 0x8, 0x3, 0x3, 0x66f, 0x5, 0x4bb6, 0x258d, 0x101, 0x10000, 0x662f, 0x401, 0x5, 0x4, 0x4, 0xd3f6, 0x4, 0x3, 0x4, 0x1, 0xc, 0xbf2, 0xff, 0x7, 0x8002, 0x9, 0x3ff, 0x80000000, 0x9, 0x9, 0x9, 0xf01a, 0x2, 0x1, 0x9, 0x100, 0x0, 0xffffffff, 0x80000001, 0x3, 0x3, 0x6, 0x240000, 0x0, 0x1, 0xfffffffa, 0x45, 0x0, 0x0, 0x8, 0x5, 0x0, 0x3, 0x8a8, 0xa, 0x9, 0x0, 0x7, 0x9, 0x583, 0x8, 0x8, 0x1, 0x10002, 0x9, 0xffffff81, 0x6, 0x400, 0x227, 0x6, 0x8, 0xc442, 0x0, 0x3, 0x3ff, 0x5, 0x82a, 0x4, 0x72d2, 0x7, 0x5, 0x7, 0x4, 0x8, 0x8, 0xea1, 0x0, 0x566, 0x0, 0xfffffffe, 0x7, 0x737, 0x4, 0x6, 0x2, 0x1000, 0x4, 0x8, 0xff, 0x9, 0x7, 0x5, 0x3, 0x9, 0xbcea, 0x7, 0x8000, 0x0, 0x1, 0x1, 0x3, 0x3, 0x8, 0x3, 0x4, 0x9, 0x101, 0x1, 0x8, 0x1, 0x6, 0x6, 0x9, 0x7f800, 0x9, 0xd8a8, 0x3, 0x9, 0xfffffffb, 0x8, 0xd0f, 0x7, 0x2005, 0x4, 0x1, 0x7, 0x7, 0x8e, 0x5, 0x0, 0x7, 0xfffffffe, 0x81, 0xad3, 0x4, 0x80000001, 0x7, 0x8, 0x80, 0x8, 0x3ff, 0x6, 0xce1, 0x8, 0x80000001, 0xe, 0x1, 0x400002, 0x8000, 0x4, 0x3, 0xb, 0x2, 0x2, 0x6, 0x1, 0xe30, 0x3ff, 0xa7a, 0x8, 0x8, 0x9, 0x2, 0x401, 0x9, 0x9659, 0x400, 0xa83, 0x6, 0xfffffffe, 0x5082, 0x5, 0x6e82, 0xffff, 0x9, 0x7ff, 0x200800, 0xfffffffb, 0xfffffffb, 0x2, 0xd, 0x401, 0xffffff46, 0x7, 0x8000, 0x5d, 0x70d, 0x7fff, 0x3, 0x4, 0x6, 0x7, 0xa6a0, 0x7, 0x9, 0x1, 0xe8b0c95b, 0x9, 0x3, 0x8a2, 0x4, 0x6, 0x2, 0x3, 0x0, 0x7, 0x3, 0x4, 0x4, 0x5, 0xfffffff9, 0xbffeffff, 0x10, 0xfffffff7, 0x1ff, 0x8, 0x7ffc, 0x9, 0x3, 0xfffffff8, 0x1, 0x434, 0x8, 0x3ab, 0x8, 0x6, 0x0, 0x7, 0x4389, 0x7, 0x800, 0x400, 0x4, 0x0, 0x3, 0x5, 0xc94, 0x9, 0x4, 0x0, 0x4, 0x2, 0x401, 0x6, 0x401, 0x8, 0x1, 0xb, 0xe664, 0x0, 0xc, 0x96, 0x7, 0x101, 0xd, 0x2, 0x6, 0xdc, 0xf, 0x1000, 0x8, 0x7, 0x0, 0x0, 0x10001, 0x9, 0x7, 0x0, 0x40000fff, 0xf9, 0xc8, 0x2400, 0x1, 0x400, 0x9, 0x0, 0x8, 0x8, 0x7, 0x5, 0xfffffffb, 0x6b59b47c, 0x2, 0x4, 0xd64, 0x8, 0xc, 0x0, 0x7, 0x0, 0x9, 0x4, 0x80, 0x3, 0x6, 0x1, 0xc, 0x7, 0x8, 0x8, 0x8000, 0x6, 0x2, 0x385, 0xa0, 0x5, 0x8, 0x3d72e35e, 0xfffffff7, 0x9, 0x80000001, 0x8, 0x1a4, 0x7, 0x8, 0x0, 0x3, 0xe83, 0x3, 0x1, 0x3, 0x0, 0x2, 0x9973, 0x3, 0x4, 0x40, 0x40, 0x4, 0x5, 0x412, 0x4, 0x2, 0x5, 0xb4, 0x1ff, 0xc77c0000, 0xee18, 0x9, 0x8000, 0x47, 0x9, 0xffffff97, 0xffff, 0x3, 0xffffffc0, 0x790, 0x2, 0xfffffe01, 0x7fff, 0x78, 0x8, 0x0, 0xf, 0x40, 0x8, 0xed, 0x3, 0x9, 0x8, 0x0, 0x1, 0x1, 0x7, 0x800, 0xb, 0x5, 0x5, 0x9, 0x2, 0xd, 0x2, 0x6, 0x101, 0x4, 0x6, 0xa6d2, 0xd, 0x8000, 0x2, 0x9, 0x2, 0x0, 0x0, 0x3ff, 0x7, 0xffffff00, 0x7, 0x7, 0x40, 0x3, 0x101, 0x20000000, 0xdc000000, 0x2, 0xfffffffb, 0x401, 0x6, 0x1, 0x9, 0x4, 0xffffffa2, 0x5, 0x5, 0x9015, 0x6, 0x5, 0x5, 0x14b, 0x0, 0x336, 0xcf, 0xd, 0x5, 0xbbe7, 0xa8eb, 0xd0, 0xb, 0x800, 0x2b18, 0x3ec3, 0x0, 0x9, 0x5, 0x1, 0x8, 0x200, 0x2, 0x0, 0x5, 0xff, 0xc, 0x8, 0x2, 0x2, 0x7, 0x8, 0x10, 0xb46, 0x8, 0x1, 0x5dc60e00, 0x4, 0x9, 0x8, 0xd2, 0x9, 0xffff4a7a, 0x88f, 0xbd, 0x4, 0x6, 0x5, 0x4, 0x9, 0xffffffff, 0xda, 0xe, 0x8001000, 0x7b, 0x2, 0x10001, 0x6, 0x136, 0x36, 0x3a12, 0x9, 0x8, 0x4, 0x8], 0x1, 0x400, 0x3ff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

3m50.804215383s ago: executing program 0 (id=1315):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000540)=0x79, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca612", 0x40}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde6", 0x8b}, {0x0}], 0x2}}], 0x2, 0x840)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40)

3m50.721656514s ago: executing program 0 (id=1317):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000150081054e81f782db44b9040a783b020a000000040000a11800020000e9400084150e1208000f0100810401", 0x30}], 0x1, 0x0, 0x0, 0x7400}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x30}, 0x94)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="05dff72e1800cd13381600000000000000", @ANYRES32=0x0, @ANYBLOB="080005000400"], 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0xc0c4)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0xd0060)

3m50.246301093s ago: executing program 0 (id=1318):
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x5d09, 0x1, 0x1, 0x100020b}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, 0x0, 0x0, 0x12})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3m48.361328006s ago: executing program 0 (id=1320):
syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f0000000400)={0x14, &(0x7f0000000240)={0x40, 0x30, 0x48, {0x48, 0x0, "45c8346df565db2f824e53a2e23cd1dba893e83a44547ba8fc2f1fecd0b9836d2d2ef6dde11194a97dd2b4fdcab00260a672c4b1c3f3ece2a7b7bd5571e427d2ab386181f4e8"}}, 0x0}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xc00}, 0x20008802)
r0 = syz_io_uring_setup(0x2501, &(0x7f0000000300)={0x0, 0x58cd, 0x10000, 0x3, 0x400000}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0), 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='='], 0x38}}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000d, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x9a, 0x0, @fd_index=0x1, 0xfff, 0x0, 0x6})
io_uring_enter(r0, 0x6686, 0x2936, 0x24, 0x0, 0x0)

3m47.556484694s ago: executing program 0 (id=1325):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c4}, 0xc000)

3m46.732612581s ago: executing program 0 (id=1329):
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x5d09, 0x1, 0x1, 0x100020b}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, 0x0, 0x0, 0x12})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3m31.341386712s ago: executing program 33 (id=1329):
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x5d09, 0x1, 0x1, 0x100020b}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, 0x0, 0x0, 0x12})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m3.87962048s ago: executing program 2 (id=1737):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05400000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a300000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a01040000000000000000010000002400048020000180080001006f736600140002"], 0xd4}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)=ANY=[@ANYRES32, @ANYBLOB='\b'], 0x20}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)

2m3.775615804s ago: executing program 2 (id=1740):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000540)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca612", 0x40}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}}], 0x2, 0x840)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40)

2m3.627511084s ago: executing program 2 (id=1742):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r0, 0x3516, 0xc2de, 0x29, 0x0, 0x0)

2m3.555832264s ago: executing program 2 (id=1743):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x8)

2m3.482270018s ago: executing program 2 (id=1744):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x39, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, &(0x7f00000003c0)=0x40, 0x4)
syz_open_procfs(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0)
sendmmsg(r0, 0x0, 0x0, 0x0)

2m3.126920986s ago: executing program 2 (id=1747):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000150081054e81f782db44b9040a783b020a000000040000a11800020000e9400084150e1208000f0100810401", 0x30}], 0x1, 0x0, 0x0, 0x7400}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x30}, 0x94)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="05dff72e1800cd13381600000000000000", @ANYRES32=0x0, @ANYBLOB="0800050004000000050053"], 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0xc0c4)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0xd0060)

2m2.590752409s ago: executing program 34 (id=1747):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000150081054e81f782db44b9040a783b020a000000040000a11800020000e9400084150e1208000f0100810401", 0x30}], 0x1, 0x0, 0x0, 0x7400}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x30}, 0x94)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="05dff72e1800cd13381600000000000000", @ANYRES32=0x0, @ANYBLOB="0800050004000000050053"], 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0xc0c4)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0xd0060)

8.632338201s ago: executing program 3 (id=2436):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0xe}, 0x80, &(0x7f0000002540)=[{0x0}, {&(0x7f0000000580)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdec", 0xc2}, {&(0x7f00000004c0)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb4714219a2d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000004040)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a", 0x357}], 0x4}, 0x0)

8.591163896s ago: executing program 3 (id=2438):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
setresuid(0xee01, 0x0, 0x0)
keyctl$get_persistent(0x16, 0x0, 0xfffffffffffffffb)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r4 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r4, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@zcopy_cookie={0x18, 0x114, 0xc, 0x6}], 0x18}, 0x0)
r5 = socket$kcm(0x2b, 0x1, 0x0)
listen(r5, 0x6)
close(r5)

8.544427412s ago: executing program 1 (id=2439):
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, 0x0, 0x0, 0x4004)
syz_usb_connect(0x3, 0x73, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000396d0940fd101315ce7e0102030109026100010000000009040001"], 0x0)
syz_usb_connect(0x2, 0x9a2, 0x0, 0x0)

7.277453035s ago: executing program 3 (id=2443):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

7.163736093s ago: executing program 3 (id=2444):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x150, 0xa0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0xfffffffd, 0x0, 0x8, 0x4, 0x0, 0x0, 0xa})

6.229585944s ago: executing program 6 (id=2451):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f00000000c0)='.\x00', 0x5000009)
fallocate(r2, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)

6.051973829s ago: executing program 3 (id=2452):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x189c02)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r4, 0x11, 0x1, &(0x7f00000000c0)=0x6, 0x4)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r7=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000100)={0xa, 0x3, 0x80000001, 0x4, r7}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x58, 0x2, 0x2, 0x301, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_TUPLE={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}]}, 0x58}, 0x1, 0x0, 0x0, 0xc881}, 0x80800)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000040)={r7, 0x7}, &(0x7f0000000080)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
syz_clone3(&(0x7f0000000380)={0x2140280, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000180))
ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f0000000880)={0x1, 0x8, @status={[0x8000000000000001, 0x2, 0xfff, 0x4597, 0x2, 0x3]}, [0x6, 0x5, 0x3, 0x8, 0xfe7, 0xffffffffffffff6d, 0xdf, 0xfffffffffffffffc, 0x74, 0xc, 0x6, 0x6175, 0x100000000, 0x7fff, 0x1ffc0000, 0x5cc2acaa, 0xbe68, 0x2, 0x7, 0x0, 0x10000, 0xf9, 0x0, 0x8000000000000000, 0x7, 0x0, 0x4, 0x5, 0x6, 0x8, 0x9, 0x8, 0x1, 0x0, 0x7ff, 0xfffffffffffffffc, 0x8, 0x80000000, 0x0, 0x8, 0x5, 0x7f, 0x1, 0x41, 0xfffffffffffffff9, 0x401, 0x400, 0xe1dc, 0x0, 0x6, 0x2, 0x4, 0x3, 0xf, 0x2, 0xfffffffffffffffc, 0x1, 0x8, 0x2, 0xffffffffffffffff, 0xa, 0xf9, 0x81, 0x9]})

5.765545462s ago: executing program 1 (id=2453):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c0004400000000000000c7f14000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_extract_tcp_res(&(0x7f0000000180), 0x35e, 0x6)
syz_emit_ethernet(0x1e, &(0x7f0000000480)={@local, @dev, @void, {@can={0xc, {{0x1, 0x1, 0x0, 0x1}, 0x2, 0x0, 0x0, 0x0, "254408179aade76e"}}}}, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x4, 0x109242)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$BLKREPORTZONE(r1, 0x1261, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r3, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x100, 0x0, 0x2, 0xfffffffd, 0x2})

4.559158687s ago: executing program 5 (id=2456):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000001780)={&(0x7f0000000200)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f0000001740)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x1}}], 0x18}, 0x4)

4.383898457s ago: executing program 5 (id=2457):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000100)=@security={'security\x00', 0xe, 0x4, 0x2d0, 0xffffffff, 0xd0, 0x1d8, 0xd0, 0xffffffff, 0xffffffff, 0x2d0, 0x2d0, 0x2d0, 0xffffffff, 0x4, 0x0, {[{{@ip={@remote, @empty, 0xff000000, 0xffffff00, 'veth0_vlan\x00', 'ip6erspan0\x00', {0xff}, {}, 0x21, 0x2}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @broadcast, 0x0, 0xa, [0x15, 0x1d, 0x3, 0x3b, 0x5, 0x16, 0x26, 0xa, 0x2b, 0x20, 0x29, 0x3, 0x25, 0x15, 0x32, 0x24], 0x0, 0x100, 0x10001}}}, {{@ip={@broadcast, @multicast1, 0x0, 0xffffff00, 'veth1\x00', 'batadv0\x00', {0xff}, {0xff}, 0x16, 0x1}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x4, 0x0, 0x0, 0x5, 0x2], 0x3, 0x1}, {0xffffffffffffffff, [0x3, 0x5, 0x7, 0x2, 0x1], 0x2, 0x6}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x330)
syz_io_uring_setup(0x3a63, &(0x7f0000000700)={0x0, 0x76c4, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000500), &(0x7f0000000040))
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x50)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.avg_queue_size\x00', 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)

2.971780556s ago: executing program 7 (id=2460):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0xe}, 0x80, &(0x7f0000002540)=[{0x0}, {&(0x7f0000000580)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdec", 0xc2}, {&(0x7f00000004c0)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb4714219a2d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000004040)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a", 0x357}], 0x4}, 0x0)

2.803649002s ago: executing program 6 (id=2461):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x5836, 0x8, 0x7, 0x4000000000000e52, 0x1, 0x5479, 0x1043, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0x100000000, 0x9ca6, 0x1, 0x8000000000005, 0x5c], 0x8080000, 0x42590})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.803223992s ago: executing program 7 (id=2462):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x3, 0x2001, 0xc4e2, 0x5, {0x200004, 0x5, 0x5, 0xa, 0x8000, 0x9, 0x6, 0x5, 0x9, 0xd25, 0x7, 0x60b, 0x4d, 0xfffb, "6f4f1b1330d057b30bd15586b7445443c528a97436419c2cd5ae7297dceeb0be"}})

2.703995238s ago: executing program 5 (id=2463):
syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x67, 0x0, 0x8, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x4e22, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

2.659379957s ago: executing program 6 (id=2464):
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, 0x0, 0x0)

2.646269611s ago: executing program 7 (id=2465):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)

2.530632963s ago: executing program 3 (id=2466):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

2.4111264s ago: executing program 5 (id=2467):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
pread64(r1, 0x0, 0x0, 0x92c9)
write$cgroup_int(r0, &(0x7f00000000c0)=0x10001, 0x12)
ppoll(0x0, 0x0, &(0x7f0000000100)={0x77359400}, 0x0, 0x0)

1.456566066s ago: executing program 6 (id=2468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
read$FUSE(0xffffffffffffffff, &(0x7f0000002400)={0x2020}, 0xfffffec2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
setresuid(0xee01, 0x0, 0x0)
keyctl$get_persistent(0x16, 0x0, 0xfffffffffffffffb)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r3 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r3, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@zcopy_cookie={0x18, 0x114, 0xc, 0x6}], 0x18}, 0x0)
r4 = socket$kcm(0x2b, 0x1, 0x0)
listen(r4, 0x6)
close(r4)

1.203992038s ago: executing program 1 (id=2469):
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r4, 0x11, 0x0, 0x0, @void, @value=r3}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[], 0x20)

1.203662153s ago: executing program 7 (id=2470):
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x200000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

519.425708ms ago: executing program 1 (id=2471):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000540)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691de", 0x2d}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bb", 0x80}, {0x0}], 0x2}}], 0x2, 0x840)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40)

464.662579ms ago: executing program 5 (id=2472):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe4b}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r1, 0x0, 0x9}, 0x18)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r4})

440.63812ms ago: executing program 7 (id=2473):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f0000000100)}, {&(0x7f0000000580)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdec", 0xc2}, {&(0x7f00000004c0)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb4714219a2d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000004040)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a", 0x357}], 0x4}, 0x0)

352.8913ms ago: executing program 1 (id=2474):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000001c0)={0x78, 0x2, 0x3, "4f39386b957a7b088abf85b671bcf546bf6b43118d8ce28706e82a0bcecb9242", 0x31303553})

292.990652ms ago: executing program 6 (id=2475):
unshare(0x20000400)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50)
fcntl$addseals(r0, 0x409, 0x6)

292.110453ms ago: executing program 7 (id=2476):
syz_open_dev$dri(0x0, 0x1ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, 0x0)
r4 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0xb, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
r5 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r5, 0x402c5639, &(0x7f0000002280)={0x300, 0x1, 0x400007})

192.201634ms ago: executing program 5 (id=2477):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x40, 0x21, 0x1, 0x9}})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200)={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000dc0)={0x2c, &(0x7f0000000ac0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f00000003c0)=ANY=[], 0x0, 0x0})

21.766251ms ago: executing program 1 (id=2478):
memfd_create(&(0x7f0000000540)='-B\xd5NI\xc5j\x9appp\xf0\n\x84\xae\n\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1\x03\x00\x00\x00\xe3LS\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh\x9c\xea\xc9\x01c\x10d\xee\xa9\x1a\xcaR\xcf\xbcs\x86\xdf\xb9\xb9\x12\x8b\x04\xa3\xbd\xf2C\x93\xb8\x9a\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xd0\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04(\xcc\xce\x8b\x19\xea\xef\x17d\xc7d\xc5\xfa\b<\xe3?ip\x9dX4U\xd70\xfdM1\x17\xe1G\x81\xd1\x84\v{\x16\xcc7\xd8fP\x12\x0e\xe07)[;\xa4\xc1\x05S\xf9~\x8e7\xa8sKkR\x16\aA\x9a\xf4\x1a\x01\xe5vm\x18&\x8f.\x87\a\xde\xd7M\xda\xa1\xa2b\x0f)\xd0\xf1\x02;\x01\xd5\x94gD\x87\xd3E\xcf!\xf8K\xa4\xee\xb7rS\x8e\xbc`;\xb8\x8er\xe1\xb2\x8b\xb9wN\x87\xad\xd1W\xa7\xe7\xff_&\bv\xb46\xf6\x89\t\x1d\x8b@\xd63\x1d\x80\\\xef\xd0g`\xc6\xaem\n', 0x6)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800010001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x24005000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5}, {0xffff, 0xffff}, {0xfff3, 0x6}}}, 0x24}}, 0x8040)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 6 (id=2479):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}])
sendmmsg$unix(r0, &(0x7f0000000000), 0x651, 0x0)

kernel console output (not intermixed with test programs):

t: syz
[  267.672018][ T5888] usb 2-1: Manufacturer: syz
[  267.676654][ T5888] usb 2-1: SerialNumber: syz
[  267.745230][ T8306] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  267.961731][ T8337] blktrace: Concurrent blktraces are not allowed on nullb0
[  267.999060][ T5831] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  268.092581][ T5888] usb 2-1: USB disconnect, device number 2
[  269.338707][ T8347] loop0: detected capacity change from 0 to 256
[  269.367852][ T8347] exfat: Deprecated parameter 'namecase'
[  269.952035][ T8356] vxcan1: entered promiscuous mode
[  270.062613][ T8347] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  270.658626][ T8347] netlink: 12 bytes leftover after parsing attributes in process `syz.0.711'.
[  270.781634][ T8368] netlink: 44 bytes leftover after parsing attributes in process `syz.3.717'.
[  270.797905][ T8368] netlink: 16 bytes leftover after parsing attributes in process `syz.3.717'.
[  270.818966][ T8368] netlink: 44 bytes leftover after parsing attributes in process `syz.3.717'.
[  271.260972][ T8381] blktrace: Concurrent blktraces are not allowed on nullb0
[  271.477700][ T8382] syz.0.723 (8382) used greatest stack depth: 17656 bytes left
[  272.443433][ T8370] loop1: detected capacity change from 0 to 32768
[  272.459595][ T8370] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.718 (8370)
[  272.502904][ T8370] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  272.546293][ T8370] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  272.736351][ T8408] loop2: detected capacity change from 0 to 256
[  272.772563][ T8370] BTRFS info (device loop1): setting nodatasum
[  272.779683][ T8408] exfat: Deprecated parameter 'namecase'
[  272.811573][ T8370] BTRFS info (device loop1): setting nodatacow
[  272.844839][ T8408] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  272.867048][ T8370] BTRFS info (device loop1): turning on async discard
[  272.882267][ T8370] BTRFS info (device loop1): enabling free space tree
[  272.899765][ T8370] BTRFS info (device loop1): enabling auto defrag
[  272.924859][ T8370] BTRFS info (device loop1): max_inline set to 0
[  273.042609][ T8414] netlink: 12 bytes leftover after parsing attributes in process `syz.2.729'.
[  274.008030][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  274.583725][ T8428] netlink: 44 bytes leftover after parsing attributes in process `syz.1.732'.
[  274.657107][ T8428] netlink: 16 bytes leftover after parsing attributes in process `syz.1.732'.
[  274.688536][ T8434] netlink: 12 bytes leftover after parsing attributes in process `syz.4.738'.
[  274.717593][ T8428] netlink: 44 bytes leftover after parsing attributes in process `syz.1.732'.
[  275.247080][   T39] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  275.469732][   T39] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  275.493985][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.544626][   T39] usb 5-1: config 0 descriptor??
[  275.599520][   T39] cp210x 5-1:0.0: cp210x converter detected
[  275.769784][ T8445] loop1: detected capacity change from 0 to 32768
[  275.797163][ T8445] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.742 (8445)
[  275.855885][ T8445] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  275.887183][ T8445] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  276.049543][ T8445] BTRFS info (device loop1): setting nodatasum
[  276.073446][ T8445] BTRFS info (device loop1): setting nodatacow
[  276.102508][ T8445] BTRFS info (device loop1): turning on async discard
[  276.130090][ T8445] BTRFS info (device loop1): enabling free space tree
[  276.158410][ T8445] BTRFS info (device loop1): enabling auto defrag
[  276.197603][ T8445] BTRFS info (device loop1): max_inline set to 0
[  276.202636][   T39] cp210x 5-1:0.0: failed to get vendor val 0x370c size 73: -71
[  276.228909][   T39] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  276.235430][   T30] audit: type=1800 audit(1764479090.007:95): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.742" name="bus" dev="loop1" ino=263 res=0 errno=0
[  276.270053][   T39] usb 5-1: cp210x converter now attached to ttyUSB0
[  276.305940][   T39] usb 5-1: USB disconnect, device number 2
[  276.328735][   T30] audit: type=1800 audit(1764479090.017:96): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.742" name="file1" dev="loop1" ino=260 res=0 errno=0
[  276.397100][   T39] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  276.419776][   T39] cp210x 5-1:0.0: device disconnected
[  276.460956][ T8464] loop0: detected capacity change from 0 to 256
[  276.498279][ T8464] exfat: Deprecated parameter 'namecase'
[  276.518776][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  276.565260][ T8464] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  278.345069][ T8487] netlink: 44 bytes leftover after parsing attributes in process `syz.4.752'.
[  278.356937][ T8487] netlink: 16 bytes leftover after parsing attributes in process `syz.4.752'.
[  278.419515][ T8487] netlink: 44 bytes leftover after parsing attributes in process `syz.4.752'.
[  279.515171][ T8501] Cannot find set identified by id 0 to match
[  280.514818][ T8503] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.758'.
[  280.660981][ T8509] loop4: detected capacity change from 0 to 256
[  280.701838][ T8509] exfat: Deprecated parameter 'namecase'
[  280.898706][ T8509] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  282.976241][ T8538] Cannot find set identified by id 0 to match
[  284.131945][ T8550] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.774'.
[  284.342723][ T8552] IPVS: Scheduler module ip_vs_ not found
[  284.497108][ T8560] loop3: detected capacity change from 0 to 256
[  284.530010][ T8560] exfat: Deprecated parameter 'namecase'
[  284.570229][ T8560] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  286.220492][ T8583] Cannot find set identified by id 0 to match
[  287.232414][ T5888] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  287.263647][ T5888] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  287.493135][ T8597] fido_id[8597]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  288.545969][ T8599] loop4: detected capacity change from 0 to 131072
[  288.555205][ T8599] F2FS-fs (loop4): Test dummy encryption mode enabled
[  288.569245][ T8599] F2FS-fs (loop4): invalid crc value
[  288.586007][ T8605] netlink: 36 bytes leftover after parsing attributes in process `syz.1.794'.
[  288.647378][ T8605] netlink: 16 bytes leftover after parsing attributes in process `syz.1.794'.
[  288.661511][ T8599] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  288.681667][ T8599] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  288.685921][ T8605] netlink: 36 bytes leftover after parsing attributes in process `syz.1.794'.
[  289.551166][ T8616] loop1: detected capacity change from 0 to 256
[  289.600510][ T8616] exfat: Deprecated parameter 'namecase'
[  289.644352][ T8616] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  290.158720][ T8616] netlink: 12 bytes leftover after parsing attributes in process `syz.1.798'.
[  290.205451][ T8620] loop4: detected capacity change from 0 to 16
[  290.371557][ T8620] erofs (device loop4): mounted with root inode @ nid 36.
[  291.857353][ T8635] loop2: detected capacity change from 0 to 131072
[  291.907054][ T8635] F2FS-fs (loop2): Test dummy encryption mode enabled
[  291.916398][ T8635] F2FS-fs (loop2): invalid crc value
[  291.978316][ T8635] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  291.990583][ T8635] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  292.008044][ T8630] Cannot find set identified by id 0 to match
[  292.115127][ T8640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.806'.
[  292.128024][ T8640] netlink: 16 bytes leftover after parsing attributes in process `syz.1.806'.
[  292.151996][ T8640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.806'.
[  293.636770][ T8654] loop2: detected capacity change from 0 to 256
[  293.666607][ T8654] exfat: Deprecated parameter 'namecase'
[  293.700322][ T8654] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  293.901158][ T8658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.812'.
[  295.952598][ T8666] loop2: detected capacity change from 0 to 131072
[  295.981113][ T8666] F2FS-fs (loop2): Test dummy encryption mode enabled
[  295.990111][ T8666] F2FS-fs (loop2): invalid crc value
[  296.270184][ T8666] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  296.280127][ T8666] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  297.253447][ T8684] loop3: detected capacity change from 0 to 256
[  297.279987][ T8684] exfat: Deprecated parameter 'namecase'
[  297.305519][ T8684] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  297.562836][ T8688] netlink: 36 bytes leftover after parsing attributes in process `syz.2.819'.
[  297.592327][ T8689] netlink: 12 bytes leftover after parsing attributes in process `syz.3.824'.
[  297.653597][ T8688] netlink: 16 bytes leftover after parsing attributes in process `syz.2.819'.
[  297.837414][ T8688] netlink: 36 bytes leftover after parsing attributes in process `syz.2.819'.
[  298.862957][ T8682] loop1: detected capacity change from 0 to 32768
[  298.911162][ T8682] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.823 (8682)
[  298.934799][ T8707] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.832'.
[  299.033083][ T8682] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  299.088694][ T8682] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  300.021042][ T8682] BTRFS info (device loop1): setting nodatasum
[  300.049352][ T8682] BTRFS info (device loop1): setting nodatacow
[  300.072661][ T8682] BTRFS info (device loop1): turning on async discard
[  300.192273][ T8682] BTRFS info (device loop1): enabling free space tree
[  300.217238][ T8682] BTRFS info (device loop1): enabling auto defrag
[  300.223702][ T8682] BTRFS info (device loop1): max_inline set to 0
[  300.363629][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  300.721020][ T8740] blktrace: Concurrent blktraces are not allowed on nullb0
[  301.602814][ T8749] netlink: 36 bytes leftover after parsing attributes in process `syz.0.841'.
[  301.612330][ T8749] netlink: 16 bytes leftover after parsing attributes in process `syz.0.841'.
[  301.621822][ T8749] netlink: 36 bytes leftover after parsing attributes in process `syz.0.841'.
[  302.540055][ T8754] loop2: detected capacity change from 0 to 256
[  302.587122][ T8754] exfat: Deprecated parameter 'namecase'
[  302.697100][ T8754] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  302.969236][ T8760] netlink: 12 bytes leftover after parsing attributes in process `syz.2.843'.
[  303.510608][ T8763] loop2: detected capacity change from 0 to 16
[  303.559861][ T8763] erofs (device loop2): mounted with root inode @ nid 36.
[  303.751665][ T8767] Cannot find set identified by id 0 to match
[  304.973814][ T8771] loop4: detected capacity change from 0 to 32768
[  305.010163][ T8771] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.849 (8771)
[  305.092491][ T8771] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.127130][ T8771] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  305.549221][ T8771] BTRFS info (device loop4): setting nodatasum
[  305.555432][ T8771] BTRFS info (device loop4): setting nodatacow
[  305.621137][ T8771] BTRFS info (device loop4): turning on async discard
[  305.655371][ T8771] BTRFS info (device loop4): enabling free space tree
[  305.694316][ T8771] BTRFS info (device loop4): enabling auto defrag
[  305.717771][ T8771] BTRFS info (device loop4): max_inline set to 0
[  305.787383][ T8798] blktrace: Concurrent blktraces are not allowed on nullb0
[  305.818514][   T30] audit: type=1800 audit(1764479119.597:97): pid=8771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.849" name="bus" dev="loop4" ino=263 res=0 errno=0
[  306.170222][ T5828] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.852417][ T8806] netlink: 36 bytes leftover after parsing attributes in process `syz.3.854'.
[  306.884102][ T8806] netlink: 16 bytes leftover after parsing attributes in process `syz.3.854'.
[  306.897446][ T8806] netlink: 36 bytes leftover after parsing attributes in process `syz.3.854'.
[  307.643878][ T8811] loop3: detected capacity change from 0 to 256
[  307.719789][ T8811] exfat: Deprecated parameter 'namecase'
[  307.792498][ T8811] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  308.049669][ T8819] netlink: 12 bytes leftover after parsing attributes in process `syz.3.856'.
[  310.467996][ T8836] blktrace: Concurrent blktraces are not allowed on nullb0
[  310.883379][ T8840] netlink: 36 bytes leftover after parsing attributes in process `syz.4.866'.
[  310.897919][ T8840] netlink: 16 bytes leftover after parsing attributes in process `syz.4.866'.
[  310.907785][ T8840] netlink: 36 bytes leftover after parsing attributes in process `syz.4.866'.
[  311.188114][ T8832] loop0: detected capacity change from 0 to 32768
[  311.223104][ T8832] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.863 (8832)
[  311.305501][ T8832] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  311.337182][ T8832] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  311.472087][ T8832] BTRFS info (device loop0): setting nodatasum
[  311.516117][ T8832] BTRFS info (device loop0): setting nodatacow
[  311.558408][ T8832] BTRFS info (device loop0): turning on async discard
[  311.575510][ T8832] BTRFS info (device loop0): enabling free space tree
[  311.606456][ T8832] BTRFS info (device loop0): enabling auto defrag
[  311.649545][ T8832] BTRFS info (device loop0): max_inline set to 0
[  311.669963][ T8865] loop1: detected capacity change from 0 to 256
[  311.688868][ T8865] exfat: Deprecated parameter 'namecase'
[  311.725888][ T8865] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  311.895270][   T30] audit: type=1800 audit(1764479125.667:98): pid=8832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.863" name="bus" dev="loop0" ino=263 res=0 errno=0
[  312.169423][ T8867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.870'.
[  312.296556][   T30] audit: type=1800 audit(1764479125.857:99): pid=8832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.863" name="file1" dev="loop0" ino=260 res=0 errno=0
[  312.356529][ T5822] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  313.622154][ T8885] loop0: detected capacity change from 0 to 16
[  313.663099][ T8885] erofs (device loop0): mounted with root inode @ nid 36.
[  313.812015][ T8889] blktrace: Concurrent blktraces are not allowed on nullb0
[  313.839368][ T8888] Cannot find set identified by id 0 to match
[  315.087585][ T8901] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.883'.
[  315.213175][ T8903] loop2: detected capacity change from 0 to 256
[  315.242732][ T8903] exfat: Deprecated parameter 'namecase'
[  315.290972][ T8903] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  316.256205][ T8899] loop1: detected capacity change from 0 to 32768
[  316.282889][ T8899] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.882 (8899)
[  316.312114][ T8899] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  316.352632][ T8899] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  316.772125][ T8899] BTRFS info (device loop1): setting nodatasum
[  316.823300][ T8899] BTRFS info (device loop1): setting nodatacow
[  316.861574][ T8899] BTRFS info (device loop1): turning on async discard
[  316.899780][ T8899] BTRFS info (device loop1): enabling free space tree
[  316.937402][ T8899] BTRFS info (device loop1): enabling auto defrag
[  316.948971][ T8899] BTRFS info (device loop1): max_inline set to 0
[  317.005022][   T30] audit: type=1800 audit(1764479130.757:100): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.882" name="bus" dev="loop1" ino=263 res=0 errno=0
[  317.145139][   T30] audit: type=1800 audit(1764479130.907:101): pid=8933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.882" name="file1" dev="loop1" ino=260 res=0 errno=0
[  317.304909][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.311337][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  317.395060][ T8939] blktrace: Concurrent blktraces are not allowed on nullb0
[  317.416489][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  318.550914][ T8950] loop4: detected capacity change from 0 to 256
[  318.602283][ T8950] exfat: Deprecated parameter 'namecase'
[  318.893941][ T8950] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  319.206590][ T8957] netlink: 12 bytes leftover after parsing attributes in process `syz.4.895'.
[  320.179688][ T8961] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.898'.
[  321.477408][ T8968] loop2: detected capacity change from 0 to 32768
[  321.509225][ T8968] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.902 (8968)
[  321.581028][ T8968] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  321.633971][ T8968] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  321.920252][ T8991] blktrace: Concurrent blktraces are not allowed on nullb0
[  321.995968][ T8968] BTRFS info (device loop2): setting nodatasum
[  322.022183][ T8968] BTRFS info (device loop2): setting nodatacow
[  322.042407][ T8968] BTRFS info (device loop2): turning on async discard
[  322.071939][ T8968] BTRFS info (device loop2): enabling free space tree
[  322.096579][ T8968] BTRFS info (device loop2): enabling auto defrag
[  322.128833][ T8968] BTRFS info (device loop2): max_inline set to 0
[  322.227300][   T30] audit: type=1800 audit(1764479135.977:102): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.902" name="bus" dev="loop2" ino=263 res=0 errno=0
[  322.378322][   T30] audit: type=1800 audit(1764479136.157:103): pid=8994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.902" name="file1" dev="loop2" ino=260 res=0 errno=0
[  322.632935][ T5831] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  322.778267][ T9003] loop3: detected capacity change from 0 to 256
[  322.802537][ T9003] exfat: Deprecated parameter 'namecase'
[  322.823431][ T9003] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  323.202814][ T9011] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.911'.
[  323.388824][ T9006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.909'.
[  326.120825][ T9039] blktrace: Concurrent blktraces are not allowed on nullb0
[  326.720990][ T9047] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.925'.
[  326.752725][ T9049] loop0: detected capacity change from 0 to 256
[  326.778123][ T9049] exfat: Deprecated parameter 'namecase'
[  326.842265][ T9049] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  327.048235][ T9054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.926'.
[  330.079119][ T9079] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.937'.
[  330.240058][ T9083] loop0: detected capacity change from 0 to 256
[  330.260173][ T9083] exfat: Deprecated parameter 'namecase'
[  330.310816][ T9083] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  330.578850][ T9089] netlink: 12 bytes leftover after parsing attributes in process `syz.0.940'.
[  331.413532][ T9092] blktrace: Concurrent blktraces are not allowed on nullb0
[  331.589398][ T9099] loop0: detected capacity change from 0 to 16
[  331.621281][ T9099] erofs (device loop0): mounted with root inode @ nid 36.
[  331.828052][ T9100] Cannot find set identified by id 0 to match
[  332.831529][ T9114] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.950'.
[  333.162538][ T9120] loop3: detected capacity change from 0 to 256
[  333.204678][ T9120] exfat: Deprecated parameter 'namecase'
[  333.282670][ T9120] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  333.473810][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.954'.
[  334.368054][ T9128] blktrace: Concurrent blktraces are not allowed on nullb0
[  335.288871][ T9144] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.963'.
[  335.923356][ T9154] loop3: detected capacity change from 0 to 256
[  335.970179][ T9154] exfat: Deprecated parameter 'namecase'
[  336.024559][ T9154] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  336.118538][ T9154] netlink: 12 bytes leftover after parsing attributes in process `syz.3.967'.
[  336.715570][ T9169] blktrace: Concurrent blktraces are not allowed on nullb0
[  337.250475][ T9174] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.976'.
[  337.872193][ T9186] loop0: detected capacity change from 0 to 256
[  337.903599][ T9186] exfat: Deprecated parameter 'namecase'
[  338.011830][ T9186] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  338.069648][ T9186] netlink: 12 bytes leftover after parsing attributes in process `syz.0.981'.
[  339.189897][ T9203] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.988'.
[  339.450777][ T9210] loop2: detected capacity change from 0 to 16
[  339.517933][ T9212] blktrace: Concurrent blktraces are not allowed on nullb0
[  339.537680][ T9210] erofs (device loop2): mounted with root inode @ nid 36.
[  339.723688][ T9215] loop3: detected capacity change from 0 to 256
[  339.762283][ T9215] exfat: Deprecated parameter 'namecase'
[  339.869056][ T9215] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  339.943952][ T9217] Cannot find set identified by id 0 to match
[  340.029196][ T9215] netlink: 12 bytes leftover after parsing attributes in process `syz.3.993'.
[  342.382754][ T9249] blktrace: Concurrent blktraces are not allowed on nullb0
[  342.629561][ T9254] loop3: detected capacity change from 0 to 16
[  342.702838][ T9254] erofs (device loop3): mounted with root inode @ nid 36.
[  342.734637][ T9253] loop0: detected capacity change from 0 to 256
[  342.841852][ T9258] xt_NFQUEUE: number of total queues is 0
[  342.921560][ T9253] exfat: Deprecated parameter 'namecase'
[  344.024991][ T9253] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  344.164094][ T9253] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1007'.
[  345.506113][ T9288] loop4: detected capacity change from 0 to 16
[  345.552974][ T9288] erofs (device loop4): mounted with root inode @ nid 36.
[  345.729347][ T9288] Cannot find set identified by id 0 to match
[  345.911843][ T9297] loop0: detected capacity change from 0 to 256
[  345.962753][ T9297] exfat: Deprecated parameter 'namecase'
[  346.101598][ T9301] blktrace: Concurrent blktraces are not allowed on nullb0
[  346.246194][ T9297] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  346.544974][ T9297] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1026'.
[  347.227346][ T9319] loop4: detected capacity change from 0 to 16
[  347.260735][ T9319] erofs (device loop4): mounted with root inode @ nid 36.
[  347.487779][ T9322] Cannot find set identified by id 0 to match
[  348.284016][ T9340] loop2: detected capacity change from 0 to 256
[  348.309229][ T9340] exfat: Deprecated parameter 'namecase'
[  348.401581][ T9340] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  348.486261][ T9345] blktrace: Concurrent blktraces are not allowed on nullb0
[  348.636724][ T9340] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1043'.
[  348.684680][ T9349] loop1: detected capacity change from 0 to 16
[  348.709426][ T9349] erofs (device loop1): mounted with root inode @ nid 36.
[  350.489704][ T9349] Cannot find set identified by id 0 to match
[  351.977378][ T9385] blktrace: Concurrent blktraces are not allowed on nullb0
[  352.095902][ T9387] loop3: detected capacity change from 0 to 256
[  352.142435][ T9387] exfat: Deprecated parameter 'namecase'
[  352.231496][ T9387] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  352.329269][ T9389] loop4: detected capacity change from 0 to 16
[  352.452570][ T9389] erofs (device loop4): mounted with root inode @ nid 36.
[  352.508220][ T9390] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1062'.
[  352.858895][ T9389] Cannot find set identified by id 0 to match
[  354.820412][ T9421] loop3: detected capacity change from 0 to 16
[  354.856519][ T9421] erofs (device loop3): mounted with root inode @ nid 36.
[  354.923207][ T9421] xt_NFQUEUE: number of total queues is 0
[  355.109574][ T9426] blktrace: Concurrent blktraces are not allowed on nullb0
[  355.136016][ T9425] loop2: detected capacity change from 0 to 256
[  355.213082][ T9425] exfat: Deprecated parameter 'namecase'
[  355.367014][ T9425] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  355.754009][ T9433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1076'.
[  356.972505][ T9451] loop1: detected capacity change from 0 to 16
[  356.992555][ T9451] erofs (device loop1): mounted with root inode @ nid 36.
[  357.087456][ T9451] Cannot find set identified by id 0 to match
[  357.450581][ T9463] loop1: detected capacity change from 0 to 256
[  357.471895][ T9463] exfat: Deprecated parameter 'namecase'
[  357.538394][ T9463] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  357.836500][ T9469] blktrace: Concurrent blktraces are not allowed on nullb0
[  357.990825][ T9470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1093'.
[  358.859441][ T9486] loop0: detected capacity change from 0 to 16
[  358.891731][ T9486] erofs (device loop0): mounted with root inode @ nid 36.
[  358.995742][ T9486] Cannot find set identified by id 0 to match
[  360.489480][ T9505] loop1: detected capacity change from 0 to 256
[  360.532023][ T9505] exfat: Deprecated parameter 'namecase'
[  360.570870][ T9505] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  360.812933][ T9510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1110'.
[  361.442614][ T9516] blktrace: Concurrent blktraces are not allowed on nullb0
[  362.056621][ T9526] loop1: detected capacity change from 0 to 16
[  362.111250][ T9526] erofs (device loop1): mounted with root inode @ nid 36.
[  362.211228][ T9526] Cannot find set identified by id 0 to match
[  363.033112][ T9542] loop4: detected capacity change from 0 to 256
[  363.048778][ T9542] exfat: Deprecated parameter 'namecase'
[  363.106694][ T9542] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  363.257712][ T9542] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1123'.
[  363.606598][ T9556] loop1: detected capacity change from 0 to 16
[  363.707386][ T9556] erofs (device loop1): mounted with root inode @ nid 36.
[  364.206827][ T9563] Cannot find set identified by id 0 to match
[  364.867153][ T9566] blktrace: Concurrent blktraces are not allowed on nullb0
[  365.247617][ T9576] loop4: detected capacity change from 0 to 256
[  365.262118][ T9576] exfat: Deprecated parameter 'namecase'
[  365.296237][ T9576] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  365.546157][ T9581] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1139'.
[  366.043744][ T9592] loop4: detected capacity change from 0 to 16
[  366.073032][ T9592] erofs (device loop4): mounted with root inode @ nid 36.
[  367.350508][ T9592] Cannot find set identified by id 0 to match
[  368.432138][ T9611] blktrace: Concurrent blktraces are not allowed on nullb0
[  368.936234][ T9617] loop4: detected capacity change from 0 to 256
[  368.943781][ T9617] exfat: Deprecated parameter 'namecase'
[  368.978173][ T9617] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  369.190484][ T9625] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1155'.
[  371.369325][ T9639] loop2: detected capacity change from 0 to 16
[  371.394770][ T9639] erofs (device loop2): mounted with root inode @ nid 36.
[  372.069809][ T9645] Cannot find set identified by id 0 to match
[  372.647358][ T9663] blktrace: Concurrent blktraces are not allowed on nullb0
[  378.750598][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.761636][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  379.308711][ T9686] loop1: detected capacity change from 0 to 16
[  379.467525][ T9686] erofs (device loop1): mounted with root inode @ nid 36.
[  379.648374][ T9689] Cannot find set identified by id 0 to match
[  380.873363][ T9702] blktrace: Concurrent blktraces are not allowed on nullb0
[  383.128357][ T9725] loop2: detected capacity change from 0 to 16
[  383.165169][ T9725] erofs (device loop2): mounted with root inode @ nid 36.
[  383.742226][ T9735] blktrace: Concurrent blktraces are not allowed on nullb0
[  385.686259][ T5146] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  385.702316][ T5146] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  385.726208][ T5146] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  385.736890][ T5146] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  385.746844][ T5146] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  386.293457][ T9768] loop3: detected capacity change from 0 to 16
[  386.350227][ T9768] erofs (device loop3): mounted with root inode @ nid 36.
[  387.279036][ T9780] blktrace: Concurrent blktraces are not allowed on nullb0
[  387.907301][ T5146] Bluetooth: hci5: command tx timeout
[  389.995654][ T5146] Bluetooth: hci5: command tx timeout
[  390.552234][ T9759] chnl_net:caif_netlink_parms(): no params data found
[  390.770631][ T9801] loop2: detected capacity change from 0 to 16
[  390.801214][ T9801] erofs (device loop2): mounted with root inode @ nid 36.
[  391.108664][ T2133] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.140851][ T5146] Bluetooth: hci5: command tx timeout
[  394.177380][ T5146] Bluetooth: hci5: command tx timeout
[  395.979666][ T2133] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  396.390681][ T9759] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.423814][ T9759] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.460645][ T9759] bridge_slave_0: entered allmulticast mode
[  396.471597][ T9759] bridge_slave_0: entered promiscuous mode
[  396.489886][ T9759] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.497945][ T9759] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.517768][ T9759] bridge_slave_1: entered allmulticast mode
[  396.525977][ T9759] bridge_slave_1: entered promiscuous mode
[  396.620438][ T2133] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  396.732424][ T9843] loop0: detected capacity change from 0 to 16
[  396.771162][ T9843] erofs (device loop0): mounted with root inode @ nid 36.
[  399.975968][ T2133] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.038529][ T9854] blktrace: Concurrent blktraces are not allowed on nullb0
[  400.317570][ T9759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.386759][ T9759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.558136][ T9759] team0: Port device team_slave_0 added
[  400.580500][ T9759] team0: Port device team_slave_1 added
[  400.731447][ T9759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.758892][ T9759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  400.827924][ T9759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.887470][ T9759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.894538][ T9759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  400.963730][ T9759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.097703][ T2133] bridge_slave_1: left allmulticast mode
[  401.115571][ T2133] bridge_slave_1: left promiscuous mode
[  401.138922][ T2133] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.176446][ T2133] bridge_slave_0: left allmulticast mode
[  403.259425][ T2133] bridge_slave_0: left promiscuous mode
[  403.322417][ T2133] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.473170][ T9881] loop3: detected capacity change from 0 to 16
[  403.508843][ T9881] erofs (device loop3): mounted with root inode @ nid 36.
[  404.355469][ T9899] blktrace: Concurrent blktraces are not allowed on nullb0
[  405.996561][ T2133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.985419][ T2133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  407.017799][ T2133] bond0 (unregistering): Released all slaves
[  407.060001][ T9920] loop0: detected capacity change from 0 to 16
[  407.104982][ T9920] erofs (device loop0): mounted with root inode @ nid 36.
[  407.695510][ T2133] tipc: Disabling bearer <udp:syz1>
[  407.723977][ T2133] tipc: Left network mode
[  407.742819][ T9759] hsr_slave_0: entered promiscuous mode
[  407.758329][ T9759] hsr_slave_1: entered promiscuous mode
[  407.784344][ T9759] debugfs: 'hsr0' already exists in 'hsr'
[  407.810973][ T9759] Cannot create hsr debugfs directory
[  410.387533][ T9950] blktrace: Concurrent blktraces are not allowed on nullb0
[  411.170587][ T9971] loop3: detected capacity change from 0 to 16
[  411.203466][ T9971] erofs (device loop3): mounted with root inode @ nid 36.
[  411.956190][ T2133] hsr_slave_0: left promiscuous mode
[  411.994293][ T2133] hsr_slave_1: left promiscuous mode
[  412.018896][ T2133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.032935][ T2133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  412.070080][ T2133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  412.090244][ T2133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  412.285170][ T2133] veth1_macvtap: left promiscuous mode
[  412.294590][ T2133] veth0_macvtap: left promiscuous mode
[  412.301313][ T2133] veth1_vlan: left promiscuous mode
[  412.306885][ T2133] veth0_vlan: left promiscuous mode
[  414.593444][ T9999] blktrace: Concurrent blktraces are not allowed on nullb0
[  415.041160][T10005] loop1: detected capacity change from 0 to 16
[  415.072329][T10005] erofs (device loop1): mounted with root inode @ nid 36.
[  418.672852][ T2133] team0 (unregistering): Port device team_slave_1 removed
[  418.799087][ T2133] team0 (unregistering): Port device team_slave_0 removed
[  418.978674][T10040] blktrace: Concurrent blktraces are not allowed on nullb0
[  419.574284][T10045] loop1: detected capacity change from 0 to 16
[  419.604051][T10045] erofs (device loop1): mounted with root inode @ nid 36.
[  423.601371][T10072] blktrace: Concurrent blktraces are not allowed on nullb0
[  423.766728][T10074] loop2: detected capacity change from 0 to 16
[  423.805179][T10074] erofs (device loop2): mounted with root inode @ nid 36.
[  427.180649][T10109] loop1: detected capacity change from 0 to 16
[  427.207633][T10109] erofs (device loop1): mounted with root inode @ nid 36.
[  427.651094][ T9759] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  427.672176][ T9759] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  427.770983][ T9759] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  427.809185][ T9759] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  428.159002][T10132] blktrace: Concurrent blktraces are not allowed on nullb0
[  428.616512][ T9759] 8021q: adding VLAN 0 to HW filter on device bond0
[  429.146813][ T9759] 8021q: adding VLAN 0 to HW filter on device team0
[  429.560548][ T1319] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.567820][ T1319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  429.609613][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.616860][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  429.865933][ T9759] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  429.952888][ T9759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  430.011394][T10154] loop1: detected capacity change from 0 to 16
[  430.079070][T10154] erofs (device loop1): mounted with root inode @ nid 36.
[  430.770635][ T9759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  431.462851][T10192] blktrace: Concurrent blktraces are not allowed on nullb0
[  433.428856][ T9759] veth0_vlan: entered promiscuous mode
[  433.488205][ T9759] veth1_vlan: entered promiscuous mode
[  433.634695][ T9759] veth0_macvtap: entered promiscuous mode
[  433.681571][ T9759] veth1_macvtap: entered promiscuous mode
[  433.747374][ T9759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  433.776109][ T9759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  433.793883][ T6380] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  433.872808][ T6380] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  433.950238][ T6380] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  433.990662][ T6380] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  434.055676][ T6380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  434.087200][ T6380] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  434.132031][ T6380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  434.149410][ T6380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  434.792037][T10235] blktrace: Concurrent blktraces are not allowed on nullb0
[  438.043004][T10284] blktrace: Concurrent blktraces are not allowed on nullb0
[  438.979108][T10303] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1387'.
[  440.259502][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.269155][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.789840][T10331] blktrace: Concurrent blktraces are not allowed on nullb0
[  441.145988][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  441.159075][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  441.168103][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  441.176410][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  441.199034][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  443.385094][ T5834] Bluetooth: hci2: command tx timeout
[  443.590239][T10337] chnl_net:caif_netlink_parms(): no params data found
[  443.647025][ T5916] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  443.837349][ T5916] usb 6-1: Using ep0 maxpacket: 16
[  443.862211][ T5916] usb 6-1: config 0 has no interfaces?
[  443.872801][ T5916] usb 6-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  443.888427][ T5916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.896609][ T5916] usb 6-1: Product: syz
[  443.900843][ T5916] usb 6-1: Manufacturer: syz
[  443.905554][ T5916] usb 6-1: SerialNumber: syz
[  443.910914][T10363] Illegal XDP return value 4294967274 on prog  (id 378) dev N/A, expect packet loss!
[  443.928345][ T5916] usb 6-1: config 0 descriptor??
[  444.192955][   T39] usb 6-1: USB disconnect, device number 2
[  444.837660][  T982] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  445.027003][  T982] usb 4-1: device descriptor read/64, error -71
[  445.228108][T10409] blktrace: Concurrent blktraces are not allowed on nullb0
[  445.365645][  T982] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  445.482997][ T5834] Bluetooth: hci2: command tx timeout
[  445.517599][  T982] usb 4-1: device descriptor read/64, error -71
[  445.688684][  T982] usb usb4-port1: attempt power cycle
[  446.060172][T10337] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.085933][T10337] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.107983][T10337] bridge_slave_0: entered allmulticast mode
[  446.137141][T10337] bridge_slave_0: entered promiscuous mode
[  446.148983][  T982] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  446.179194][T10337] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.194690][T10337] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.207789][  T982] usb 4-1: device descriptor read/8, error -71
[  446.216869][T10337] bridge_slave_1: entered allmulticast mode
[  446.226624][T10337] bridge_slave_1: entered promiscuous mode
[  446.286346][T10337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.300503][T10337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.346330][T10337] team0: Port device team_slave_0 added
[  446.355721][T10337] team0: Port device team_slave_1 added
[  446.457174][  T982] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  446.457835][T10337] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.476238][T10337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  446.503233][T10337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.515414][  T982] usb 4-1: device descriptor read/8, error -71
[  446.515953][T10337] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.528874][T10337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  446.554879][T10337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.657800][  T982] usb usb4-port1: unable to enumerate USB device
[  446.700023][T10337] hsr_slave_0: entered promiscuous mode
[  446.708786][T10337] hsr_slave_1: entered promiscuous mode
[  446.717936][T10337] debugfs: 'hsr0' already exists in 'hsr'
[  446.723700][T10337] Cannot create hsr debugfs directory
[  446.930800][T10431] netlink: 'syz.1.1422': attribute type 30 has an invalid length.
[  447.087040][ T5982] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  447.277231][ T5982] usb 6-1: Using ep0 maxpacket: 16
[  447.330032][ T5982] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.365274][ T5982] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  447.429281][ T5982] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  447.484890][ T5982] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.536998][ T5834] Bluetooth: hci2: command tx timeout
[  447.592613][ T5982] usb 6-1: Product: syz
[  447.641172][ T5982] usb 6-1: Manufacturer: syz
[  447.697192][ T5982] usb 6-1: SerialNumber: syz
[  447.960626][ T5982] usb 6-1: 0:2 : does not exist
[  448.790985][T10444] blktrace: Concurrent blktraces are not allowed on nullb0
[  449.434604][ T5982] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  449.560178][ T5982] usb 6-1: USB disconnect, device number 3
[  449.617079][ T5834] Bluetooth: hci2: command tx timeout
[  449.758361][ T5888] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  449.771338][ T5963] udevd[5963]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  449.892216][T10337] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  449.947037][ T5888] usb 2-1: Using ep0 maxpacket: 32
[  450.020194][ T5888] usb 2-1: config 0 has no interfaces?
[  450.130661][ T5888] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  450.256344][T10337] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  450.378311][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.409149][ T5888] usb 2-1: config 0 descriptor??
[  450.421980][T10337] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  450.520759][T10337] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  450.623880][T10455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.671854][T10455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  451.077601][ T5902] usb 2-1: USB disconnect, device number 3
[  455.061160][T10337] 8021q: adding VLAN 0 to HW filter on device bond0
[  455.092807][T10337] 8021q: adding VLAN 0 to HW filter on device team0
[  455.335597][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.342866][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  455.424635][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.431880][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  455.596977][  T130] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  456.049976][   T30] audit: type=1326 audit(1764479269.587:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.316968][  T130] usb 6-1: Using ep0 maxpacket: 16
[  456.351531][  T130] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  456.386992][   T30] audit: type=1326 audit(1764479269.587:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.504719][   T30] audit: type=1326 audit(1764479269.587:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.529242][  T130] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  456.612814][  T130] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[  456.644323][   T30] audit: type=1326 audit(1764479269.597:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.665006][  T130] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  456.698795][   T30] audit: type=1326 audit(1764479269.597:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.782586][   T30] audit: type=1326 audit(1764479269.597:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.819854][  T130] usb 6-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  456.840472][  T130] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.888532][   T30] audit: type=1326 audit(1764479269.607:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  456.897760][  T130] usb 6-1: Product: syz
[  456.983881][  T130] usb 6-1: Manufacturer: syz
[  456.997489][   T30] audit: type=1326 audit(1764479269.607:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  457.086494][T10337] 8021q: adding VLAN 0 to HW filter on device batadv0
[  457.094484][   T30] audit: type=1326 audit(1764479269.617:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  457.117037][  T130] usb 6-1: SerialNumber: syz
[  457.155522][   T30] audit: type=1326 audit(1764479269.617:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10506 comm="syz.2.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcab2f8f749 code=0x7ffc0000
[  457.204226][  T130] usb 6-1: config 0 descriptor??
[  457.248221][  T130] xbox_remote_probe: Unexpected endpoint_in
[  457.317285][ T5916] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  457.523696][ T5916] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  457.584185][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1452'.
[  457.607013][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.202125][ T5916] usb 2-1: Product: syz
[  458.206303][ T5916] usb 2-1: Manufacturer: syz
[  458.211410][   T39] usb 6-1: USB disconnect, device number 4
[  458.221634][ T5916] usb 2-1: SerialNumber: syz
[  458.232982][ T5916] usb 2-1: config 0 descriptor??
[  458.461369][ T5916] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  458.633208][T10557] blktrace: Concurrent blktraces are not allowed on nullb0
[  459.196005][T10337] veth0_vlan: entered promiscuous mode
[  459.283155][T10337] veth1_vlan: entered promiscuous mode
[  459.437231][T10337] veth0_macvtap: entered promiscuous mode
[  459.454729][T10337] veth1_macvtap: entered promiscuous mode
[  460.064743][T10337] batman_adv: batadv0: Interface activated: batadv_slave_0
[  460.207562][T10337] batman_adv: batadv0: Interface activated: batadv_slave_1
[  460.225639][ T5916] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  460.297250][ T3500] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  460.323875][ T5916] usb 2-1: USB disconnect, device number 4
[  460.346984][ T3500] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  460.391190][ T3500] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  460.416670][ T5834] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  460.430985][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[  460.431012][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  460.431025][ T5834] Workqueue: hci3 hci_rx_work
[  460.431059][ T5834] Call Trace:
[  460.431068][ T5834]  <TASK>
[  460.431077][ T5834]  dump_stack_lvl+0x189/0x250
[  460.431105][ T5834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.431126][ T5834]  ? __pfx__printk+0x10/0x10
[  460.431156][ T5834]  ? kernfs_path_from_node+0x250/0x290
[  460.431175][ T5834]  ? kernfs_path_from_node+0x2f/0x290
[  460.431199][ T5834]  sysfs_create_dir_ns+0x259/0x280
[  460.431226][ T5834]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  460.431248][ T5834]  ? do_raw_spin_unlock+0x122/0x240
[  460.431278][ T5834]  kobject_add_internal+0x6ab/0xcc0
[  460.431312][ T5834]  kobject_add+0x155/0x220
[  460.431340][ T5834]  ? __pfx_kobject_add+0x10/0x10
[  460.431362][ T5834]  ? _raw_spin_unlock+0x28/0x50
[  460.431385][ T5834]  ? get_device_parent+0x366/0x3a0
[  460.431409][ T5834]  device_add+0x408/0xb80
[  460.431433][ T5834]  hci_conn_add_sysfs+0xd5/0x210
[  460.431457][ T5834]  le_conn_complete_evt+0xf1d/0x1420
[  460.431493][ T5834]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  460.431515][ T5834]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  460.431535][ T5834]  ? __asan_memcpy+0x40/0x70
[  460.431565][ T5834]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  460.431584][ T5834]  ? skb_pull_data+0xfb/0x200
[  460.431614][ T5834]  hci_le_conn_complete_evt+0x187/0x480
[  460.431646][ T5834]  hci_event_packet+0x78f/0x1260
[  460.431669][ T5834]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  460.431695][ T5834]  ? __pfx_hci_event_packet+0x10/0x10
[  460.431719][ T5834]  ? kcov_remote_start+0x4d3/0x7f0
[  460.431743][ T5834]  ? lockdep_hardirqs_on+0x98/0x140
[  460.431767][ T5834]  ? hci_send_to_monitor+0xe2/0x590
[  460.431794][ T5834]  hci_rx_work+0x3ee/0x1060
[  460.431827][ T5834]  ? process_one_work+0x868/0x15a0
[  460.431844][ T5834]  process_one_work+0x93a/0x15a0
[  460.431882][ T5834]  ? __pfx_process_one_work+0x10/0x10
[  460.431915][ T5834]  ? assign_work+0x3a1/0x410
[  460.431940][ T5834]  worker_thread+0x9b0/0xee0
[  460.431986][ T5834]  kthread+0x711/0x8a0
[  460.432012][ T5834]  ? __pfx_worker_thread+0x10/0x10
[  460.432031][ T5834]  ? __pfx_kthread+0x10/0x10
[  460.432056][ T5834]  ? _raw_spin_unlock_irq+0x23/0x50
[  460.432074][ T5834]  ? lockdep_hardirqs_on+0x98/0x140
[  460.432091][ T5834]  ? __pfx_kthread+0x10/0x10
[  460.432114][ T5834]  ret_from_fork+0x599/0xb30
[  460.432135][ T5834]  ? __pfx_ret_from_fork+0x10/0x10
[  460.432164][ T5834]  ? __switch_to_asm+0x39/0x70
[  460.432183][ T5834]  ? __switch_to_asm+0x33/0x70
[  460.432203][ T5834]  ? __pfx_kthread+0x10/0x10
[  460.432226][ T5834]  ret_from_fork_asm+0x1a/0x30
[  460.432266][ T5834]  </TASK>
[  460.432296][ T5834] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  460.446510][ T3500] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  460.452230][ T5834] Bluetooth: hci3: failed to register connection device
[  461.083360][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  461.083377][   T30] audit: type=1326 audit(1764479274.857:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  461.204393][   T30] audit: type=1326 audit(1764479274.897:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  461.249837][ T6767] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  461.305080][ T6767] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  461.333189][   T30] audit: type=1326 audit(1764479274.897:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  461.527320][   T30] audit: type=1326 audit(1764479274.897:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  462.220604][   T30] audit: type=1326 audit(1764479274.897:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  462.248522][ T7877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.256378][ T7877] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.285343][   T30] audit: type=1326 audit(1764479274.897:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  462.336694][   T30] audit: type=1326 audit(1764479274.907:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  462.729015][T10609] blktrace: Concurrent blktraces are not allowed on nullb0
[  463.087132][ T5950] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  463.250090][ T5950] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  463.304799][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.387921][ T5950] usb 4-1: config 0 descriptor??
[  463.462007][ T5950] cp210x 4-1:0.0: cp210x converter detected
[  463.533486][   T30] audit: type=1804 audit(1764479277.297:140): pid=10626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1469" name="/newroot/2/file0" dev="tmpfs" ino=28 res=1 errno=0
[  463.757367][   T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  463.801359][ T5950] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  463.849454][ T5950] usb 4-1: cp210x converter now attached to ttyUSB0
[  463.927010][   T10] usb 3-1: Using ep0 maxpacket: 32
[  464.067195][ T5950] usb 4-1: USB disconnect, device number 8
[  464.079543][ T5950] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  464.089697][   T10] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  464.100837][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.114529][ T5950] cp210x 4-1:0.0: device disconnected
[  464.123510][   T10] usb 3-1: Product: syz
[  464.127760][   T10] usb 3-1: Manufacturer: syz
[  464.134681][   T10] usb 3-1: SerialNumber: syz
[  464.142311][   T10] usb 3-1: config 0 descriptor??
[  464.210609][   T10] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  465.370968][   T30] audit: type=1326 audit(1764479279.147:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10649 comm="syz.1.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  465.443189][   T30] audit: type=1326 audit(1764479279.147:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10649 comm="syz.1.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7524b8f749 code=0x7ffc0000
[  465.607994][   T10] gspca_stk1135: reg_w 0x7 err -71
[  465.633284][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.684263][   T10] gspca_stk1135: Sensor write failed
[  465.705781][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.737040][   T10] gspca_stk1135: Sensor write failed
[  465.770519][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.784722][   T10] gspca_stk1135: Sensor read failed
[  465.799552][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.817140][   T10] gspca_stk1135: Sensor read failed
[  465.822379][   T10] gspca_stk1135: Detected sensor type unknown (0x0)
[  465.833862][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.849831][   T10] gspca_stk1135: Sensor read failed
[  465.855131][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.866425][   T10] gspca_stk1135: Sensor read failed
[  465.874134][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.881315][   T10] gspca_stk1135: Sensor write failed
[  465.892774][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  465.904136][   T10] gspca_stk1135: Sensor write failed
[  466.252094][T10670] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1481'.
[  466.575336][   T10] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  466.598974][   T10] usb 3-1: USB disconnect, device number 5
[  466.720207][T10672] blktrace: Concurrent blktraces are not allowed on nullb0
[  468.095619][T10692] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1489'.
[  468.270351][T10694] netlink: 204 bytes leftover after parsing attributes in process `syz.2.1490'.
[  468.297096][T10694] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1490'.
[  468.937019][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  469.833433][T10713] blktrace: Concurrent blktraces are not allowed on nullb0
[  470.375308][   T10] usb 3-1: Using ep0 maxpacket: 32
[  470.409441][   T10] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  470.928704][   T10] usb 3-1: config 0 has no interface number 0
[  470.936997][   T10] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  470.951242][   T10] usb 3-1: config 0 interface 85 has no altsetting 0
[  471.001808][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  471.011091][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.019229][   T10] usb 3-1: Product: syz
[  471.023406][   T10] usb 3-1: Manufacturer: syz
[  471.028144][   T10] usb 3-1: SerialNumber: syz
[  471.037891][   T10] usb 3-1: config 0 descriptor??
[  472.112666][   T10] appletouch 3-1:0.85: Geyser mode initialized.
[  472.144218][   T10] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input5
[  472.221644][   T10] usb 3-1: USB disconnect, device number 6
[  472.221767][    C1] appletouch 3-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  472.481717][   T10] appletouch 3-1:0.85: input: appletouch disconnected
[  473.438175][T10757] blktrace: Concurrent blktraces are not allowed on nullb0
[  475.174530][T10775] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  476.068830][T10778] could not allocate digest TFM handle sha256-arm64
[  476.479028][   T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  476.767055][   T10] usb 3-1: Using ep0 maxpacket: 32
[  476.832241][   T10] usb 3-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  476.844955][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.566955][   T10] usb 3-1: Product: syz
[  478.571164][   T10] usb 3-1: Manufacturer: syz
[  478.575765][   T10] usb 3-1: SerialNumber: syz
[  478.643128][   T10] usb 3-1: config 0 descriptor??
[  478.696089][   T10] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[  478.764444][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  478.780938][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  478.791251][   T10] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[  478.801594][   T10] usb 3-1: media controller created
[  478.807623][T10820] blktrace: Concurrent blktraces are not allowed on nullb0
[  478.907995][T10791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.994434][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  479.020004][T10791] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.101848][T10791] dvb-usb: bulk message failed: -22 (68/0)
[  479.280028][T10826] netlink: 'syz.5.1536': attribute type 3 has an invalid length.
[  479.307879][   T10] usb 3-1: selecting invalid altsetting 7
[  479.356815][   T10] cxusb: set interface failed
[  479.365395][T10826] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1536'.
[  479.396141][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  479.427802][T10834] netlink: 'syz.1.1537': attribute type 4 has an invalid length.
[  479.516317][T10834] netlink: 'syz.1.1537': attribute type 4 has an invalid length.
[  479.541465][   T10] DVB: Unable to find symbol lgdt330x_attach()
[  479.567303][   T10] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[  479.646974][   T10] rc_core: IR keymap rc-dvico-portable not found
[  479.663287][   T10] Registered IR keymap rc-empty
[  479.702783][   T10] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0
[  479.729754][   T10] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input6
[  479.771970][   T10] dvb-usb: schedule remote query interval to 100 msecs.
[  479.787171][   T10] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[  479.874342][   T10] usb 3-1: USB disconnect, device number 7
[  481.035657][   T10] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[  481.962424][T10877] blktrace: Concurrent blktraces are not allowed on nullb0
[  482.037380][T10878] netlink: 7 bytes leftover after parsing attributes in process `syz.6.1553'.
[  482.051758][T10878] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1553'.
[  482.353207][T10884] program syz.3.1556 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  484.111414][T10907] batadv_slave_1: entered promiscuous mode
[  484.163549][ T5834] Bluetooth: hci4: unexpected event for opcode 0x2024
[  484.174359][T10906] batadv_slave_1: left promiscuous mode
[  484.992348][T10929] blktrace: Concurrent blktraces are not allowed on nullb0
[  486.251598][T10942] netlink: 220 bytes leftover after parsing attributes in process `syz.5.1577'.
[  486.424866][T10942] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1577'.
[  486.498394][T10944] loop9: detected capacity change from 0 to 7
[  486.560755][T10944] Dev loop9: unable to read RDB block 7
[  486.597654][T10944]  loop9: unable to read partition table
[  486.620672][T10944] loop9: partition table beyond EOD, truncated
[  486.662548][T10944] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  486.872540][ T6277] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  486.983078][T10965] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1583'.
[  487.002724][T10965] ALSA: mixer_oss: invalid OSS volume ''
[  487.047082][ T6277] usb 2-1: Using ep0 maxpacket: 32
[  487.066162][ T6277] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  487.076970][ T6277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.086794][ T6277] usb 2-1: Product: syz
[  487.091412][ T6277] usb 2-1: Manufacturer: syz
[  487.555405][ T6277] usb 2-1: SerialNumber: syz
[  487.567209][ T6277] usb 2-1: config 0 descriptor??
[  487.784569][ T6277] peak_usb 2-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[  487.805587][ T6277] peak_usb 2-1:0.0: unable to read PCAN-USB Pro firmware info (err -71)
[  487.899187][ T6277] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -71
[  487.968981][ T6277] usb 2-1: USB disconnect, device number 5
[  488.487753][   T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  488.736099][   T10] usb 6-1: Using ep0 maxpacket: 16
[  488.753540][   T10] usb 6-1: config 1 interface 0 altsetting 16 bulk endpoint 0x1 has invalid maxpacket 1023
[  488.764055][   T10] usb 6-1: config 1 interface 0 has no altsetting 0
[  488.783152][   T10] usb 6-1: string descriptor 0 read error: -22
[  488.795441][   T10] usb 6-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  492.732523][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.791773][   T10] usb 6-1: can't set config #1, error -71
[  492.844721][   T10] usb 6-1: USB disconnect, device number 5
[  495.164637][T11032] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1610'.
[  495.182982][T11033] netlink: 'syz.5.1609': attribute type 4 has an invalid length.
[  495.209639][T11034] blktrace: Concurrent blktraces are not allowed on nullb0
[  495.388010][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  495.388027][   T30] audit: type=1326 audit(1764479309.167:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  495.453718][T11033] netlink: 116 bytes leftover after parsing attributes in process `syz.5.1609'.
[  495.507897][T11033] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1609'.
[  495.566285][   T30] audit: type=1326 audit(1764479309.197:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  495.669293][   T30] audit: type=1326 audit(1764479309.197:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  495.692117][   T30] audit: type=1326 audit(1764479309.207:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  495.813464][   T30] audit: type=1326 audit(1764479309.207:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  495.897412][   T30] audit: type=1326 audit(1764479309.207:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  496.026114][   T30] audit: type=1326 audit(1764479309.207:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  496.140174][   T30] audit: type=1326 audit(1764479309.217:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  496.359341][   T30] audit: type=1326 audit(1764479309.217:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  497.147168][   T30] audit: type=1326 audit(1764479309.217:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11031 comm="syz.5.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  499.424396][T11073] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1622'.
[  500.689394][T11094] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1630'.
[  501.624914][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.631410][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  502.018170][T11107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1635'.
[  503.603373][T11128] blktrace: Concurrent blktraces are not allowed on nullb0
[  503.616933][ T6277] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  503.888101][ T6277] usb 4-1: not running at top speed; connect to a high speed hub
[  503.899270][ T6277] usb 4-1: config 1 interface 0 altsetting 247 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  503.957251][ T6277] usb 4-1: config 1 interface 0 altsetting 247 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.031864][ T6277] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  504.056017][ T6277] usb 4-1: config 1 interface 0 has no altsetting 0
[  504.071698][ T6277] usb 4-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.40
[  504.081132][ T6277] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.257244][ T6277] usb 4-1: Product: syz
[  504.261500][ T6277] usb 4-1: Manufacturer: syz
[  504.266109][ T6277] usb 4-1: SerialNumber: syz
[  505.461783][ T6277] usbhid 4-1:1.0: can't add hid device: -71
[  505.467861][ T6277] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  505.484227][ T6277] usb 4-1: USB disconnect, device number 9
[  505.548237][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1649'.
[  505.636097][T11148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1650'.
[  505.780872][T11135] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1648'.
[  508.897056][ T5146] Bluetooth: hci5: command 0x0406 tx timeout
[  510.719797][T11182] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1664'.
[  510.729725][T11186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1666'.
[  511.315783][T11207] blktrace: Concurrent blktraces are not allowed on nullb0
[  515.987684][T11222] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1681'.
[  516.241471][T11232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1683'.
[  520.384374][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1698'.
[  520.401460][T11268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1697'.
[  522.407858][T11294] blktrace: Concurrent blktraces are not allowed on nullb0
[  522.919368][T11303] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1712'.
[  523.085903][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1714'.
[  523.989838][T11326] netlink: 1896 bytes leftover after parsing attributes in process `syz.5.1719'.
[  524.510432][T11333] blktrace: Concurrent blktraces are not allowed on nullb0
[  525.268470][T11338] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1724'.
[  527.005608][T11356] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  528.270069][T11385] blktrace: Concurrent blktraces are not allowed on nullb0
[  528.675292][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  528.675525][   T30] audit: type=1326 audit(1764479342.447:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.787020][   T30] audit: type=1326 audit(1764479342.497:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.836966][   T30] audit: type=1326 audit(1764479342.497:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.890162][   T30] audit: type=1326 audit(1764479342.497:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.915036][   T30] audit: type=1326 audit(1764479342.497:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.938696][   T30] audit: type=1326 audit(1764479342.497:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.961548][   T30] audit: type=1326 audit(1764479342.497:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  528.986375][   T30] audit: type=1326 audit(1764479342.497:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  529.017058][   T30] audit: type=1326 audit(1764479342.497:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  529.040024][   T30] audit: type=1326 audit(1764479342.507:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.6.1748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33ab78f749 code=0x7ffc0000
[  529.650436][ T5146] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  529.661472][T11412] 9p: Invalid gid '0x00000000ffffffff'
[  529.669153][ T5146] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  529.687567][ T5146] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  529.733956][ T5146] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  529.768069][ T5146] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  531.939199][ T5146] Bluetooth: hci0: command tx timeout
[  532.435855][T11410] chnl_net:caif_netlink_parms(): no params data found
[  532.497100][   T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  532.590510][T11410] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.615368][T11410] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.640256][T11410] bridge_slave_0: entered allmulticast mode
[  532.657188][   T24] usb 6-1: Using ep0 maxpacket: 8
[  532.665410][T11410] bridge_slave_0: entered promiscuous mode
[  532.667357][   T24] usb 6-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  532.680944][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.689822][   T24] usb 6-1: Product: syz
[  532.694236][   T24] usb 6-1: Manufacturer: syz
[  532.700997][   T24] usb 6-1: SerialNumber: syz
[  532.706633][T11410] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.715572][   T24] usb 6-1: config 0 descriptor??
[  532.730804][T11410] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.738506][   T24] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  532.755606][T11410] bridge_slave_1: entered allmulticast mode
[  532.764764][T11410] bridge_slave_1: entered promiscuous mode
[  532.833449][T11410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  532.871050][T11410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  532.887992][T11461] blktrace: Concurrent blktraces are not allowed on nullb0
[  533.112751][T11410] team0: Port device team_slave_0 added
[  533.173802][T11410] team0: Port device team_slave_1 added
[  533.433166][T11410] batman_adv: batadv0: Adding interface: batadv_slave_0
[  533.449130][T11410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  533.524720][T11410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  533.561829][T11410] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.576903][T11410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  533.639037][T11410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  534.157948][ T5146] Bluetooth: hci0: command tx timeout
[  534.180639][   T24] gspca_sonixj: reg_w1 err -110
[  534.247068][   T24] sonixj 6-1:0.0: probe with driver sonixj failed with error -110
[  534.343860][T11410] hsr_slave_0: entered promiscuous mode
[  534.357553][T11410] hsr_slave_1: entered promiscuous mode
[  534.364094][T11410] debugfs: 'hsr0' already exists in 'hsr'
[  534.369945][T11410] Cannot create hsr debugfs directory
[  534.569522][T11488] bond0: (slave veth0_to_hsr): Error: Device can not be enslaved while up
[  534.761508][T11410] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  534.774609][T11410] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  534.786510][T11410] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  534.799999][T11410] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  534.956256][T11410] 8021q: adding VLAN 0 to HW filter on device bond0
[  534.975759][T11410] 8021q: adding VLAN 0 to HW filter on device team0
[  534.989833][T10398] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.997076][T10398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  535.012651][T10398] bridge0: port 2(bridge_slave_1) entered blocking state
[  535.019874][T10398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  535.284831][T11410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.294498][T11352] usb 6-1: USB disconnect, device number 6
[  535.995389][T11410] veth0_vlan: entered promiscuous mode
[  536.026390][T11410] veth1_vlan: entered promiscuous mode
[  536.108028][T11410] veth0_macvtap: entered promiscuous mode
[  536.133663][T11410] veth1_macvtap: entered promiscuous mode
[  536.177472][ T5834] Bluetooth: hci0: command tx timeout
[  536.211264][T11410] batman_adv: batadv0: Interface activated: batadv_slave_0
[  536.226354][T11410] batman_adv: batadv0: Interface activated: batadv_slave_1
[  536.250641][  T776] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  536.286551][  T776] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  536.308823][  T776] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  536.323052][  T776] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  536.429891][  T776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  536.451748][  T776] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.503118][  T776] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  536.512508][  T776] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.658015][ T5834] Bluetooth: hci4: command 0x1003 tx timeout
[  536.664571][ T5146] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  536.954283][T11545] blktrace: Concurrent blktraces are not allowed on nullb0
[  538.162358][T11558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1810'.
[  538.257146][ T5146] Bluetooth: hci0: command tx timeout
[  539.314757][T11592] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1825'.
[  540.019913][T11619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1837'.
[  542.256354][T11655] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1850'.
[  542.451116][T11657] blktrace: Concurrent blktraces are not allowed on nullb0
[  543.578838][ T5888] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  543.588983][T11683] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1864'.
[  544.117018][ T5888] usb 2-1: Using ep0 maxpacket: 32
[  544.130185][ T5888] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.170384][ T5888] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.208548][ T5888] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  544.225615][ T5888] usb 2-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[  544.244603][ T5888] usb 2-1: Manufacturer: syz
[  544.265379][ T5888] usb 2-1: config 0 descriptor??
[  544.859399][ T5888] ft260 0003:0403:6030.0002: item fetching failed at offset 0/2
[  544.869324][ T5888] ft260 0003:0403:6030.0002: failed to parse HID
[  544.875813][ T5888] ft260 0003:0403:6030.0002: probe with driver ft260 failed with error -22
[  544.893272][T11705] blktrace: Concurrent blktraces are not allowed on nullb0
[  545.247411][ T6112] usb 2-1: USB disconnect, device number 6
[  547.671897][T11732] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1877'.
[  547.892236][T11741] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1882'.
[  547.997746][T11747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1882'.
[  548.105594][T11748] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  549.208138][T11749] blktrace: Concurrent blktraces are not allowed on nullb0
[  551.387977][T11769] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1889'.
[  551.397311][T11769] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1889'.
[  551.871691][T11777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1895'.
[  552.597985][T11792] blktrace: Concurrent blktraces are not allowed on nullb0
[  552.768192][T11789] overlayfs: unescaped trailing colons in lowerdir mount option.
[  555.384907][T11815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1908'.
[  555.952545][T11834] blktrace: Concurrent blktraces are not allowed on nullb0
[  556.786944][T11352] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  557.026128][T11851] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1921'.
[  557.207348][T11352] usb 2-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  557.212600][T11856] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1923'.
[  557.249200][T11352] usb 2-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid wMaxPacketSize 0
[  557.254099][T11856] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1923'.
[  557.266989][T11352] usb 2-1: config 0 interface 0 has no altsetting 0
[  557.303454][T11352] usb 2-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  557.317607][T11352] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.353461][T11352] usb 2-1: Product: syz
[  557.375663][T11352] usb 2-1: Manufacturer: syz
[  557.403827][T11352] usb 2-1: SerialNumber: syz
[  557.609857][T11352] usb 2-1: config 0 descriptor??
[  557.805115][T11352] keyspan 2-1:0.0: Keyspan 2 port adapter converter detected
[  557.881710][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 7
[  557.917931][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81
[  557.965365][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1
[  558.030734][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2
[  558.059373][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 85
[  558.074980][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 5
[  558.104671][T11352] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  558.116649][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83
[  558.125729][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3
[  558.136207][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 4
[  558.144374][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 86
[  558.167359][T11352] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 6
[  558.200094][T11352] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  558.444702][T11878] blktrace: Concurrent blktraces are not allowed on nullb0
[  558.526313][T11882] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1934'.
[  558.784929][T11352] usb 2-1: USB disconnect, device number 7
[  558.845266][T11352] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  558.972033][T11352] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  559.010903][T11352] keyspan 2-1:0.0: device disconnected
[  560.515103][T11912] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1945'.
[  560.677108][T10989] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  560.857295][T10989] usb 4-1: Using ep0 maxpacket: 8
[  560.879209][T10989] usb 4-1: config 0 has an invalid interface number: 186 but max is 0
[  560.915092][T10989] usb 4-1: config 0 has no interface number 0
[  560.948433][T10989] usb 4-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  561.021376][T10989] usb 4-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  561.454670][T10989] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  561.672828][T10989] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  561.796069][T10989] usb 4-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  561.885301][T10989] usb 4-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  561.901982][T10989] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.911753][T10989] usb 4-1: Product: syz
[  561.917156][T10989] usb 4-1: Manufacturer: syz
[  561.921782][T10989] usb 4-1: SerialNumber: syz
[  561.955318][T10989] usb 4-1: config 0 descriptor??
[  562.535132][T11941] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1958'.
[  562.677254][T10989] iowarrior 4-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  562.696402][T10989] usb 4-1: USB disconnect, device number 10
[  563.062244][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  563.072337][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.322352][T11959] blktrace: Concurrent blktraces are not allowed on nullb0
[  564.373923][T11978] netlink: 'syz.3.1972': attribute type 21 has an invalid length.
[  564.386297][T11978] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1972'.
[  564.677187][ T6277] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  565.056998][ T6277] usb 2-1: Using ep0 maxpacket: 32
[  565.089057][ T6277] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  565.140110][ T5834] Bluetooth: hci2: command 0x0406 tx timeout
[  565.171502][ T6277] usb 2-1: config 0 has no interface number 0
[  565.206356][ T6277] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  565.260793][ T6277] usb 2-1: config 0 interface 196 has no altsetting 0
[  565.286720][ T6277] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  565.302489][ T6277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.325657][ T6277] usb 2-1: Product: syz
[  565.337768][ T6277] usb 2-1: Manufacturer: syz
[  565.346930][ T6277] usb 2-1: SerialNumber: syz
[  565.383733][ T6277] usb 2-1: config 0 descriptor??
[  565.402435][T11980] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  565.526557][T12005] blktrace: Concurrent blktraces are not allowed on nullb0
[  566.150350][ T6277] ipheth 2-1:0.196: ipheth_get_macaddr: usb_control_msg: -110
[  566.205948][ T6277] ipheth 2-1:0.196: probe with driver ipheth failed with error -110
[  566.717039][ T5902] usb 2-1: USB disconnect, device number 8
[  567.875830][T12038] netlink: 'syz.3.1996': attribute type 17 has an invalid length.
[  568.208124][T12049] blktrace: Concurrent blktraces are not allowed on nullb0
[  568.367158][  T130] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  568.589099][  T130] usb 6-1: config 8 has an invalid interface number: 177 but max is 0
[  568.607057][  T130] usb 6-1: config 8 has no interface number 0
[  568.613218][  T130] usb 6-1: config 8 interface 177 altsetting 9 has an endpoint descriptor with address 0xAD, changing to 0x8D
[  568.629000][  T130] usb 6-1: config 8 interface 177 altsetting 9 endpoint 0x8D has invalid maxpacket 1023, setting to 64
[  568.645513][  T130] usb 6-1: config 8 interface 177 altsetting 9 endpoint 0x87 has invalid wMaxPacketSize 0
[  568.655768][  T130] usb 6-1: config 8 interface 177 has no altsetting 0
[  568.674375][  T130] usb 6-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  568.695321][  T130] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.718933][T12045] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  568.941314][  T130] usb 6-1: string descriptor 0 read error: -71
[  568.992330][  T130] ir_toy 6-1:8.177: required endpoints not found
[  569.113281][  T130] usb 6-1: USB disconnect, device number 7
[  571.040352][T12092] blktrace: Concurrent blktraces are not allowed on nullb0
[  573.951412][ T5146] Bluetooth: to_multiplier 0 < 10
[  576.056974][ T5146] Bluetooth: hci3: command 0x0406 tx timeout
[  576.260107][T12162] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2046'.
[  576.293434][T12162] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2046'.
[  576.312929][T12163] blktrace: Concurrent blktraces are not allowed on nullb0
[  576.388609][T12168] netlink: 11 bytes leftover after parsing attributes in process `syz.6.2049'.
[  576.433021][T12168] bridge1: entered allmulticast mode
[  576.537322][   T39] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  577.586921][   T39] usb 6-1: Using ep0 maxpacket: 32
[  577.596407][   T39] usb 6-1: config 0 has an invalid interface number: 196 but max is 0
[  577.626661][   T39] usb 6-1: config 0 has no interface number 0
[  577.646646][   T39] usb 6-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  577.676244][   T39] usb 6-1: config 0 interface 196 has no altsetting 0
[  577.690511][   T39] usb 6-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  577.703267][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.720698][   T39] usb 6-1: Product: syz
[  577.727371][   T39] usb 6-1: Manufacturer: syz
[  577.737663][   T39] usb 6-1: SerialNumber: syz
[  577.779038][   T39] usb 6-1: config 0 descriptor??
[  577.812467][T12165] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  578.017020][T11176] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  578.287151][T11176] usb 2-1: Using ep0 maxpacket: 16
[  578.386812][T11176] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  578.415951][   T39] ipheth 6-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[  578.456349][T11176] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  578.477492][   T39] ipheth 6-1:0.196: probe with driver ipheth failed with error -71
[  578.501484][T11176] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  578.517184][   T39] usb 6-1: USB disconnect, device number 8
[  578.523711][T11176] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.544502][T11176] usb 2-1: Product: syz
[  578.563213][T11176] usb 2-1: Manufacturer: syz
[  578.708078][T11176] usb 2-1: SerialNumber: syz
[  578.733719][T11176] usb 2-1: config 0 descriptor??
[  578.760847][T11176] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  578.797336][T11176] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  579.385267][T11176] em28xx 2-1:0.0: chip ID is em2860
[  579.601312][T11176] em28xx 2-1:0.0: Config register raw data: 0x22
[  579.682817][T11176] em28xx 2-1:0.0: I2S Audio (3 sample rate(s))
[  579.721918][T11176] em28xx 2-1:0.0: No AC97 audio processor
[  579.820483][T11176] usb 2-1: USB disconnect, device number 9
[  579.832381][T12226] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2074'.
[  579.921255][T12229] cgroup: No subsys list or none specified
[  580.026945][   T39] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  580.263754][T12242] blktrace: Concurrent blktraces are not allowed on nullb0
[  580.786444][T12247] fuse: Bad value for 'fd'
[  581.306921][   T39] usb 8-1: Using ep0 maxpacket: 16
[  581.319250][   T39] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.465934][   T39] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  581.480012][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  581.494319][   T39] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  581.527079][   T39] usb 8-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  581.545107][   T39] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  581.563552][   T39] usb 8-1: Product: syz
[  581.584530][   T39] usb 8-1: Manufacturer: syz
[  581.594456][   T39] usb 8-1: SerialNumber: syz
[  581.619178][   T39] usb 8-1: config 0 descriptor??
[  582.036663][T12224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.245616][T12224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.255931][T12224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.326372][T12224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.354584][   T39] rc_core: IR keymap rc-xbox-dvd not found
[  582.377844][   T39] Registered IR keymap rc-empty
[  582.389366][   T39] rc rc0: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0
[  582.412795][   T39] input: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input7
[  582.574666][    C1] xbox_remote 8-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  582.582782][   T39] usb 8-1: USB disconnect, device number 2
[  584.020612][T12278] blktrace: Concurrent blktraces are not allowed on nullb0
[  584.272956][ T1145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  584.565531][T12291] netlink: 'syz.5.2099': attribute type 1 has an invalid length.
[  585.343535][ T1145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  585.364352][T12288] 8021q: VLANs not supported on ipvlan1
[  585.844197][ T1145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.332571][ T1145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.406100][T12318] syzkaller1: entered promiscuous mode
[  586.411749][T12318] syzkaller1: entered allmulticast mode
[  586.535871][T12326] blktrace: Concurrent blktraces are not allowed on nullb0
[  586.780122][ T1145] bridge_slave_1: left allmulticast mode
[  586.798430][ T1145] bridge_slave_1: left promiscuous mode
[  586.804553][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.606652][T12333] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  588.169121][ T1145] bridge_slave_0: left allmulticast mode
[  588.206913][ T1145] bridge_slave_0: left promiscuous mode
[  588.212738][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.590192][T12382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2128'.
[  590.068795][   T30] kauditd_printk_skb: 40 callbacks suppressed
[  590.068812][   T30] audit: type=1326 audit(1764479403.837:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe82638f749 code=0x7ffc0000
[  590.115491][   T30] audit: type=1326 audit(1764479403.837:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe82638f749 code=0x7ffc0000
[  590.187580][   T30] audit: type=1326 audit(1764479403.887:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe82638f749 code=0x7ffc0000
[  590.223594][   T30] audit: type=1326 audit(1764479403.887:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fe82638f749 code=0x7ffc0000
[  590.255033][   T30] audit: type=1326 audit(1764479403.887:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe82638f749 code=0x7ffc0000
[  590.891948][   T30] audit: type=1326 audit(1764479403.947:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe8263c2005 code=0x7ffc0000
[  590.914489][   T30] audit: type=1326 audit(1764479403.947:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe8263c2005 code=0x7ffc0000
[  590.969015][   T30] audit: type=1326 audit(1764479403.947:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe8263c2005 code=0x7ffc0000
[  591.030167][T12411] blktrace: Concurrent blktraces are not allowed on nullb0
[  591.059011][   T30] audit: type=1326 audit(1764479403.947:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe8263c2005 code=0x7ffc0000
[  591.091589][   T30] audit: type=1326 audit(1764479403.947:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12402 comm="syz.7.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe8263c2005 code=0x7ffc0000
[  591.560394][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  591.647773][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  591.715372][ T1145] bond0 (unregistering): Released all slaves
[  592.164302][ T1145] tipc: Disabling bearer <udp:syz1>
[  592.177508][ T1145] tipc: Left network mode
[  593.907021][T11070] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  594.227669][T11070] usb 4-1: not running at top speed; connect to a high speed hub
[  594.261945][T11070] usb 4-1: config 0 has no interfaces?
[  594.272069][T11070] usb 4-1: New USB device found, idVendor=0c52, idProduct=2871, bcdDevice= 0.a4
[  594.304983][T11070] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.363647][T11070] usb 4-1: config 0 descriptor??
[  594.623762][T11070] usb 4-1: USB disconnect, device number 11
[  594.962710][T12465] blktrace: Concurrent blktraces are not allowed on nullb0
[  595.537603][T11352] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  595.797668][T11352] usb 8-1: Using ep0 maxpacket: 32
[  595.987224][T11352] usb 8-1: config 2 has an invalid interface number: 215 but max is 0
[  596.129166][T11352] usb 8-1: config 2 has no interface number 0
[  596.223870][T11352] usb 8-1: New USB device found, idVendor=15b8, idProduct=6002, bcdDevice=fe.b6
[  596.243397][T11352] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.264338][T11352] usb 8-1: Product: syz
[  596.297552][T11352] usb 8-1: Manufacturer: syz
[  596.311395][T11352] usb 8-1: SerialNumber: syz
[  596.354432][ T1145] hsr_slave_0: left promiscuous mode
[  596.390286][ T1145] hsr_slave_1: left promiscuous mode
[  596.407201][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  596.433310][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  596.870755][T11352] gspca_main: vc032x-2.14.0 probing 15b8:6002
[  596.995031][T11352] gspca_vc032x: reg_r err -71
[  597.007187][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  597.026553][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  597.026890][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.047317][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.052771][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.060828][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.066461][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.074092][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.079629][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.085739][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.123500][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.126936][ T1145] veth1_macvtap: left promiscuous mode
[  597.153529][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.157061][ T1145] veth0_macvtap: left promiscuous mode
[  597.164648][ T1145] veth1_vlan: left promiscuous mode
[  597.170851][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.190023][ T1145] veth0_vlan: left promiscuous mode
[  597.195700][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.226982][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.232838][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.265487][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.288095][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.293430][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.342211][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.355013][T11352] gspca_vc032x: I2c Bus Busy Wait 00
[  597.395099][T11352] gspca_vc032x: Unknown sensor...
[  597.416550][T11352] vc032x 8-1:2.215: probe with driver vc032x failed with error -22
[  597.460021][T11352] usb 8-1: USB disconnect, device number 3
[  597.897713][T12531] netlink: 596 bytes leftover after parsing attributes in process `syz.6.2182'.
[  599.552349][T12547] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2190'.
[  600.422403][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  600.440184][T12556] blktrace: Concurrent blktraces are not allowed on nullb0
[  600.479238][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  600.952037][T12524] netlink: 'syz.6.2182': attribute type 29 has an invalid length.
[  600.998119][T12543] ip6gre1: entered promiscuous mode
[  601.003370][T12543] ip6gre1: entered allmulticast mode
[  601.618744][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  601.618765][   T30] audit: type=1326 audit(1764479415.387:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.220181][   T30] audit: type=1326 audit(1764479415.427:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.243820][   T30] audit: type=1326 audit(1764479415.427:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.319390][   T30] audit: type=1326 audit(1764479415.427:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.464873][   T30] audit: type=1326 audit(1764479415.427:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.603157][   T30] audit: type=1326 audit(1764479415.427:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  602.610437][T12581] Invalid ELF header magic: != ELF
[  603.097997][   T30] audit: type=1326 audit(1764479415.427:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  603.120463][   T30] audit: type=1326 audit(1764479415.427:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  603.186979][   T30] audit: type=1326 audit(1764479415.487:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  603.249928][   T30] audit: type=1326 audit(1764479415.487:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.5.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a16d8f749 code=0x7ffc0000
[  603.437805][T11070] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  603.617004][T11070] usb 2-1: Using ep0 maxpacket: 32
[  603.651210][T11070] usb 2-1: config 0 has an invalid interface number: 172 but max is 0
[  603.680412][T11070] usb 2-1: config 0 has no interface number 0
[  603.698276][T11070] usb 2-1: config 0 interface 172 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  603.729700][T11070] usb 2-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  603.763277][T11070] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.807033][T11070] usb 2-1: Product: syz
[  603.811364][T11070] usb 2-1: Manufacturer: syz
[  603.816223][T11070] usb 2-1: SerialNumber: syz
[  603.848996][T11070] usb 2-1: config 0 descriptor??
[  603.889789][T11070] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  604.148724][  T130] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  604.347253][  T130] usb 6-1: Using ep0 maxpacket: 8
[  604.372297][  T130] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  604.400735][  T130] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.458145][  T130] usb 6-1: Product: syz
[  604.473309][  T130] usb 6-1: Manufacturer: syz
[  605.431255][T11070] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71
[  605.451909][  T130] usb 6-1: SerialNumber: syz
[  605.456672][T11070] gspca_pac7302 2-1:0.172: probe with driver gspca_pac7302 failed with error -71
[  605.471372][  T130] usb 6-1: config 0 descriptor??
[  605.505655][T11070] usb 2-1: USB disconnect, device number 10
[  605.864040][  T130] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  606.194509][  T130] usb write operation failed. (-71)
[  606.560630][  T130] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  606.574259][  T130] dvbdev: DVB: registering new adapter (Terratec H7)
[  606.581601][  T130] usb 6-1: media controller created
[  606.589048][  T130] usb read operation failed. (-71)
[  606.612160][  T130] usb write operation failed. (-71)
[  606.656361][  T130] dvb_usb_az6007 6-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  606.689189][T12658] blktrace: Concurrent blktraces are not allowed on nullb0
[  606.721369][  T130] usb 6-1: USB disconnect, device number 9
[  608.417831][T12685] loop9: detected capacity change from 0 to 7
[  608.485215][T12685] Dev loop9: unable to read RDB block 7
[  608.548969][T12685]  loop9: unable to read partition table
[  608.558421][T12685] loop9: partition table beyond EOD, truncated
[  608.576517][T12685] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  608.628393][T12698] overlayfs: failed to clone upperpath
[  608.937434][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  608.952893][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  608.970359][ T6039] bond0 (unregistering): Released all slaves
[  610.716006][T12739] blktrace: Concurrent blktraces are not allowed on nullb0
[  610.733544][T12669] syz.7.2226 (12669): drop_caches: 2
[  610.741369][ T6039] hsr_slave_0: left promiscuous mode
[  610.752444][ T6039] hsr_slave_1: left promiscuous mode
[  610.763486][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0
[  610.776869][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1
[  612.681597][T12766] overlay: Unknown parameter 'smackfstransmute'
[  613.017236][  T130] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  613.177810][  T130] usb 6-1: Using ep0 maxpacket: 8
[  613.200846][  T130] usb 6-1: unable to get BOS descriptor or descriptor too short
[  613.218336][  T130] usb 6-1: config 4 interface 0 has no altsetting 0
[  613.262320][  T130] usb 6-1: string descriptor 0 read error: -22
[  613.269690][  T130] usb 6-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  613.287261][  T130] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.326944][T11352] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  613.340866][  T130] usb 6-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  613.399454][  T130] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  613.466483][  T130] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  613.477265][  T130] usb 6-1: media controller created
[  613.497775][T11352] usb 2-1: device descriptor read/64, error -71
[  613.983115][T11352] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  614.013997][  T130] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  614.168288][T11352] usb 2-1: device descriptor read/64, error -71
[  614.777759][  T130] usb 6-1: USB disconnect, device number 10
[  614.808240][T11352] usb usb2-port1: attempt power cycle
[  614.825359][ T6039] team0 (unregistering): Port device team_slave_1 removed
[  614.911005][ T6039] team0 (unregistering): Port device team_slave_0 removed
[  615.566961][T11352] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  615.587638][T11352] usb 2-1: device descriptor read/8, error -71
[  615.847693][T11352] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  615.884900][T11352] usb 2-1: device descriptor read/8, error -71
[  616.018341][T11352] usb usb2-port1: unable to enumerate USB device
[  620.979482][T12882] random: crng reseeded on system resumption
[  622.811037][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  622.811055][   T30] audit: type=1800 audit(1764479436.587:293): pid=12925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2305" name="nullb0" dev="tmpfs" ino=1132 res=0 errno=0
[  623.017282][ T5902] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  623.772881][ T5902] usb 4-1: Using ep0 maxpacket: 32
[  623.786418][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.801523][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.811602][ T5902] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  623.820928][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.833611][ T5902] usb 4-1: config 0 descriptor??
[  623.860124][ T5902] hub 4-1:0.0: USB hub found
[  623.925635][T12942] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  624.074788][ T5902] hub 4-1:0.0: 1 port detected
[  624.503355][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.506770][T12960] netlink: 'syz.1.2318': attribute type 29 has an invalid length.
[  624.509916][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  624.550396][T12960] netlink: 'syz.1.2318': attribute type 29 has an invalid length.
[  624.574606][T12960] netlink: 500 bytes leftover after parsing attributes in process `syz.1.2318'.
[  624.607213][T12960] unsupported nla_type 58
[  624.680146][ T5902] hub 4-1:0.0: activate --> -90
[  624.731972][T12968] blktrace: Concurrent blktraces are not allowed on nullb0
[  624.899025][T12914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  624.983358][T12914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  625.266490][ T5902] hub 4-1:0.0: hub_ext_port_status failed (err = 3)
[  625.480947][T12986] netlink: 'syz.6.2326': attribute type 11 has an invalid length.
[  625.584053][ T5982] usb 4-1: USB disconnect, device number 12
[  631.072383][T13099] warning: `syz.7.2359' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  631.353184][T13115] team0: entered promiscuous mode
[  631.377094][T13115] team_slave_0: entered promiscuous mode
[  631.379039][T13111] debugfs: 'ttyS3' already exists in 'caif_serial'
[  631.388414][T13115] team_slave_1: entered promiscuous mode
[  631.727782][T13129] blktrace: Concurrent blktraces are not allowed on nullb0
[  634.264353][ T5146] Bluetooth: hci2: unexpected event for opcode 0x2031
[  635.017079][ T6277] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  635.417861][T13188] blktrace: Concurrent blktraces are not allowed on nullb0
[  635.639090][ T6277] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  635.672459][ T6277] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  635.689228][ T6277] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  635.706886][ T6277] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.725217][ T6277] usb 8-1: Product: syz
[  635.734307][ T6277] usb 8-1: Manufacturer: syz
[  635.746884][ T6277] usb 8-1: SerialNumber: syz
[  635.897029][ T5902] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  636.024594][T13179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  636.056140][T13179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  636.090620][ T5902] usb 2-1: config 0 has an invalid interface number: 53 but max is 0
[  636.106979][ T6277] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  636.124190][ T5902] usb 2-1: config 0 has no interface number 0
[  636.151034][ T5902] usb 2-1: New USB device found, idVendor=10d2, idProduct=7186, bcdDevice=23.a0
[  636.160302][ T6277] usb 8-1: USB disconnect, device number 4
[  636.198024][ T5902] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.251493][ T5902] usb 2-1: Product: syz
[  636.255922][ T5902] usb 2-1: Manufacturer: syz
[  636.269428][ T5902] usb 2-1: SerialNumber: syz
[  637.218687][ T5902] usb 2-1: config 0 descriptor??
[  637.643456][ T5902] usblcd 2-1:0.53: USBLCD model not supported.
[  637.671192][ T5902] usb 2-1: USB disconnect, device number 15
[  637.913793][T13231] blktrace: Concurrent blktraces are not allowed on nullb0
[  638.046942][  T130] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  639.116997][  T130] usb 4-1: Using ep0 maxpacket: 8
[  639.139956][  T130] usb 4-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  639.167071][  T130] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.175129][  T130] usb 4-1: Product: syz
[  639.203048][  T130] usb 4-1: Manufacturer: syz
[  639.216893][  T130] usb 4-1: SerialNumber: syz
[  639.238088][  T130] usb 4-1: config 0 descriptor??
[  639.269711][  T130] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  639.794181][T13265] blktrace: Concurrent blktraces are not allowed on nullb0
[  639.884232][T13267] netlink: 300 bytes leftover after parsing attributes in process `syz.7.2419'.
[  640.417080][ T5982] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  640.601530][ T5982] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  640.646949][ T5982] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.655017][ T5982] usb 6-1: Product: syz
[  640.678019][ T5982] usb 6-1: Manufacturer: syz
[  640.682692][ T5982] usb 6-1: SerialNumber: syz
[  640.703040][ T5982] usb 6-1: config 0 descriptor??
[  641.307435][  T130] gspca_sonixj: i2c_w8 err -110
[  641.316359][ T5982] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  641.327057][  T130] sonixj 4-1:0.0: probe with driver sonixj failed with error -110
[  642.407726][  T130] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  642.435664][T13306] netlink: 'syz.6.2431': attribute type 29 has an invalid length.
[  642.454249][T13306] netlink: 'syz.6.2431': attribute type 29 has an invalid length.
[  642.464570][T13306] netlink: 500 bytes leftover after parsing attributes in process `syz.6.2431'.
[  642.587111][  T130] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  642.623003][  T130] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  642.651899][  T130] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  642.687276][  T130] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  642.707734][ T6277] usb 4-1: USB disconnect, device number 13
[  642.725175][  T130] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  642.744483][  T130] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.756768][  T130] usb 8-1: config 0 descriptor??
[  642.784891][ T5982] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  642.837666][ T5982] usb 6-1: USB disconnect, device number 11
[  644.086931][ T5982] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  644.136187][  T130] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  644.306298][ T5982] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  644.349315][ T5982] usb 2-1: config 0 interface 0 has no altsetting 0
[  644.385258][T13332] netlink: 596 bytes leftover after parsing attributes in process `syz.3.2443'.
[  644.385791][ T5982] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  644.435182][ T5982] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  644.917621][ T5982] usb 2-1: Product: syz
[  644.917646][ T5982] usb 2-1: Manufacturer: syz
[  644.917660][ T5982] usb 2-1: SerialNumber: syz
[  644.927569][ T5982] usb 2-1: config 0 descriptor??
[  644.930743][ T5982] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  644.933739][ T5982] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  644.934512][ T5982] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  644.934573][ T5982] usb 2-1: media controller created
[  644.947412][ T5982] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  645.011223][T13343] 9p: Bad value for 'dfltuid'
[  645.011245][T13343] 9p: Bad value for 'dfltuid'
[  645.016343][ T5982] DVB: Unable to find symbol tda10046_attach()
[  645.016361][ T5982] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  645.016376][ T5982] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  645.133174][ T5982] dvb_usb_m920x 2-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  645.154246][ T5982] usb 2-1: USB disconnect, device number 16
[  645.572842][T13365] blktrace: Concurrent blktraces are not allowed on nullb0
[  645.997017][ T5982] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  646.190925][ T5982] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  646.236131][ T5982] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  646.289542][ T5984] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  646.305013][ T5982] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  646.348051][ T5982] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.833951][  T130] usb 8-1: USB disconnect, device number 5
[  646.841672][ T5984] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  646.865437][T13384] netlink: 596 bytes leftover after parsing attributes in process `syz.5.2455'.
[  646.876334][T13368] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  646.892885][T13368] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  646.900961][ T5984] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  646.959699][ T5982] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  646.968331][ T5984] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  647.072798][ T5984] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  647.128893][ T5984] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.337882][ T5984] usb 2-1: config 0 descriptor??
[  648.346575][ T5984] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  648.420497][ T5984] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  648.666345][ T5984] usb 2-1: USB disconnect, device number 17
[  648.687975][T13402] fido_id[13402]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  649.004044][ T5984] usb 4-1: USB disconnect, device number 14
[  651.636980][ T5982] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  652.252820][T13464] ==================================================================
[  652.260903][T13464] BUG: KASAN: slab-use-after-free in locks_remove_posix+0x10f/0x630
[  652.268870][T13464] Read of size 8 at addr ffff888024e78cb0 by task syz.7.2476/13464
[  652.276740][T13464] 
[  652.279049][T13464] CPU: 0 UID: 0 PID: 13464 Comm: syz.7.2476 Not tainted syzkaller #0 PREEMPT(full) 
[  652.279062][T13464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  652.279069][T13464] Call Trace:
[  652.279092][T13464]  <TASK>
[  652.279098][T13464]  dump_stack_lvl+0x189/0x250
[  652.279113][T13464]  ? __kasan_check_byte+0x12/0x40
[  652.279126][T13464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.279136][T13464]  ? lock_release+0x4b/0x3b0
[  652.279147][T13464]  ? __virt_addr_valid+0x4a5/0x5c0
[  652.279161][T13464]  print_report+0xca/0x240
[  652.279171][T13464]  ? locks_remove_posix+0x10f/0x630
[  652.279182][T13464]  kasan_report+0x118/0x150
[  652.279193][T13464]  ? locks_remove_posix+0x10f/0x630
[  652.279206][T13464]  locks_remove_posix+0x10f/0x630
[  652.279217][T13464]  ? __pfx_locks_remove_posix+0x10/0x10
[  652.279234][T13464]  ? do_raw_spin_unlock+0x122/0x240
[  652.279246][T13464]  ? dnotify_flush+0x1db/0x5e0
[  652.279256][T13464]  ? mqueue_flush_file+0x21c/0x270
[  652.279268][T13464]  ? filp_flush+0xae/0x190
[  652.279281][T13464]  filp_flush+0x113/0x190
[  652.279294][T13464]  filp_close+0x1d/0x40
[  652.279306][T13464]  put_files_struct+0x1ba/0x350
[  652.279319][T13464]  do_exit+0x67f/0x2310
[  652.279333][T13464]  ? do_raw_spin_lock+0x121/0x290
[  652.279345][T13464]  ? __pfx_do_exit+0x10/0x10
[  652.279360][T13464]  do_group_exit+0x21c/0x2d0
[  652.279372][T13464]  ? lockdep_hardirqs_on+0x98/0x140
[  652.279384][T13464]  get_signal+0x1285/0x1340
[  652.279398][T13464]  arch_do_signal_or_restart+0x9a/0x7a0
[  652.279413][T13464]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  652.279428][T13464]  ? exit_to_user_mode_loop+0x55/0x4f0
[  652.279439][T13464]  exit_to_user_mode_loop+0x87/0x4f0
[  652.279449][T13464]  ? rcu_is_watching+0x15/0xb0
[  652.279461][T13464]  do_syscall_64+0x2e3/0xf80
[  652.279472][T13464]  ? rcu_is_watching+0x15/0xb0
[  652.279482][T13464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.279492][T13464]  ? clear_bhb_loop+0x60/0xb0
[  652.279502][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.279520][T13464] RIP: 0033:0x7fe82638f749
[  652.279533][T13464] Code: Unable to access opcode bytes at 0x7fe82638f71f.
[  652.279538][T13464] RSP: 002b:00007fe823db00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  652.279551][T13464] RAX: fffffffffffffe00 RBX: 00007fe8265e6368 RCX: 00007fe82638f749
[  652.279559][T13464] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe8265e6368
[  652.279565][T13464] RBP: 00007fe8265e6360 R08: 0000000000000000 R09: 0000000000000000
[  652.279571][T13464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  652.279577][T13464] R13: 00007fe8265e63f8 R14: 00007ffdfb271500 R15: 00007ffdfb2715e8
[  652.279588][T13464]  </TASK>
[  652.279592][T13464] 
[  652.537544][T13464] Allocated by task 13463:
[  652.541943][T13464]  kasan_save_track+0x3e/0x80
[  652.546600][T13464]  __kasan_slab_alloc+0x6c/0x80
[  652.551425][T13464]  kmem_cache_alloc_noprof+0x37d/0x710
[  652.556895][T13464]  locks_get_lock_context+0x134/0x3b0
[  652.562253][T13464]  generic_setlease+0x528/0x1280
[  652.567167][T13464]  do_fcntl_add_lease+0x34d/0x460
[  652.572169][T13464]  fcntl_setlease+0x123/0x180
[  652.576827][T13464]  do_fcntl+0x867/0x1a50
[  652.581063][T13464]  __se_sys_fcntl+0xc8/0x150
[  652.585635][T13464]  do_syscall_64+0xfa/0xf80
[  652.590117][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.595987][T13464] 
[  652.598293][T13464] Freed by task 13463:
[  652.602336][T13464]  kasan_save_track+0x3e/0x80
[  652.606995][T13464]  kasan_save_free_info+0x46/0x50
[  652.612004][T13464]  __kasan_slab_free+0x5c/0x80
[  652.616741][T13464]  kmem_cache_free+0x197/0x620
[  652.621477][T13464]  __destroy_inode+0x2ea/0x670
[  652.626224][T13464]  evict+0x87d/0xae0
[  652.630095][T13464]  __dentry_kill+0x209/0x660
[  652.634668][T13464]  finish_dput+0xc9/0x480
[  652.638991][T13464]  path_put+0x39/0x60
[  652.642953][T13464]  do_mq_open+0x468/0x7c0
[  652.647259][T13464]  __x64_sys_mq_open+0x16a/0x1c0
[  652.652195][T13464]  do_syscall_64+0xfa/0xf80
[  652.656679][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.662550][T13464] 
[  652.664851][T13464] The buggy address belongs to the object at ffff888024e78c60
[  652.664851][T13464]  which belongs to the cache file_lock_ctx of size 112
[  652.679053][T13464] The buggy address is located 80 bytes inside of
[  652.679053][T13464]  freed 112-byte region [ffff888024e78c60, ffff888024e78cd0)
[  652.692744][T13464] 
[  652.695047][T13464] The buggy address belongs to the physical page:
[  652.701452][T13464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888024e78bb0 pfn:0x24e78
[  652.711494][T13464] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  652.718597][T13464] page_type: f5(slab)
[  652.722556][T13464] raw: 00fff00000000000 ffff888140443640 dead000000000122 0000000000000000
[  652.731161][T13464] raw: ffff888024e78bb0 0000000080170014 00000000f5000000 0000000000000000
[  652.739716][T13464] page dumped because: kasan: bad access detected
[  652.746113][T13464] page_owner tracks the page as allocated
[  652.751804][T13464] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5205, tgid 5205 (udevd), ts 43890031433, free_ts 43880625215
[  652.770446][T13464]  post_alloc_hook+0x234/0x290
[  652.775194][T13464]  get_page_from_freelist+0x2365/0x2440
[  652.780716][T13464]  __alloc_frozen_pages_noprof+0x181/0x370
[  652.786499][T13464]  alloc_pages_mpol+0x232/0x4a0
[  652.791326][T13464]  allocate_slab+0x86/0x3b0
[  652.795804][T13464]  ___slab_alloc+0xf2b/0x1960
[  652.800459][T13464]  __slab_alloc+0x65/0x100
[  652.804851][T13464]  kmem_cache_alloc_noprof+0x40f/0x710
[  652.810295][T13464]  locks_get_lock_context+0x134/0x3b0
[  652.815663][T13464]  flock_lock_inode+0xf2/0x1410
[  652.820493][T13464]  locks_lock_inode_wait+0x107/0x410
[  652.825792][T13464]  __se_sys_flock+0x467/0x5b0
[  652.830466][T13464]  do_syscall_64+0xfa/0xf80
[  652.834959][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.840836][T13464] page last free pid 5207 tgid 5207 stack trace:
[  652.847143][T13464]  __free_frozen_pages+0xbc8/0xd30
[  652.852236][T13464]  __put_partials+0x146/0x170
[  652.856893][T13464]  put_cpu_partial+0x1f2/0x2d0
[  652.861654][T13464]  __slab_free+0x288/0x2a0
[  652.866048][T13464]  qlist_free_all+0x97/0x100
[  652.870620][T13464]  kasan_quarantine_reduce+0x148/0x160
[  652.876067][T13464]  __kasan_slab_alloc+0x22/0x80
[  652.880903][T13464]  __kmalloc_noprof+0x3cf/0x800
[  652.885740][T13464]  tomoyo_encode+0x28b/0x550
[  652.890309][T13464]  tomoyo_path_perm+0x2b3/0x4b0
[  652.895138][T13464]  tomoyo_path_symlink+0xa3/0xe0
[  652.900058][T13464]  security_path_symlink+0x177/0x380
[  652.905329][T13464]  do_symlinkat+0x15d/0x3c0
[  652.909812][T13464]  __x64_sys_symlink+0x7a/0x90
[  652.914554][T13464]  do_syscall_64+0xfa/0xf80
[  652.919047][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.924919][T13464] 
[  652.927246][T13464] Memory state around the buggy address:
[  652.932854][T13464]  ffff888024e78b80: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[  652.940906][T13464]  ffff888024e78c00: fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb
[  652.948967][T13464] >ffff888024e78c80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[  652.957007][T13464]                                      ^
[  652.962615][T13464]  ffff888024e78d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  652.970651][T13464]  ffff888024e78d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  652.978690][T13464] ==================================================================
[  653.021579][T13464] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  653.028795][T13464] CPU: 0 UID: 0 PID: 13464 Comm: syz.7.2476 Not tainted syzkaller #0 PREEMPT(full) 
[  653.038145][T13464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  653.048184][T13464] Call Trace:
[  653.051456][T13464]  <TASK>
[  653.054380][T13464]  dump_stack_lvl+0x99/0x250
[  653.058959][T13464]  ? __asan_memcpy+0x40/0x70
[  653.063539][T13464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  653.068721][T13464]  ? __pfx__printk+0x10/0x10
[  653.073312][T13464]  vpanic+0x237/0x6d0
[  653.077292][T13464]  ? __pfx_vpanic+0x10/0x10
[  653.081791][T13464]  ? preempt_schedule+0xae/0xc0
[  653.086633][T13464]  ? __pfx_preempt_schedule+0x10/0x10
[  653.091989][T13464]  panic+0xb9/0xc0
[  653.095700][T13464]  ? __pfx_panic+0x10/0x10
[  653.100096][T13464]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  653.105969][T13464]  ? locks_remove_posix+0x10f/0x630
[  653.111179][T13464]  check_panic_on_warn+0x89/0xb0
[  653.116110][T13464]  ? locks_remove_posix+0x10f/0x630
[  653.121291][T13464]  end_report+0x6f/0x140
[  653.125524][T13464]  kasan_report+0x129/0x150
[  653.130006][T13464]  ? locks_remove_posix+0x10f/0x630
[  653.135191][T13464]  locks_remove_posix+0x10f/0x630
[  653.140196][T13464]  ? __pfx_locks_remove_posix+0x10/0x10
[  653.145725][T13464]  ? do_raw_spin_unlock+0x122/0x240
[  653.150902][T13464]  ? dnotify_flush+0x1db/0x5e0
[  653.155643][T13464]  ? mqueue_flush_file+0x21c/0x270
[  653.160734][T13464]  ? filp_flush+0xae/0x190
[  653.165134][T13464]  filp_flush+0x113/0x190
[  653.169460][T13464]  filp_close+0x1d/0x40
[  653.173689][T13464]  put_files_struct+0x1ba/0x350
[  653.178520][T13464]  do_exit+0x67f/0x2310
[  653.182658][T13464]  ? do_raw_spin_lock+0x121/0x290
[  653.187664][T13464]  ? __pfx_do_exit+0x10/0x10
[  653.192239][T13464]  do_group_exit+0x21c/0x2d0
[  653.196820][T13464]  ? lockdep_hardirqs_on+0x98/0x140
[  653.202016][T13464]  get_signal+0x1285/0x1340
[  653.206513][T13464]  arch_do_signal_or_restart+0x9a/0x7a0
[  653.212059][T13464]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  653.218195][T13464]  ? exit_to_user_mode_loop+0x55/0x4f0
[  653.223636][T13464]  exit_to_user_mode_loop+0x87/0x4f0
[  653.228911][T13464]  ? rcu_is_watching+0x15/0xb0
[  653.233659][T13464]  do_syscall_64+0x2e3/0xf80
[  653.238230][T13464]  ? rcu_is_watching+0x15/0xb0
[  653.242983][T13464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.249044][T13464]  ? clear_bhb_loop+0x60/0xb0
[  653.253707][T13464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.259584][T13464] RIP: 0033:0x7fe82638f749
[  653.263982][T13464] Code: Unable to access opcode bytes at 0x7fe82638f71f.
[  653.270980][T13464] RSP: 002b:00007fe823db00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  653.279380][T13464] RAX: fffffffffffffe00 RBX: 00007fe8265e6368 RCX: 00007fe82638f749
[  653.287335][T13464] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe8265e6368
[  653.295289][T13464] RBP: 00007fe8265e6360 R08: 0000000000000000 R09: 0000000000000000
[  653.303237][T13464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  653.311187][T13464] R13: 00007fe8265e63f8 R14: 00007ffdfb271500 R15: 00007ffdfb2715e8
[  653.319145][T13464]  </TASK>
[  653.322636][T13464] Kernel Offset: disabled
[  653.326947][T13464] Rebooting in 86400 seconds..