last executing test programs:

8m50.984512216s ago: executing program 3 (id=385):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x801, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000000000b70200000100000085"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r7 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r7)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

8m49.088495059s ago: executing program 3 (id=390):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b0000000700000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8010, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x2003, 0x0, 0x3, 0x0, &(0x7f0000000300))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x101042, 0x40)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./bus\x00', 0x1008085, 0x0, 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000240)='./bus\x00', 0x322020, &(0x7f0000000240)=ANY=[], 0x1, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file7\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x0)

8m47.33506354s ago: executing program 3 (id=394):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = memfd_secret(0x0)
ftruncate(r4, 0x51a9497)

8m42.77246662s ago: executing program 3 (id=408):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x64, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0x34, 0x2, [@TCA_BASIC_EMATCHES={0x30, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_META={0x20, 0x1, 0x0, 0x0, {{0x4, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0xf}, {0x5, 0x7}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfff}}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

8m42.321402343s ago: executing program 2 (id=411):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = dup(r0)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, 0x0)

8m42.261677844s ago: executing program 2 (id=412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ad7e195a000000000000"], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000740)={[{@test_dummy_encryption}, {@i_version}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@max_batch_time}, {@abort}, {@auto_da_alloc}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000300)={0x1d, @rand_addr=0x64010100, 0x4e22, 0x1, 'lblc\x00', 0xe, 0x8ea, 0x3d}, 0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r4, 0x20, &(0x7f0000000300)={0x0, 0x0, 0x0, &(0x7f0000002780)=""/55, 0x37}}, 0x10)

8m41.638492558s ago: executing program 3 (id=414):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb4, 0x6a, 0x2c, 0x10, 0x7b4, 0x10a, 0x102, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd6, 0x2, 0x2, 0x2b, 0x57, 0x33, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x81, 0x2, 0x40, 0x0, 0x3d, 0x1}}]}}]}}]}}, 0x0)

8m40.292985726s ago: executing program 2 (id=417):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB='nonumtail=0,iocharset=cp950,umask=00000000000000000000000,uni_xlate=1,uni_xlate=1,shortname=win95,utf8=0,shortname=win95,utf8=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c696f636861727365743d6d616363726f617469616e2c696f636861727365743d63703433372c757365667265652c726f6469722c7569643e74353a7bd912f41b207e4bc4478b479f5a21373fd412d72f65702b57308921a665e19ef4cc41aac5e7c09d211fd4c1fbf43833c769c6b16297c14d0d92df4f0371acd1b184d6", @ANYBLOB="ba29b889190f85c5f2d10d0dd5e3b2a8ee52ec6555dd208028b6b67d99335ad8fd687d1168eebb25947c46b93fb50c9b0cc14ff52fefc9b30e382f00c152b0666359cb400c3e7b036f1ebacae43a22c47e55b428c3341311cc05af28dc7e366ba8223a7651ff8afb0fe73cfff4af", @ANYRES8], 0x6, 0x2aa, &(0x7f0000000500)="$eJzs3T1re1UYAPDnpulN1CEZnETwgg5Ope3qkiItFDMpGdRBi21BmiC0UPAFYydXF0c/gSC4+SVc/AQKrqKbHQpX7s29Jq1paqSx/5ffb+nTc89zznNODy0d7sn7L45ODrM4vvjsl2i3k2j0oheXSXSjEbUv4preVwEAPM4u8zz+yCeWyUsior26sgCAFVr67//3Ky8JAFixt95+542dfn/3zSxrx97oy/NB8Z998XXyfOc4PoxhHMVmdOIqIv/bJN7L83zczArdeGU0Ph8UmaP3fqzG3/ktoszfik50y6br+fv93a1sYiZ/XNTxbDV/r8jfjk48P2f+/f7u9pz8GKTx6ssz9W9EJ376ID6KYRyWRUzzP9/Kstfzr//89N2ivCI/GZ8PWmW/qXzt5t61Vv/jAQAAAAAAAAAAAAAAAAAAAADgCbVR3Z3TivL+nqKpun9n7ar4Zj2yWvf6/TyT/KQeaOZ+oDTyfJzHN/X9OptZluVVx2l+M15oRvNhVg0AAAAAAAAAAAAAAAAAAACPlrOPPzk5GA6PTu8lqG8DqF/r/6/j9GZaXorFnVvTuRpVuGDkWKv7JBG3lZEU21Is4p625a7gmdtq/va7ZQds391nfdH+3E9Qn66Tg2T+HraibmnXh+SH2T5plMHPv981V3rbo3yp45fOfdRZeu3pc2UwXtAnkkWFvfbrZOeqluTmKtJyV+emr1fBTPqNs7HUef7n74rEbR0AAAAAAAAAAAAAAAAAALBS05d+5zy8WJjayFsrKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/lfTz/9fIhhXyf+icxqnZw+8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4CfwUAAP//UZdgPQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x48040)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r1, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

8m39.847528419s ago: executing program 2 (id=419):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = memfd_secret(0x0)
ftruncate(r2, 0x51a9497)

8m39.71654473s ago: executing program 2 (id=421):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0))
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x8100, 0x0)
unshare(0x20400)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x2000000000000000}, 0x0, 0x0, 0x0, 0x0)

8m39.124584545s ago: executing program 3 (id=424):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0500000007000000090000000500000080000000", @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0xcc9}, 0x18)
r5 = socket(0x5, 0x3, 0x2)
write(r5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r6 = getpid()
sched_setscheduler(r6, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)

8m38.27777591s ago: executing program 2 (id=426):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, &(0x7f0000000180)={{0x11, @broadcast, 0x4e23, 0x4, 'lblc\x00', 0x68, 0xb, 0xd}, {@multicast2, 0x4e22, 0x10000, 0x4, 0x5, 0x9d}}, 0x44)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000200))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x24000010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18)
socket(0x840000000002, 0x3, 0xff)
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000040)='./file2\x00', 0x2814c00, &(0x7f0000000840)=ANY=[@ANYBLOB="6e6f646f74732c6e6f646f74732c666c7573682c646f74732c666c7573682c636865636b3d72656c617865642c71756965742c6572726f72733d72656d6f756e742d726f2c6e6f646f74732c00b809a6ed6a11fd459311c6140e8fc5300da85a95aa4baee25ecaf74c5cbc6b1859889a3eefa76b125b44478c5d9df7ed620840988ed102de6bdb80347c0d7a22e428bc9b0c5cde00c4c0746c933fe95479447bdbc7ad9cdf0a2818932a48f56a08110dbb247eed43b3fcd06f3fe3271b983a7cdddd3e777fc3ed4e1018676eb3b7240e886b92de0fb08c4649c5dff139c5d52aa2efce92b1992a44726bc2148221de8fc839f8d265bd368ad972a7e05961bcb381eb8ba1e21ec8e57ddb6a3f2d938caae1d44478336dcba441194be678fa1a9cf58062e1b80b60879938283c85f681d6e4353aba860e7958f489e70148933574c3359f34f6aa3f0e2e6f44adcc35e9e8267d999a75b7cfd6c962350eadc8c910afc0a572729ccd07007626f08a2701da467af2faff7a4a24177b765f2669abdf555c0c626ca0198e92e1c7b48ab8002d8a15d9619c1b3c80d2a979be623b0d5c538f59b8235e2bf27ceea76a82cade017ecd56eef67302"], 0x1f, 0x249, &(0x7f0000000a00)="$eJzs3T9qFGEYBvDXGJM1FqYQbCxGbKwW9QaDRBAHhJUptHIg2mRFmTSj1Z7ATryDF/AGnsJTpEq3kp0hk782mpls5veDMA95GPb9YNnd4vt23977sLP9cff9t1/fYzRKYiViFvsRmwepca25rizyWhw1CwBg2UwmRdr3DFysskyLGxGxfqrJf/QyEAAAAAAAAAAAAP/M/n8AGB77/6++skyLjebz23H2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD92Z/Pb8//8tf3fADA/+f9HwCG59XrNy/SLNuaJMkoYm9W5VVeX+v+2fNs61GysNnetVdV+fXD/nHdJ0159/7XT4uw0fRPjvfN/Wvx8EHdH3RPX2Yn+vXY7mD9AAAAAAAAAAAAAAAAAAAAcBmMk0Nnnu8fj8/r63Tk+wFOnN9fjVurnS0DAAAAAAAAAAAAAAAAAAAAltru5y87xXT6rmzD71P/GUxILscYXYSb5z8BBKGY9vzCBAAAAAAAAAAAAAAAAAAAA9Qe+u17EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoT/v7/xcXznzgn3c6XysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNz+BAAA//9auV53")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={0xffffffffffffffff, 0x0, &(0x7f0000000340)=""/55}, 0x20)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})

8m23.06485983s ago: executing program 32 (id=426):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, &(0x7f0000000180)={{0x11, @broadcast, 0x4e23, 0x4, 'lblc\x00', 0x68, 0xb, 0xd}, {@multicast2, 0x4e22, 0x10000, 0x4, 0x5, 0x9d}}, 0x44)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000200))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x24000010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18)
socket(0x840000000002, 0x3, 0xff)
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000040)='./file2\x00', 0x2814c00, &(0x7f0000000840)=ANY=[@ANYBLOB="6e6f646f74732c6e6f646f74732c666c7573682c646f74732c666c7573682c636865636b3d72656c617865642c71756965742c6572726f72733d72656d6f756e742d726f2c6e6f646f74732c00b809a6ed6a11fd459311c6140e8fc5300da85a95aa4baee25ecaf74c5cbc6b1859889a3eefa76b125b44478c5d9df7ed620840988ed102de6bdb80347c0d7a22e428bc9b0c5cde00c4c0746c933fe95479447bdbc7ad9cdf0a2818932a48f56a08110dbb247eed43b3fcd06f3fe3271b983a7cdddd3e777fc3ed4e1018676eb3b7240e886b92de0fb08c4649c5dff139c5d52aa2efce92b1992a44726bc2148221de8fc839f8d265bd368ad972a7e05961bcb381eb8ba1e21ec8e57ddb6a3f2d938caae1d44478336dcba441194be678fa1a9cf58062e1b80b60879938283c85f681d6e4353aba860e7958f489e70148933574c3359f34f6aa3f0e2e6f44adcc35e9e8267d999a75b7cfd6c962350eadc8c910afc0a572729ccd07007626f08a2701da467af2faff7a4a24177b765f2669abdf555c0c626ca0198e92e1c7b48ab8002d8a15d9619c1b3c80d2a979be623b0d5c538f59b8235e2bf27ceea76a82cade017ecd56eef67302"], 0x1f, 0x249, &(0x7f0000000a00)="$eJzs3T9qFGEYBvDXGJM1FqYQbCxGbKwW9QaDRBAHhJUptHIg2mRFmTSj1Z7ATryDF/AGnsJTpEq3kp0hk782mpls5veDMA95GPb9YNnd4vt23977sLP9cff9t1/fYzRKYiViFvsRmwepca25rizyWhw1CwBg2UwmRdr3DFysskyLGxGxfqrJf/QyEAAAAAAAAAAAAP/M/n8AGB77/6++skyLjebz23H2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD92Z/Pb8//8tf3fADA/+f9HwCG59XrNy/SLNuaJMkoYm9W5VVeX+v+2fNs61GysNnetVdV+fXD/nHdJ0159/7XT4uw0fRPjvfN/Wvx8EHdH3RPX2Yn+vXY7mD9AAAAAAAAAAAAAAAAAAAAcBmMk0Nnnu8fj8/r63Tk+wFOnN9fjVurnS0DAAAAAAAAAAAAAAAAAAAAltru5y87xXT6rmzD71P/GUxILscYXYSb5z8BBKGY9vzCBAAAAAAAAAAAAAAAAAAAA9Qe+u17EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoT/v7/xcXznzgn3c6XysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNz+BAAA//9auV53")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={0xffffffffffffffff, 0x0, &(0x7f0000000340)=""/55}, 0x20)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})

8m22.952902911s ago: executing program 33 (id=424):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0500000007000000090000000500000080000000", @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0xcc9}, 0x18)
r5 = socket(0x5, 0x3, 0x2)
write(r5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r6 = getpid()
sched_setscheduler(r6, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)

11.279614826s ago: executing program 0 (id=2811):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e28, 0x8, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

11.111870057s ago: executing program 0 (id=2813):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x5)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
sendto$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

9.550007077s ago: executing program 0 (id=2818):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0x5}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

9.430400608s ago: executing program 0 (id=2820):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r3, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x1, 0x9}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x60000080}, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)

8.447680744s ago: executing program 0 (id=2822):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000001c0)={0x8})

7.334940612s ago: executing program 6 (id=2828):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x2, @remote}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
accept(r1, &(0x7f00000003c0)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x0)
bind$llc(r2, &(0x7f0000000000)={0x1a, 0x300, 0x0, 0x3, 0x3, 0x42}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10)
sendto$inet(r3, &(0x7f0000000140), 0x0, 0x20008005, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001240)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10001, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0x9}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x4, 0x5, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

7.219543812s ago: executing program 0 (id=2829):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x5)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
sendto$packet(r1, &(0x7f0000000600), 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

6.024784581s ago: executing program 6 (id=2835):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp256-generic\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4b9a01fb336bef1be8a68a628452b83a7", 0x9f}, {&(0x7f00000005c0)="f2b314c96d500b66f7fd46493862d9eb", 0x10}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)="36c1fefc4a84cb34adfedaf4648e", 0xe}], 0x1, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0xd8, 0x29, 0x4, {0x4, 0x17, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x9, 0x9f, [0x8]}}, @generic={0xfe, 0x72, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5"}, @enc_lim={0x4, 0x1, 0xf8}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hoplimit={{0x14}}, @hopopts={{0x1d0, 0x29, 0x36, {0x5e, 0x36, '\x00', [@generic={0xff, 0x45, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70dac43574"}, @pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x3, 0xe, 0x0, 0xfff, [0x2, 0x4, 0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xe2, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd13584ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93fd8146e6672c844ca0c43cde3afb3f9b0e9c19b929779fe65f579221b81"}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0x8000]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x73, 0x0, '\x00', [@pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x378}}], 0x1, 0x810)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257", 0xf15}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

4.940338327s ago: executing program 4 (id=2838):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), r0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r2=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
poll(0x0, 0x0, 0x9)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r8 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000d40)={0x0, 0x300, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r2], 0x22c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f0000010100), 0x0, 0x550, &(0x7f0000010700)="$eJzs3c9vHFcdAPDvTHYTJ3G6LnCASi2FFiUVZDeuaWtxKEVCcKqEKJyDsTeWlbU3yq7b2KrA+QuQEAIkTnDhgsQfgFRF4sKxQqoEZ5CKQIimIMEBOmh3Z9dhM2uvy/pH1p+PNJ733uzM971dz483M5oJ4NR6OiJeiYgPsix7LiIqeXmaD7HTGzqfe//+m8udIYkse+1vSSR52fAyL+azzUTE178a8e3k4bitre2bS41GqZ+vtddv1Vpb21fX1pdW66v1jYWF+RcXX1p8YfFaxFv/fzsvRcTLX/7TD7/386+8/Nbn3vjj9b9c+U6nWrP59KJ2jKm018Re08vnZoZmuP0hg51EnfaU+5nz481z9xDrAwDAaJ1j/I9ExKcj4rmoxJm9D2cBAACAR1D2xdn4dxKRFTs7ohwAAAB4hKTde2CTtJrfCzAbaVqt9u7h/VhcSBvNVvuzN5qbGyu9e2XnopzeWGvUr+X3Cs9FOenk57vp3fzzQ/mFiHg8In5QOd/NV5ebjZXjPvkBAAAAp8TFof7/Pyq9/j8AAAAwZeb2nlw5qnoAAAAAh2ef/j8AAAAwBfT/AQAAYKp97dVXO0PWf//1yutbmzebr19dqbduVtc3l6vLzdu3qqvN5mr3mX3r+y2v0Wze+nxsbN6pteutdq21tX19vbm50b6+FjNH0iAAAADgIY9/8t7vk4jY+cL57tBx9rgrBRyJ0iCV5OOCtf8Pj/XG7x5RpYAjcWbklHSQevdc8SccJ8CjrTRcMGJdB6ZP+bgrABy7ZJ/pQzfvXBik3s7Hn5p8nQAAgMm6/Ini6/+jrwv07aRHUD3gEFmJ4fQa2s9n3vUDp0f3+v+4N/I4WICpUh6jpw9MtwNe/9/19rgRsuxAFQIAACZutjskaTU/vTcbaVqtRlzqvhagnNxYa9SvRcRjEfG7SvlcJz/fnTPZt88AAAAAAAAAAAAAAAAAAAAAAAAAAPRkWRIZAAAAMNUi0j8nv+49y/9y5dnZ4fMDZ5N/dV8JfDYi3vjJaz+6s9Ru357vlL83KG//OC9//jjOYAAAAADD+v307vifx10bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKbN+/ffXO4PY3z8/KTi/vVLETFXFL8UM93xTJQj4sLfkyg9MF8SEWcmEH/nbkR8vCh+0qnWIGRR/El8CfvEj7n8WyiKf3EC8eE0u9fZ/rxStP6l8XR3XLz+lSL+J/9hjd7+xWD7d2bE+n9pzBhPvPPL2sj4dyOeKBVvf/rxkxHxnxkz/re+sb09alr204jL/f1Pd4s3iDDzYKxae/1WrbW1fXVtfWm1vlrfWFiYf3HxpcUXFq/Vbqw16vnfwhjff/JXH+zV/guF+78kr83o9j9bsLyifdJ/3rlz/6P9zM7D8a88UxD/Nz/LP5HHT3bnSfM4n8nTSSSD8mSn930+6Klf/Papvdq/stv+8kF+/yujFjrsoRXlyXH/dQCAQ9Da2r651GjUb09totNLPwHVOPREVun9oielPkOJb753Av/ZvjvRBWZZlnV+gYJJ9yJinOUkMeGWpsX12U2M/FGOecMEAABM3O5B/2SupwMAAAAAAAAAAAAAAAAAAAAHdxRPWRuOufsI5GQSj9AGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiI/wYAAP//in3QFg==")
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), r0)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r9, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDR6={0x14, 0xb, @mcast2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x40010)

4.079873253s ago: executing program 6 (id=2840):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)

4.029522523s ago: executing program 4 (id=2841):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xe0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xfff3, 0xd064db0e491fa98f}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x842}, @TCA_CAKE_INGRESS={0x8, 0xf, 0x1}]}}]}, 0x44}}, 0x4044080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

3.656424656s ago: executing program 4 (id=2842):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@remote, 0x8000000, 0x0, 0xff, 0x1, 0x66}, 0x20)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r2], 0x50}}, 0x2)

3.654321376s ago: executing program 1 (id=2843):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@abort}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x453, &(0x7f0000000c80)="$eJzs3MtvG0UYAPBv10nfJaEqjz6AQEFEPJImLaUHLiCQOICEBIdyDElalboNaoJEqwoKQuWIKiGuqEck/gJOcEHACYkr3FGlCvXSwslo7d3Eduw0DnYN8e8nbTKzO9bM592xZ2dsBzCwxrI/ScSuiPgtIkZq2cYCY7V/t29emv3r5qXZJCqVN/9MquVu3bw0WxQtHrezyAxFpJ8mcaBFvYsXLp6ZKZfnz+f5yaWz700uXrj47OmzM6fmT82fmz5+/OiRqeePTT/XlTizuG7t/3Dh4L5X3776+uyJq+/89E1SxN8UR5eMrXXwiUqly9X11+66dDLUx4bQkVKtm8Zwtf+PRClWTt5IvPJJXxsH9FSlUqnc3/7w5QqwiSXR7xYA/VG80Wf3v8W29oChq8OPvrvxYu0GKIv7dr7VjgxFmpcZbrq/jYht3ap/LCJOXP77q2yL3sxDAAA0+C4b/zzTavyXRv280D35GspoRNwbEXsi4lhE7I2I+yKqZR+IiAc7rL95kWT1+Ce9vqHA1ikb/72Qr201jv+K0V+MlvLc7mr8w8nJ0+X5w/lzMh7DW7P81Bp1fP/yr5+3O1Y//su2rP5iLJi34/rQ1sbHzM0szfybmOvd+Dhi/1Cr+JPllYAkIvZFxP4N1nH6qa8Ptjt25/hbqz4lXVhnqlyLeLJ2/i9HU/yFZO31ycltUZ4/PFlcFav9/MuVN9rVv9H4uyU7/ztaXv/L8Y8m9eu1i53XceX3z9re02z0+t+SvNWw74OZpaXzUxFbktdqja7fP91UbnqlfBb/+KHW/X9PrDwTByIiu4gfioiHI+KRvO2PRsRjEXFojfh/fOnxdxt2jO/qIP7eyuKf6+j8ryS2RPOe1onSmR++bah0NDqIPzv/R6up8XzPel7/1tOujV3NAAAA8P+TRsSuSNKJ5XSaTkzUPsO/N3ak5YXFpadPLrx/bq72HYHRGE6Lma6RuvnQqfy2vshPN+WP5PPGX5S2V/MTswvluX4HDwNuZ5v+n/mj1O/WAT3n+1owuPR/GFz6PwyuDvv/l9fSyV41BbjLWvT/7U354tOAlU32uzUw8Fq9/3/Uh3YAd19T/7fsBwPE/B8MLv0fBpf+DwNpcXvc+UvyEhKrEpH+J5rR+8S2df7MxSZL9PuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+CQAA//8FdOug")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000400)='.\x00', 0xa4000829)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)

3.622296096s ago: executing program 6 (id=2844):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xcf, 0x69, 0x54, 0x10, 0x403, 0xf850, 0x17b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x17, 0x0, 0x0, 0x5, 0x7d, 0x44}}]}}]}}, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

3.416653128s ago: executing program 4 (id=2845):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x202)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000003c1, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa20000"], &(0x7f00000008c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00'})
r4 = eventfd2(0x0, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015"], 0x38}, 0x1, 0x300}, 0x0)
readv(r4, &(0x7f0000000500)=[{&(0x7f0000000380)=""/95, 0x5f}], 0x1)
write$eventfd(r4, &(0x7f0000000280)=0x9, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3, 0x0, 0x761}, 0x18)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000bc0)=ANY=[@ANYBLOB='iocharset=maciceland,iocharset=default,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c696f636861727365743d63703835352c666d61736b3d30303030303030303030303030303030303030303230342c756d61736b3d30303030303030303030303030303030303031303030002c6b6565705f6c6173745f646f74732c757466382c696f636861727365743d69736f383835382d322c00716e38bcb049da85848e6756a3bd4745417549b1cb9a33b753aa8794c7e33757ce7c8e8fffc81ac6d5041b8ed65bd4dbe75b53ad789c5f492cb5866d74265428e77c8824127d6f36cd183083f016bdaf33c30f8645e367d089cb4235517369a13ead2b4ea75585050ac51ba363c593780cf08ef99a97db4c453e6fded10a48d332668e93902504c38866c149921b590e1dd141206e28b0b817e984629c659b02a0508f2b8ca4ae4a125af4831e79e8bbb571147676f45a4e36f460952320d5a1d97c98508c7f149f9a30b543949899e532f8be39abce"], 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
getdents(0xffffffffffffffff, &(0x7f0000000600)=""/192, 0xc0)
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
syz_mount_image$fuse(&(0x7f0000000440), &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64653d303030303030303dcd5886df5b3e667947f1cfe36b300030302c75ba0b7c3069115445f07b454e140f35cb68107389a302b51e3177e35c1e8ec726ac5aba68b7044b5de3cb186a90925127719b84dc09515621419a14540de9b7ccb2d0d7082d4be52154fc9fd10286e07b9e6fa03622e15b69f8907bfc", @ANYRESDEC=0xee00, @ANYBLOB=',group_id=', @ANYRESDEC=r6, @ANYBLOB=',allow_other,mask=MAY'], 0x0, 0x0, &(0x7f0000000780)="618f8f2ae7758cb13b42d8e817a29cfddb7d2ceb334b")
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r7, @ANYRES32, @ANYRESOCT=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.236088666s ago: executing program 5 (id=2848):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x4, 0xfffc, 0x204, 0x5, 0x2, 0x8007859, 0x97b2, 0x80}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)

1.990395397s ago: executing program 5 (id=2849):
socket$nl_netfilter(0x10, 0x3, 0xc)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x10448)
r0 = socket(0x1e, 0x4, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
ioctl$SIOCAX25ADDUID(r0, 0x89e1, 0x0)

1.803751508s ago: executing program 4 (id=2850):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp256-generic\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4b9a01fb336bef1be8a68a628452b83a7", 0x9f}, {&(0x7f00000005c0)="f2b314c96d500b66f7fd46493862d9eb", 0x10}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)="36c1fefc4a84cb34adfedaf4648e", 0xe}], 0x1, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0xd8, 0x29, 0x4, {0x4, 0x17, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x9, 0x9f, [0x8]}}, @generic={0xfe, 0x72, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5"}, @enc_lim={0x4, 0x1, 0xf8}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hoplimit={{0x14}}, @hopopts={{0x1d0, 0x29, 0x36, {0x5e, 0x36, '\x00', [@generic={0xff, 0x45, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70dac43574"}, @pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x3, 0xe, 0x0, 0xfff, [0x2, 0x4, 0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xe2, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd13584ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93fd8146e6672c844ca0c43cde3afb3f9b0e9c19b929779fe65f579221b81"}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0x8000]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x73, 0x0, '\x00', [@pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x378}}], 0x1, 0x810)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90", 0xf53}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.732975058s ago: executing program 5 (id=2851):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xe0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xfff3, 0xd064db0e491fa98f}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x842}, @TCA_CAKE_INGRESS={0x8, 0xf, 0x1}]}}]}, 0x44}}, 0x4044080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

1.243612452s ago: executing program 5 (id=2852):
connect$rose(0xffffffffffffffff, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(0xffffffffffffffff, &(0x7f0000000040)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]}, 0x40)

824.705755ms ago: executing program 5 (id=2853):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)

738.110815ms ago: executing program 1 (id=2854):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@remote, 0x8000000, 0x0, 0xff, 0x1, 0x66}, 0x20)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r2], 0x50}}, 0x2)

566.952917ms ago: executing program 4 (id=2855):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @any, 0x4}, 0xe)
pipe(&(0x7f0000000480))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x10000000, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x9, 0x1000000200000009, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
listen(r0, 0x44)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000001100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c582", 0x5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7)

404.585058ms ago: executing program 1 (id=2856):
r0 = socket$inet6(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

338.809068ms ago: executing program 6 (id=2857):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)}], 0x2, 0x0, 0x0, 0x4000000}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

223.231028ms ago: executing program 1 (id=2858):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x4, 0xfffc, 0x204, 0x5, 0x2, 0x8007859, 0x97b2, 0x80}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)

128.015469ms ago: executing program 6 (id=2859):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x68e, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x80, 0x1d4, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x122)

108.601289ms ago: executing program 1 (id=2860):
socket$nl_netfilter(0x10, 0x3, 0xc)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x10448)
r0 = socket(0x1e, 0x4, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
ioctl$SIOCAX25ADDUID(r0, 0x89e1, 0x0)

26.77299ms ago: executing program 1 (id=2861):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x49, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x4, 0xfff3}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8858}, 0x20004804)

0s ago: executing program 5 (id=2862):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, 0x0, 0x0)
connect$rose(r0, &(0x7f0000000040)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]}, 0x40)

kernel console output (not intermixed with test programs):

619d30d)
[  353.254680][ T7292] loop6: detected capacity change from 0 to 1024
[  353.332570][ T7292] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  353.430737][ T7292] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.701: Allocating blocks 385-513 which overlap fs metadata
[  353.533030][ T7292] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #15: block 113: comm syz.6.701: lblock 0 mapped to illegal pblock 113 (length 1)
[  353.577282][ T7289] EXT4-fs error (device loop6): ext4_discard_preallocations:5106: comm syz.6.701: Error -117 loading buddy information for 4294944368
[  353.668468][ T7307] loop4: detected capacity change from 0 to 136
[  353.676762][ T6149] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 30064771087 in block_group 0
[  353.705457][ T6149] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  353.822627][ T7308] overlayfs: missing 'lowerdir'
[  353.919507][ T6149] EXT4-fs error (device loop6): ext4_dirty_inode:6133: inode #15: comm syz-executor: mark_inode_dirty error
[  354.189080][ T4335] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm kworker/u4:5: Invalid inode table block 30064771087 in block_group 0
[  354.370211][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  357.353737][ T7311] loop4: detected capacity change from 0 to 40427
[  357.362949][ T7311] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  357.388169][ T7311] F2FS-fs (loop4): invalid crc value
[  357.428273][ T7311] F2FS-fs (loop4): Found nat_bits in checkpoint
[  357.755345][ T7370] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  358.452492][ T7354] loop6: detected capacity change from 0 to 40427
[  358.494678][ T7354] F2FS-fs (loop6): invalid crc value
[  358.526164][ T7354] F2FS-fs (loop6): Found nat_bits in checkpoint
[  358.663024][ T7354] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  358.676320][ T7387] netlink: 6 bytes leftover after parsing attributes in process `syz.5.727'.
[  358.737566][ T7378] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.745435][ T7378] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.578697][ T7378] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  359.637513][ T7378] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  360.061284][ T4282] Bluetooth: hci1: command 0x0405 tx timeout
[  360.073220][ T7378] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  360.082873][ T7378] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  360.092263][ T7378] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  360.101488][ T7378] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  360.543611][ T6149] syz-executor: attempt to access beyond end of device
[  360.543611][ T6149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  361.993650][ T7469] netlink: 'syz.4.749': attribute type 10 has an invalid length.
[  362.004186][ T7469] device bridge_slave_1 left promiscuous mode
[  362.012536][ T7469] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.110537][ T7470] loop6: detected capacity change from 0 to 256
[  362.130335][ T7469] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  362.220876][ T7470] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  363.446712][ T7479] netlink: 16 bytes leftover after parsing attributes in process `syz.5.750'.
[  365.336370][ T7498] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode 802.3ad(4)
[  365.924605][ T7514] netlink: 16 bytes leftover after parsing attributes in process `syz.6.762'.
[  366.660921][ T7519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.764'.
[  367.786080][ T7540] netlink: 36 bytes leftover after parsing attributes in process `syz.1.772'.
[  367.968554][ T7547] loop4: detected capacity change from 0 to 256
[  368.279083][ T7556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.776'.
[  368.560730][ T7561] netlink: 16 bytes leftover after parsing attributes in process `syz.5.777'.
[  369.310280][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  369.371573][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  369.419876][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  369.485407][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  369.536884][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  369.554908][ T7521] loop6: detected capacity change from 0 to 40427
[  369.578499][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  369.684459][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  369.778561][ T7521] F2FS-fs (loop6): invalid crc value
[  370.280577][ T7521] F2FS-fs (loop6): Failed to start F2FS issue_checkpoint_thread (-12)
[  370.985553][ T7594] syz.4.784 uses obsolete (PF_INET,SOCK_PACKET)
[  372.090600][ T7604] netlink: 36 bytes leftover after parsing attributes in process `syz.5.787'.
[  373.713907][ T7632] fuse: Unknown parameter '0x0000000000000004'
[  373.771426][ T7632] loop4: detected capacity change from 0 to 1764
[  376.784203][ T7645] netlink: 36 bytes leftover after parsing attributes in process `syz.5.799'.
[  377.210662][ T7654] loop6: detected capacity change from 0 to 40427
[  377.290597][ T7654] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x3ffff
[  377.300921][ T7654] F2FS-fs (loop6): invalid crc value
[  378.035624][ T7654] F2FS-fs (loop6): Found nat_bits in checkpoint
[  378.059307][ T7654] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  378.246703][   T26] audit: type=1800 audit(1761892214.715:29): pid=7654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.803" name="bus" dev="loop6" ino=10 res=0 errno=0
[  378.383729][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  378.390133][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  378.782911][ T6149] syz-executor: attempt to access beyond end of device
[  378.782911][ T6149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  380.414230][ T7685] fuse: Unknown parameter '0x0000000000000004'
[  380.506643][ T7684] loop5: detected capacity change from 0 to 512
[  380.526075][ T7684] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  380.862927][ T7684] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  380.873341][ T7684] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  380.883401][ T7684] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.810: Failed to acquire dquot type 1
[  380.895726][ T7684] EXT4-fs (loop5): 1 truncate cleaned up
[  380.901481][ T7684] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  381.017167][ T7695] netlink: 36 bytes leftover after parsing attributes in process `syz.1.814'.
[  381.183758][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  383.207617][ T7732] loop5: detected capacity change from 0 to 256
[  383.342388][ T7738] fuse: Unknown parameter '0x0000000000000004'
[  384.158469][ T7732] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.823'.
[  386.769812][ T7798] netlink: 16 bytes leftover after parsing attributes in process `syz.4.839'.
[  388.301353][ T7814] loop6: detected capacity change from 0 to 256
[  389.923810][ T7814] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  389.981260][ T7814] fuse: Bad value for 'fd'
[  391.340699][ T7836] loop5: detected capacity change from 0 to 512
[  391.661143][ T7836] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  392.063396][ T7836] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  392.073518][ T7836] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  392.083498][ T7836] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.850: Failed to acquire dquot type 1
[  392.097632][ T7836] EXT4-fs (loop5): 1 truncate cleaned up
[  392.103486][ T7836] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  392.129683][ T7843] netlink: 36 bytes leftover after parsing attributes in process `syz.4.852'.
[  392.455591][ T7852] netlink: 16 bytes leftover after parsing attributes in process `syz.0.853'.
[  392.989016][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  394.757668][ T7905] netlink: 16 bytes leftover after parsing attributes in process `syz.0.866'.
[  397.650136][ T7954] loop6: detected capacity change from 0 to 256
[  397.783175][ T7954] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  397.843050][ T7954] fuse: Bad value for 'fd'
[  401.666213][ T8009] loop6: detected capacity change from 0 to 512
[  401.675610][ T8009] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  402.972151][ T8009] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  402.982377][ T8009] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  402.992676][ T8009] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.892: Failed to acquire dquot type 1
[  403.013125][ T4282] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  403.013370][ T8009] EXT4-fs (loop6): 1 truncate cleaned up
[  403.025066][ T8009] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  403.054782][ T8011] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  403.060926][ T8011] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  403.067100][ T8011] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  403.073154][ T8011] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  403.079224][ T8011] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  403.332450][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  403.432719][ T8030] netlink: 60 bytes leftover after parsing attributes in process `syz.4.898'.
[  403.489758][ T8030] netlink: 60 bytes leftover after parsing attributes in process `syz.4.898'.
[  403.532570][ T8035] device syzkaller0 entered promiscuous mode
[  403.571364][ T8028] netlink: 60 bytes leftover after parsing attributes in process `syz.4.898'.
[  403.589702][ T8031] netlink: 60 bytes leftover after parsing attributes in process `syz.4.898'.
[  404.270304][ T8061] loop4: detected capacity change from 0 to 256
[  405.021169][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  405.027354][ T8004] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  405.212963][ T4282] Bluetooth: hci1: command 0x0c1a tx timeout
[  405.219194][ T4282] Bluetooth: hci5: command 0x0c1a tx timeout
[  405.225258][ T4282] Bluetooth: hci4: command 0x0c1a tx timeout
[  405.231288][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  405.400393][ T8061] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  406.931420][ T8071] loop5: detected capacity change from 0 to 1764
[  407.261295][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  409.701911][ T8139] device syzkaller0 entered promiscuous mode
[  409.713702][ T8141] loop5: detected capacity change from 0 to 256
[  409.851351][ T8143] tipc: Started in network mode
[  409.856344][ T8143] tipc: Node identity 7a763c89c5b1, cluster identity 4711
[  409.910730][ T8143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  409.966158][ T8137] tipc: Resetting bearer <eth:syzkaller0>
[  410.045808][ T8137] tipc: Disabling bearer <eth:syzkaller0>
[  411.361896][ T8166] device syzkaller0 entered promiscuous mode
[  412.301271][ T4280] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  412.375889][ T8164] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  412.386225][ T8164] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  412.449724][ T8164] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  412.471548][ T8164] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  412.490186][ T8164] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  413.599737][ T8201] loop5: detected capacity change from 0 to 256
[  413.721222][ T4333] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  413.913013][ T4333] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  414.231254][ T8214] loop5: detected capacity change from 0 to 256
[  415.183124][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  415.183158][ T4282] Bluetooth: hci4: command 0x0c1a tx timeout
[  415.188983][ T4279] Bluetooth: hci2: command 0x0c1a tx timeout
[  415.189184][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[  415.195183][ T4279] Bluetooth: hci5: command 0x0c1a tx timeout
[  415.201332][ T4333] usb 1-1: config 0 has no interface number 0
[  416.168730][ T8164] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  418.223359][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  418.263104][ T8214] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  418.283694][ T4333] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  418.426227][ T4333] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.447902][ T4333] usb 1-1: config 0 descriptor??
[  418.461415][ T4333] usb 1-1: can't set config #0, error -71
[  418.537059][ T4333] usb 1-1: USB disconnect, device number 4
[  419.385573][ T8223] loop4: detected capacity change from 0 to 1024
[  419.481492][ T8229] device syzkaller0 entered promiscuous mode
[  419.687898][ T8237] loop6: detected capacity change from 0 to 512
[  419.696527][ T8237] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  419.801860][ T8244] ubi: mtd0 is already attached to ubi31
[  420.019169][ T8237] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  420.029853][ T8237] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  420.039863][ T8237] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.935: Failed to acquire dquot type 1
[  420.055950][ T8237] EXT4-fs (loop6): 1 truncate cleaned up
[  420.061810][ T8237] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  420.617924][ T8266] netlink: 'syz.1.941': attribute type 2 has an invalid length.
[  423.505539][ T8243] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  423.565213][ T8283] loop5: detected capacity change from 0 to 1764
[  424.167406][ T8286] netlink: 'syz.1.947': attribute type 39 has an invalid length.
[  424.548415][ T8311] device syzkaller0 entered promiscuous mode
[  424.584096][ T8316] netlink: 104 bytes leftover after parsing attributes in process `syz.0.952'.
[  425.008363][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  426.216595][ T8339] netlink: 'syz.1.961': attribute type 10 has an invalid length.
[  426.279144][ T8339] device geneve0 entered promiscuous mode
[  426.324337][ T8339] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  426.398268][ T8343] loop5: detected capacity change from 0 to 256
[  426.663102][ T8353] device syzkaller0 entered promiscuous mode
[  427.358609][ T8369] loop5: detected capacity change from 0 to 256
[  427.483960][ T8369] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  427.551069][ T8368] fuse: Bad value for 'fd'
[  429.136788][ T8391] loop6: detected capacity change from 0 to 256
[  429.246633][ T8395] netlink: 60 bytes leftover after parsing attributes in process `syz.5.980'.
[  429.286706][ T8395] netlink: 60 bytes leftover after parsing attributes in process `syz.5.980'.
[  429.362311][ T8398] netlink: 60 bytes leftover after parsing attributes in process `syz.5.980'.
[  429.383921][ T8399] netlink: 60 bytes leftover after parsing attributes in process `syz.5.980'.
[  429.415974][ T8395] netlink: 60 bytes leftover after parsing attributes in process `syz.5.980'.
[  429.953318][ T8414] device syzkaller0 entered promiscuous mode
[  430.484688][ T8433] loop4: detected capacity change from 0 to 256
[  431.892454][ T8457] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  431.898817][ T8457] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  431.905028][ T8457] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  431.911218][ T8457] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  431.917294][ T8457] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  431.936839][ T8464] device syzkaller0 entered promiscuous mode
[  432.554967][ T8455] loop4: detected capacity change from 0 to 40427
[  432.614286][ T8455] F2FS-fs (loop4): invalid crc value
[  432.628120][ T8455] F2FS-fs (loop4): Found nat_bits in checkpoint
[  432.747184][ T8455] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  433.337425][ T4317] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  433.404898][ T4269] syz-executor: attempt to access beyond end of device
[  433.404898][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  433.612785][ T4317] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  433.620917][ T4317] usb 1-1: config 0 has no interface number 0
[  433.643746][ T4317] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  433.662898][ T4317] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.821889][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  433.828207][ T8456] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  434.026874][ T4278] Bluetooth: hci1: command 0x0c1a tx timeout
[  434.033488][ T4278] Bluetooth: hci5: command 0x0c1a tx timeout
[  434.040160][ T4278] Bluetooth: hci4: command 0x0c1a tx timeout
[  434.046930][ T4278] Bluetooth: hci2: command 0x0c1a tx timeout
[  434.187777][ T4317] usb 1-1: Product: syz
[  434.363054][ T4317] usb 1-1: Manufacturer: syz
[  434.398264][ T4317] usb 1-1: SerialNumber: syz
[  434.440565][ T4317] usb 1-1: config 0 descriptor??
[  434.490298][ T4317] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  434.521305][ T4317] usb 1-1: Detected SIO
[  434.539971][ T4317] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  435.310666][ T4317] usb 1-1: USB disconnect, device number 5
[  435.360368][ T4317] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  435.418603][ T4317] ftdi_sio 1-1:0.23: device disconnected
[  435.546447][ T8526] syz.6.1017[8526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  435.546576][ T8526] syz.6.1017[8526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  435.685979][ T8530] loop6: detected capacity change from 0 to 256
[  436.071105][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  436.591391][ T4278] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  436.683840][ T8549] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  436.689984][ T8549] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  436.696149][ T8549] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  436.702345][ T8549] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  436.708475][ T8549] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  437.130212][ T8566] overlayfs: failed to resolve './file1': -2
[  438.631199][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  438.637336][ T8548] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  438.701345][ T4280] Bluetooth: hci4: command 0x0c1a tx timeout
[  438.707462][ T4280] Bluetooth: hci2: command 0x0c1a tx timeout
[  438.781477][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  438.787532][ T4280] Bluetooth: hci5: command 0x0c1a tx timeout
[  439.733891][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1036'.
[  440.221404][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  440.227773][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  440.517308][ T8616] fuse: Bad value for 'fd'
[  440.701294][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  441.955048][ T8626] loop4: detected capacity change from 0 to 256
[  443.171492][ T4278] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  443.212576][ T8621] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  443.218672][ T8621] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  443.224744][ T8621] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  443.231124][ T8621] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  443.237154][ T8621] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  444.198641][ T8626] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  445.341074][ T8621] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  445.437639][ T8662] device syzkaller0 entered promiscuous mode
[  445.598495][ T8666] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.809251][ T8670] overlayfs: failed to resolve './file1': -2
[  446.221211][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  446.228796][ T4280] Bluetooth: hci5: command 0x0c1a tx timeout
[  446.236691][ T4280] Bluetooth: hci4: command 0x0c1a tx timeout
[  446.244569][ T4280] Bluetooth: hci2: command 0x0c1a tx timeout
[  446.252007][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  447.175178][ T6141] tipc: Node number set to 161709448
[  447.211411][ T8661] tipc: Resetting bearer <eth:syzkaller0>
[  447.636731][ T8661] tipc: Disabling bearer <eth:syzkaller0>
[  448.216913][ T8708] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  448.224866][ T8708] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  448.231042][ T8708] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  448.237135][ T8708] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  448.243284][ T8708] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  450.141220][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  450.148303][ T8707] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  450.312356][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  450.341190][ T4278] Bluetooth: hci5: command 0x0c1a tx timeout
[  450.347328][ T4278] Bluetooth: hci4: command 0x0c1a tx timeout
[  450.353496][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  450.849144][ T8789] loop4: detected capacity change from 0 to 256
[  450.895622][ T8789] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  450.924960][ T8789] fuse: Bad value for 'fd'
[  452.221053][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  452.603410][ T8815] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  452.610300][ T8815] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  452.619418][ T8815] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  452.627078][ T8815] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  452.633750][ T8815] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  453.387045][ T8844] device syzkaller0 entered promiscuous mode
[  454.701213][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[  454.707314][ T4281] Bluetooth: hci5: command 0x0c1a tx timeout
[  454.718410][ T4278] Bluetooth: hci4: command 0x0c1a tx timeout
[  454.724529][ T4280] Bluetooth: hci2: command 0x0c1a tx timeout
[  454.730543][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  454.737609][ T8813] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  455.267988][ T8880] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1106'.
[  456.675235][ T8902] loop5: detected capacity change from 0 to 256
[  456.790105][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  457.249796][ T8907] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  457.256738][ T8907] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  457.263482][ T8907] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  457.270072][ T8907] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  457.276825][ T8907] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  457.474238][ T8917] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  459.021226][ T8920] Bluetooth: hci0: command 0x0c1a tx timeout
[  459.027364][ T8905] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  459.215851][ T8955] loop6: detected capacity change from 0 to 256
[  459.421233][ T4279] Bluetooth: hci1: command 0x0c1a tx timeout
[  459.427325][ T4279] Bluetooth: hci4: command 0x0c1a tx timeout
[  459.434920][ T4279] Bluetooth: hci5: command 0x0c1a tx timeout
[  459.440947][ T4279] Bluetooth: hci2: command 0x0c1a tx timeout
[  460.932128][ T8975] tipc: Started in network mode
[  460.941860][ T8975] tipc: Node identity a2a7d87dadac, cluster identity 4711
[  460.965491][ T8975] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  461.042857][ T8973] tipc: Disabling bearer <eth:syzkaller0>
[  461.101306][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  461.107471][ T4280] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  462.106203][ T8996] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1139'.
[  462.645264][ T9012] loop5: detected capacity change from 0 to 1764
[  463.181068][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  466.596410][ T9040] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1149'.
[  466.752045][ T9047] loop5: detected capacity change from 0 to 256
[  466.812574][ T9047] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  467.424124][ T9059] loop5: detected capacity change from 0 to 40427
[  467.542919][ T9059] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  467.556293][ T9059] F2FS-fs (loop5): invalid crc value
[  467.642585][ T9059] F2FS-fs (loop5): Found nat_bits in checkpoint
[  467.690735][ T9059] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  468.748901][ T9077] loop4: detected capacity change from 0 to 1764
[  470.306524][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1163'.
[  470.379398][ T9087] loop4: detected capacity change from 0 to 1024
[  470.455041][ T9087] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  470.520208][ T9087] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1165: Invalid inode table block 30064771087 in block_group 0
[  470.599152][ T9087] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1165: Invalid inode table block 30064771087 in block_group 0
[  470.643276][ T9087] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  470.662515][ T9087] EXT4-fs error (device loop4): ext4_dirty_inode:6133: inode #15: comm syz.4.1165: mark_inode_dirty error
[  470.684883][ T9087] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1165: Invalid inode table block 30064771087 in block_group 0
[  470.720850][ T9100] netlink: 'syz.5.1170': attribute type 4 has an invalid length.
[  470.730474][ T9087] EXT4-fs error (device loop4): ext4_get_max_inline_size:116: inode #15: comm syz.4.1165: can't get inode location 15
[  470.770314][ T9087] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1165: Invalid inode table block 30064771087 in block_group 0
[  470.835153][ T9090] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm ext4lazyinit: Invalid block bitmap block 281470681743360 in block_group 0
[  470.867651][ T9100] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.355937][ T8121] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm kworker/u4:28: Invalid inode table block 30064771087 in block_group 0
[  471.435855][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  471.464437][ T9100] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.620731][ T9100] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.803250][ T9123] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1177'.
[  471.835268][ T9100] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.858034][ T9125] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  472.002260][ T9100] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  472.017357][ T9100] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  472.043054][ T9100] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  472.064517][ T9100] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  472.558798][ T9145] loop5: detected capacity change from 0 to 256
[  475.299879][ T9145] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  476.512010][ T9163] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1192'.
[  476.623785][ T9169] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  476.675132][ T9168] tipc: Disabling bearer <eth:syzkaller0>
[  476.710316][ T9173] device syzkaller1 entered promiscuous mode
[  476.976098][ T9178] loop5: detected capacity change from 0 to 1024
[  478.632097][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  478.632638][ T9164] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  478.982901][ T9187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1199'.
[  480.080488][ T9204] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1205'.
[  481.327379][ T9209] loop4: detected capacity change from 0 to 512
[  481.508042][ T9209] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  481.563911][ T9209] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  481.574181][ T9209] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  481.584239][ T9209] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.1204: Failed to acquire dquot type 1
[  481.599782][ T9209] EXT4-fs (loop4): 1 truncate cleaned up
[  481.605530][ T9209] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  481.793547][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  482.268827][ T9233] loop4: detected capacity change from 0 to 256
[  482.314774][ T9233] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  482.435634][ T9233] overlayfs: filesystem on './file0' not supported
[  483.014086][ T9237] loop6: detected capacity change from 0 to 1024
[  484.087987][ T9248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1217'.
[  485.228053][ T9270] IPVS: sync thread started: state = BACKUP, mcast_ifn = netdevsim0, syncid = 1, id = 0
[  485.490551][ T9278] loop6: detected capacity change from 0 to 1024
[  487.068071][ T9297] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  487.162669][ T9296] tipc: Disabling bearer <eth:syzkaller0>
[  488.244953][ T9334] loop4: detected capacity change from 0 to 512
[  488.257099][ T9334] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  488.283854][ T9332] loop5: detected capacity change from 0 to 1024
[  488.328744][ T9334] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  488.338921][ T9334] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  488.349980][ T9334] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.1242: Failed to acquire dquot type 1
[  488.444786][ T9334] EXT4-fs (loop4): 1 truncate cleaned up
[  488.450521][ T9334] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  489.015427][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  489.238872][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1247'.
[  490.610417][ T9383] device veth0 entered promiscuous mode
[  490.626055][ T9383] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  490.916232][ T9394] loop6: detected capacity change from 0 to 512
[  490.931639][ T9394] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  491.023350][ T9394] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  491.034039][ T9394] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  491.044076][ T9394] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1260: Failed to acquire dquot type 1
[  491.067102][ T9394] EXT4-fs (loop6): 1 truncate cleaned up
[  491.072928][ T9394] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  491.664749][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  493.001940][ T9444] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.039638][ T9444] bond0: (slave rose0): Enslaving as an active interface with an up link
[  493.049570][ T8114] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  493.182629][    C0] llc_conn_state_process: llc_conn_service failed
[  493.379709][ T9458] block device autoloading is deprecated and will be removed.
[  493.449794][ T9457] loop4: detected capacity change from 0 to 1764
[  494.788013][ T9495] loop4: detected capacity change from 0 to 1024
[  494.829644][ T9500] fuse: Bad value for 'fd'
[  494.977498][ T9495] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  495.027587][ T9495] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #2: block 16: comm syz.4.1287: lblock 0 mapped to illegal pblock 16 (length 1)
[  495.767899][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  497.481162][ T9584] loop4: detected capacity change from 0 to 512
[  497.504271][ T9584] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  497.549713][ T9584] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  497.560042][ T9584] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  497.570044][ T9584] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.1306: Failed to acquire dquot type 1
[  497.586184][ T9584] EXT4-fs (loop4): 1 truncate cleaned up
[  497.592136][ T9584] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  498.246167][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  498.456038][ T9611] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1312'.
[  499.329851][ T9618] loop5: detected capacity change from 0 to 1024
[  499.626396][ T9624] ubi: mtd0 is already attached to ubi31
[  500.481255][ T9649] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1325'.
[  500.824829][ T9656] loop4: detected capacity change from 0 to 1764
[  501.264962][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  501.271577][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  501.675972][ T9678] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1329'.
[  501.699734][ T9677] loop5: detected capacity change from 0 to 1024
[  501.724643][ T9680] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1331'.
[  501.933089][ T9682] ubi: mtd0 is already attached to ubi31
[  502.280574][ T9685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1333'.
[  502.582742][ T9701] netlink: 'syz.6.1338': attribute type 1 has an invalid length.
[  502.590631][ T9701] netlink: 'syz.6.1338': attribute type 2 has an invalid length.
[  502.902224][ T9715] loop6: detected capacity change from 0 to 512
[  502.918446][ T9715] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  502.943630][ T9721] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1341'.
[  502.997034][ T9715] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  503.007757][ T9715] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  503.017752][ T9715] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1340: Failed to acquire dquot type 1
[  503.034790][ T9715] EXT4-fs (loop6): 1 truncate cleaned up
[  503.040543][ T9715] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  503.566287][ T9739] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1347'.
[  503.645312][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  504.511184][ T9737] ubi: mtd0 is already attached to ubi31
[  504.905931][ T9733] loop4: detected capacity change from 0 to 40427
[  504.961388][ T9733] F2FS-fs (loop4): invalid crc value
[  505.013598][ T9733] F2FS-fs (loop4): Found nat_bits in checkpoint
[  505.192051][ T9733] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  505.320756][ T9741] loop5: detected capacity change from 0 to 40427
[  505.385257][ T9793] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1359'.
[  505.427470][ T9741] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  505.541246][ T9741] F2FS-fs (loop5): invalid crc value
[  505.621311][ T9741] F2FS-fs (loop5): Found nat_bits in checkpoint
[  505.677140][ T9801] device syzkaller1 entered promiscuous mode
[  505.754065][ T9803] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1362'.
[  505.774533][ T9741] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  505.818979][   T26] audit: type=1800 audit(1761892342.285:30): pid=9741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1349" name="bus" dev="loop5" ino=10 res=0 errno=0
[  505.855824][ T4269] syz-executor: attempt to access beyond end of device
[  505.855824][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  506.957077][ T6142] syz-executor: attempt to access beyond end of device
[  506.957077][ T6142] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  508.750413][ T9872] ubi: mtd0 is already attached to ubi31
[  509.726432][ T9897] netlink: 'syz.1.1389': attribute type 1 has an invalid length.
[  509.744796][ T9897] netlink: 'syz.1.1389': attribute type 2 has an invalid length.
[  509.777989][ T9901] loop6: detected capacity change from 0 to 1024
[  509.786719][ T9897] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1389'.
[  509.883903][ T9901] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  509.953987][ T9901] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.1390: Allocating blocks 385-513 which overlap fs metadata
[  509.979235][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  510.005735][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  510.015386][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  510.078266][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  510.087499][ T9901] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #15: block 113: comm syz.6.1390: lblock 0 mapped to illegal pblock 113 (length 1)
[  510.122581][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  510.131208][ T9899] EXT4-fs error (device loop6): ext4_discard_preallocations:5106: comm syz.6.1390: Error -117 loading buddy information for 4294944368
[  510.146409][ T9906] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  510.243826][ T9914] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  510.317527][ T6149] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 30064771087 in block_group 0
[  510.416483][ T6149] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  510.501953][ T6149] EXT4-fs error (device loop6): ext4_dirty_inode:6133: inode #15: comm syz-executor: mark_inode_dirty error
[  510.530047][ T9920] loop4: detected capacity change from 0 to 1024
[  510.543394][ T5349] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm kworker/u4:20: Invalid inode table block 30064771087 in block_group 0
[  510.587544][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  510.802288][ T9928] ubi: mtd0 is already attached to ubi31
[  512.948781][ T4324] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  513.176091][ T4324] usb 2-1: config 0 has an invalid interface number: 23 but max is 0
[  513.227936][ T4324] usb 2-1: config 0 has no interface number 0
[  513.288777][ T4324] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  513.339560][ T4324] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.378506][ T4324] usb 2-1: Product: syz
[  513.384140][ T4324] usb 2-1: Manufacturer: syz
[  513.409072][ T4324] usb 2-1: SerialNumber: syz
[  513.436204][ T4324] usb 2-1: config 0 descriptor??
[  513.473554][ T4324] ftdi_sio 2-1:0.23: FTDI USB Serial Device converter detected
[  513.489804][ T4324] usb 2-1: Detected SIO
[  513.495957][ T4324] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  513.666536][ T9968] loop4: detected capacity change from 0 to 1024
[  513.931258][ T6141] usb 2-1: USB disconnect, device number 7
[  513.948576][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  514.037643][ T9968] ubi: mtd0 is already attached to ubi31
[  514.044785][ T6141] ftdi_sio 2-1:0.23: device disconnected
[  514.407938][ T9987] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1416'.
[  515.668744][T10012] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  516.389858][T10023] ubi: mtd0 is already attached to ubi31
[  516.930887][T10040] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1433'.
[  518.445893][T10068] loop5: detected capacity change from 0 to 1024
[  519.338478][T10076] ubi: mtd0 is already attached to ubi31
[  520.189874][T10102] loop4: detected capacity change from 0 to 128
[  521.064921][T10113] loop4: detected capacity change from 0 to 1024
[  522.711830][T10131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1464'.
[  522.881394][T10137] loop6: detected capacity change from 0 to 1024
[  522.937113][T10137] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  522.971111][ T4324] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  522.984172][T10137] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.1468: Allocating blocks 385-513 which overlap fs metadata
[  523.100316][T10137] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm syz.6.1468: Invalid inode table block 30064771087 in block_group 0
[  523.132161][T10137] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  523.158590][T10137] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #15: comm syz.6.1468: mark_inode_dirty error
[  523.182886][ T4324] usb 2-1: config 0 has an invalid interface number: 23 but max is 0
[  523.188063][T10135] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.1468: Invalid block bitmap block 281470681743360 in block_group 0
[  523.201525][ T4324] usb 2-1: config 0 has no interface number 0
[  523.217111][ T4324] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  523.221579][T10135] EXT4-fs error (device loop6): ext4_discard_preallocations:5114: comm syz.6.1468: Error -117 reading block bitmap for 0
[  523.236894][ T4324] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.299498][ T4324] usb 2-1: Product: syz
[  523.308663][ T4324] usb 2-1: Manufacturer: syz
[  523.337662][ T4324] usb 2-1: SerialNumber: syz
[  523.377015][ T4324] usb 2-1: config 0 descriptor??
[  523.397216][ T4324] ftdi_sio 2-1:0.23: FTDI USB Serial Device converter detected
[  523.406355][ T6149] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 30064771087 in block_group 0
[  523.438470][ T6149] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  523.448977][ T4324] usb 2-1: Detected SIO
[  523.473614][ T4324] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  523.497813][ T6149] EXT4-fs error (device loop6): ext4_dirty_inode:6133: inode #15: comm syz-executor: mark_inode_dirty error
[  523.555848][   T75] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm kworker/u4:4: Invalid inode table block 30064771087 in block_group 0
[  523.667340][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  523.912218][ T6141] usb 2-1: USB disconnect, device number 8
[  523.944150][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  523.972025][ T6141] ftdi_sio 2-1:0.23: device disconnected
[  523.987833][T10147] loop4: detected capacity change from 0 to 40427
[  524.088173][T10147] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  524.104203][T10147] F2FS-fs (loop4): invalid crc value
[  524.243022][T10147] F2FS-fs (loop4): Found nat_bits in checkpoint
[  524.646141][T10147] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  524.663306][   T26] audit: type=1800 audit(1761892361.135:31): pid=10147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1470" name="bus" dev="loop4" ino=10 res=0 errno=0
[  525.136155][T10167] loop6: detected capacity change from 0 to 1024
[  525.410600][T10170] ubi: mtd0 is already attached to ubi31
[  526.531847][ T4269] syz-executor: attempt to access beyond end of device
[  526.531847][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  529.041105][ T4310] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  529.307424][ T4310] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  529.323923][ T4310] usb 1-1: config 0 has no interface number 0
[  529.347858][T10222] ieee802154 phy0 wpan0: encryption failed: -22
[  529.367230][T10220] loop4: detected capacity change from 0 to 1024
[  529.386551][ T4310] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  529.446331][ T4310] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  529.503639][ T4310] usb 1-1: Product: syz
[  529.545756][ T4310] usb 1-1: Manufacturer: syz
[  529.575193][T10226] ubi: mtd0 is already attached to ubi31
[  529.640706][ T4310] usb 1-1: SerialNumber: syz
[  529.745425][ T4310] usb 1-1: config 0 descriptor??
[  529.814918][ T4310] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  529.849489][ T4310] usb 1-1: Detected SIO
[  529.851685][T10225] bridge0: port 3(erspan0) entered blocking state
[  529.867558][ T4310] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  529.979318][T10225] bridge0: port 3(erspan0) entered disabled state
[  530.228312][ T4324] usb 1-1: USB disconnect, device number 6
[  530.239607][ T4324] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  530.272673][T10225] device erspan0 entered promiscuous mode
[  530.279308][T10225] bridge0: port 3(erspan0) entered blocking state
[  530.286187][T10225] bridge0: port 3(erspan0) entered forwarding state
[  530.328012][ T4324] ftdi_sio 1-1:0.23: device disconnected
[  530.353096][T10229] device erspan0 left promiscuous mode
[  530.360412][T10229] bridge0: port 3(erspan0) entered disabled state
[  530.411407][T10205] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  530.451581][T10205] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  530.487944][T10205] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  531.078118][T10259] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  532.244415][T10271] ubi: mtd0 is already attached to ubi31
[  532.337945][T10280] loop4: detected capacity change from 0 to 512
[  532.388330][T10280] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  532.688608][T10280] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  532.711351][T10280] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  532.773534][T10280] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.1506: Failed to acquire dquot type 1
[  533.014515][T10280] EXT4-fs (loop4): 1 truncate cleaned up
[  533.151780][T10280] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  533.417207][ T4310] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  533.499259][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  533.657579][T10316] loop6: detected capacity change from 0 to 512
[  533.711220][T10316] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  533.779087][T10316] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  533.789425][T10316] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  533.799584][T10316] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1516: Failed to acquire dquot type 1
[  533.826149][T10316] EXT4-fs (loop6): 1 truncate cleaned up
[  533.831956][T10316] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  533.896255][ T4310] usb 6-1: config 0 has an invalid interface number: 23 but max is 0
[  533.981119][ T4310] usb 6-1: config 0 has no interface number 0
[  534.000757][ T4310] usb 6-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  534.019511][ T4310] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.083258][ T4310] usb 6-1: Product: syz
[  534.087522][ T4310] usb 6-1: Manufacturer: syz
[  534.092616][ T4310] usb 6-1: SerialNumber: syz
[  534.116832][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  534.854592][T10331] ubi: mtd0 is already attached to ubi31
[  534.861726][ T4310] usb 6-1: config 0 descriptor??
[  535.277876][ T4310] ftdi_sio 6-1:0.23: FTDI USB Serial Device converter detected
[  535.296872][ T4310] usb 6-1: Detected SIO
[  535.301966][ T4310] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  535.328477][ T4310] usb 6-1: USB disconnect, device number 3
[  535.336667][ T4310] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  535.347007][ T4310] ftdi_sio 6-1:0.23: device disconnected
[  535.689264][T10349] device syzkaller0 entered promiscuous mode
[  536.333409][T10373] loop6: detected capacity change from 0 to 1024
[  536.343683][T10369] loop4: detected capacity change from 0 to 512
[  537.411170][T10369] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  537.493100][T10369] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  537.524198][T10369] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  537.652972][T10386] ubi: mtd0 is already attached to ubi31
[  537.654132][T10369] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.1528: Failed to acquire dquot type 1
[  537.700705][T10369] EXT4-fs (loop4): 1 truncate cleaned up
[  537.716626][T10369] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  538.430848][T10402] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1542'.
[  538.963596][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  539.131058][ T4317] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  539.227110][T10417] loop6: detected capacity change from 0 to 512
[  539.257797][T10417] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  539.552639][T10417] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  539.563187][T10417] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  539.573355][T10417] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1546: Failed to acquire dquot type 1
[  539.594280][T10417] EXT4-fs (loop6): 1 truncate cleaned up
[  539.600144][T10417] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  539.907736][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  539.942965][ T4317] usb 6-1: config 0 has an invalid interface number: 23 but max is 0
[  539.975323][ T4317] usb 6-1: config 0 has no interface number 0
[  540.003568][ T4317] usb 6-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  540.022764][ T4317] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.030797][ T4317] usb 6-1: Product: syz
[  540.041153][ T4317] usb 6-1: Manufacturer: syz
[  540.045836][ T4317] usb 6-1: SerialNumber: syz
[  540.200498][ T4317] usb 6-1: config 0 descriptor??
[  540.212174][ T4317] ftdi_sio 6-1:0.23: FTDI USB Serial Device converter detected
[  540.222293][ T4317] usb 6-1: Detected SIO
[  540.231546][ T4317] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  540.747888][ T6141] usb 6-1: USB disconnect, device number 4
[  540.772496][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  540.792671][ T6141] ftdi_sio 6-1:0.23: device disconnected
[  540.885458][T10443] device veth0 entered promiscuous mode
[  540.898177][T10443] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  542.140568][T10471] loop5: detected capacity change from 0 to 256
[  544.186950][T10499] smc: net device bond0 applied user defined pnetid SYZ0
[  544.252592][T10504] smc: net device bond0 erased user defined pnetid SYZ0
[  544.343655][T10507] loop6: detected capacity change from 0 to 256
[  544.421095][ T4317] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  544.511155][T10513] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1578'.
[  544.618383][ T4317] usb 2-1: config 0 has an invalid interface number: 23 but max is 0
[  544.652329][ T4317] usb 2-1: config 0 has no interface number 0
[  544.674076][ T4317] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  544.716086][ T4317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.796903][ T4317] usb 2-1: Product: syz
[  544.831003][ T4317] usb 2-1: Manufacturer: syz
[  544.835649][ T4317] usb 2-1: SerialNumber: syz
[  544.957799][ T4317] usb 2-1: config 0 descriptor??
[  545.021632][ T4317] ftdi_sio 2-1:0.23: FTDI USB Serial Device converter detected
[  545.446401][ T4317] usb 2-1: Detected SIO
[  545.459414][ T4317] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  545.499418][ T4317] usb 2-1: USB disconnect, device number 9
[  545.575092][ T4317] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  545.587534][ T4317] ftdi_sio 2-1:0.23: device disconnected
[  545.699628][T10526] loop5: detected capacity change from 0 to 1024
[  545.767526][T10526] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  545.799022][T10526] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3836: comm syz.5.1584: Allocating blocks 385-513 which overlap fs metadata
[  545.829971][T10524] EXT4-fs error (device loop5): ext4_discard_preallocations:5106: comm syz.5.1584: Error -117 loading buddy information for 4294944368
[  546.061626][ T8129] EXT4-fs error (device loop5): __ext4_get_inode_loc:4513: comm kworker/u4:32: Invalid inode table block 5 in block_group 0
[  546.140216][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  546.154201][T10544] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1594'.
[  548.008457][T10576] loop4: detected capacity change from 0 to 1024
[  548.155220][T10576] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  548.235702][T10576] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.1602: Allocating blocks 385-513 which overlap fs metadata
[  548.370303][T10576] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1602: Invalid inode table block 5 in block_group 0
[  548.442588][T10576] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  548.516484][T10576] EXT4-fs error (device loop4): ext4_dirty_inode:6133: inode #15: comm syz.4.1602: mark_inode_dirty error
[  548.576046][T10576] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.1602: Invalid inode table block 5 in block_group 0
[  548.638885][T10576] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  548.693791][T10576] EXT4-fs error (device loop4): ext4_alloc_file_blocks:4530: inode #15: comm syz.4.1602: mark_inode_dirty error
[  548.751387][T10575] EXT4-fs error (device loop4): ext4_discard_preallocations:5106: comm syz.4.1602: Error -117 loading buddy information for 4294944368
[  548.982525][T10595] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  548.989787][ T8114] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm kworker/u4:25: Invalid inode table block 5 in block_group 0
[  549.061628][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  549.432939][T10604] loop4: detected capacity change from 0 to 256
[  549.444976][T10604] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  549.469932][T10604] overlayfs: filesystem on './file0' not supported
[  550.326322][T10628] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1618'.
[  550.428591][T10633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1618'.
[  551.294408][T10651] loop5: detected capacity change from 0 to 512
[  551.302661][T10651] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  551.465221][T10651] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  551.475351][T10651] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  551.485351][T10651] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.1628: Failed to acquire dquot type 1
[  551.498855][T10651] EXT4-fs (loop5): 1 truncate cleaned up
[  551.504638][T10651] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  551.663163][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  552.018363][T10674] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1634'.
[  552.086968][T10674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1634'.
[  552.191192][T10674] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1634'.
[  552.711480][ T4282] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  552.807714][T10687] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  552.813864][T10687] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  552.819840][T10687] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  552.825860][T10687] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  552.831956][T10687] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  554.376472][T10723] fuse: Bad value for 'fd'
[  554.861584][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  554.868537][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  554.871013][T10684] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  554.875998][ T4282] Bluetooth: hci5: command 0x0c1a tx timeout
[  554.887459][ T4282] Bluetooth: hci4: command 0x0c1a tx timeout
[  554.894189][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  556.475587][T10754] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  556.481930][T10754] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  556.488038][T10754] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  556.494198][T10754] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  556.500285][T10754] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  556.806117][T10763] fuse: Bad value for 'fd'
[  558.391520][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  558.399795][T10751] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  558.541299][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  558.547400][ T4280] Bluetooth: hci5: command 0x0c1a tx timeout
[  558.553724][ T4282] Bluetooth: hci4: command 0x0c1a tx timeout
[  558.559748][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  559.136155][T10791] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1676'.
[  559.326711][T10800] Cannot find del_set index 1 as target
[  560.461049][ T4278] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  560.471426][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  561.297766][T10854] loop6: detected capacity change from 0 to 512
[  561.349174][T10854] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  561.529557][T10854] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  561.850427][T10854] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  561.945956][T10854] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1691: Failed to acquire dquot type 1
[  562.059429][T10854] EXT4-fs (loop6): 1 truncate cleaned up
[  562.074640][T10854] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  562.541113][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  562.714535][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  562.720896][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  563.085205][T10884] fuse: Bad value for 'user_id'
[  563.387356][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1708'.
[  563.802762][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  564.133519][T10909] loop6: detected capacity change from 0 to 128
[  564.959154][T10918] fuse: Bad value for 'user_id'
[  565.179503][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1720'.
[  565.459712][T10932] device syzkaller0 entered promiscuous mode
[  565.511659][T10932] tipc: Started in network mode
[  565.547048][T10932] tipc: Node identity ca0e9b8bded4, cluster identity 4711
[  565.592132][T10932] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  565.635154][T10931] tipc: Resetting bearer <eth:syzkaller0>
[  565.757244][T10931] tipc: Disabling bearer <eth:syzkaller0>
[  566.917889][T10957] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1733'.
[  566.989390][T10960] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1734'.
[  567.508673][T10971] netlink: 'syz.0.1738': attribute type 13 has an invalid length.
[  567.536088][T10971] netlink: 'syz.0.1738': attribute type 17 has an invalid length.
[  567.670498][T10976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.682371][T10971] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  567.700430][T10971] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  567.724760][T10971] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  568.244996][T10986] loop6: detected capacity change from 0 to 128
[  568.577491][T10990] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1745'.
[  569.047015][T11000] device vlan2 entered promiscuous mode
[  569.784962][T11014] loop4: detected capacity change from 0 to 256
[  569.798488][T11014] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  569.835770][T11014] overlayfs: filesystem on './file0' not supported
[  569.874886][T11015] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1755'.
[  569.916288][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1757'.
[  570.533639][T11028] loop5: detected capacity change from 0 to 512
[  570.575947][T11028] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  570.601433][T11036] device syzkaller1 entered promiscuous mode
[  570.706209][T11028] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  570.771895][T11028] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  570.826245][T11028] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.1758: Failed to acquire dquot type 1
[  570.885691][T11028] EXT4-fs (loop5): 1 truncate cleaned up
[  570.915130][T11028] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  571.037839][T11046] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1766'.
[  572.042325][T11057] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1768'.
[  572.051041][T11058] netlink: 200 bytes leftover after parsing attributes in process `syz.6.1767'.
[  572.245433][T11055] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1767'.
[  572.257415][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  572.454326][T11066] device syzkaller0 entered promiscuous mode
[  573.110569][T11071] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.117939][T11071] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.215187][T11085] loop6: detected capacity change from 0 to 128
[  573.528243][T11091] fuse: Bad value for 'fd'
[  573.539948][T11092] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1779'.
[  573.955012][T11071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  573.997114][T11071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  574.365162][T11071] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  574.373726][T11071] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  574.384127][T11071] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  574.393028][T11071] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  574.415866][T11086] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  574.434812][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1782'.
[  574.784678][T11115] fuse: Bad value for 'fd'
[  575.303614][T11131] loop6: detected capacity change from 0 to 128
[  575.316729][T11132] device syzkaller0 entered promiscuous mode
[  575.335639][T11132] tipc: Started in network mode
[  575.340558][T11132] tipc: Node identity 2e9d10733621, cluster identity 4711
[  575.349119][T11132] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  575.360835][ T6145] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  575.411459][T11130] tipc: Resetting bearer <eth:syzkaller0>
[  575.480679][T11130] tipc: Disabling bearer <eth:syzkaller0>
[  575.808022][T11148] fuse: Bad value for 'fd'
[  576.014591][T11156] loop6: detected capacity change from 0 to 512
[  576.029741][T11156] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  576.283285][T11156] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  576.293899][T11156] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  576.304134][T11156] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.1806: Failed to acquire dquot type 1
[  576.329361][T11156] EXT4-fs (loop6): 1 truncate cleaned up
[  576.335271][T11156] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  576.643222][T11166] loop5: detected capacity change from 0 to 128
[  576.766057][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  577.017781][T11179] device syzkaller0 entered promiscuous mode
[  577.125546][T11183] device syzkaller0 entered promiscuous mode
[  577.142121][T11183] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  577.149987][T11180] tipc: Resetting bearer <eth:syzkaller0>
[  577.257947][T11180] tipc: Disabling bearer <eth:syzkaller0>
[  577.262165][T11188] fuse: Invalid rootmode
[  578.408812][T11171] loop5: detected capacity change from 0 to 40427
[  578.432817][T11171] F2FS-fs (loop5): invalid crc value
[  578.489405][T11206] loop6: detected capacity change from 0 to 128
[  578.504673][T11171] F2FS-fs (loop5): Found nat_bits in checkpoint
[  578.546715][ T6248] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  578.613052][T11171] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  578.775374][T11214] device syzkaller0 entered promiscuous mode
[  579.117875][T11224] fuse: Invalid rootmode
[  579.150360][T11225] device syzkaller0 entered promiscuous mode
[  579.169688][ T6142] syz-executor: attempt to access beyond end of device
[  579.169688][ T6142] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  580.407324][T11248] device syzkaller0 entered promiscuous mode
[  582.038404][T11252] loop4: detected capacity change from 0 to 40427
[  582.066849][T11252] F2FS-fs (loop4): invalid crc value
[  582.117606][T11252] F2FS-fs (loop4): Found nat_bits in checkpoint
[  582.163862][T11292] fuse: Bad value for 'rootmode'
[  582.227451][T11252] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  582.638060][ T4269] syz-executor: attempt to access beyond end of device
[  582.638060][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  583.885944][T11323] fuse: Bad value for 'rootmode'
[  584.303608][T11321] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.311003][T11321] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.986683][T11321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  585.022011][T11321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  585.416726][T11321] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  585.425884][T11321] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  585.439582][T11321] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  585.448781][T11321] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  585.535405][T11340] device syzkaller0 entered promiscuous mode
[  585.559413][T11363] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1873'.
[  587.031788][T11400] fuse: Unknown parameter 'use00000000000000000000'
[  587.168502][T11397] bridge0: port 3(batadv1) entered blocking state
[  587.194667][T11397] bridge0: port 3(batadv1) entered disabled state
[  587.219693][T11397] device batadv1 entered promiscuous mode
[  587.293764][T11406] device syzkaller0 entered promiscuous mode
[  587.690228][ T4440] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  587.700265][ T4440] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  588.059090][T11425] fuse: Unknown parameter 'use00000000000000000000'
[  588.424651][T11434] loop5: detected capacity change from 0 to 512
[  588.470170][T11434] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  588.550406][T11434] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  588.561801][T11434] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  588.578374][T11434] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.1899: Failed to acquire dquot type 1
[  588.595145][T11434] EXT4-fs (loop5): 1 truncate cleaned up
[  588.600845][T11434] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  588.732733][T11447] device vlan3 entered promiscuous mode
[  589.019870][T11455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1907'.
[  589.046838][T11443] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  589.953944][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  592.339737][T11401] Set syz1 is full, maxelem 65536 reached
[  592.372451][T11519] device vlan3 entered promiscuous mode
[  592.618778][T11529] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  592.989600][T11532] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  592.995862][T11532] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  593.002212][T11532] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  593.008335][T11532] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  593.014495][T11532] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  594.941022][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  594.947210][T11531] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  595.101179][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  595.107241][ T4280] Bluetooth: hci5: command 0x0c1a tx timeout
[  595.118959][ T8920] Bluetooth: hci4: command 0x0c1a tx timeout
[  595.118980][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  595.369570][T11581] fuse: Unknown parameter 'user_id00000000000000000000'
[  595.781703][ T4278] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  595.901096][T11595] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  595.907284][T11595] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  595.913447][T11595] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  595.919576][T11595] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  595.925780][T11595] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  596.035292][T11612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  596.046398][T11612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  596.056703][T11612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  596.067756][T11612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  596.088755][T11614] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1964'.
[  596.093378][T11612] batman_adv: batadv0: Adding interface: macsec0
[  596.117684][T11612] batman_adv: batadv0: The MTU of interface macsec0 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  596.202537][T11612] batman_adv: batadv0: Interface activated: macsec0
[  596.400433][T11624] fuse: Unknown parameter 'user_id00000000000000000000'
[  596.508612][T11627] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1969'.
[  596.962063][T11639] device syzkaller0 entered promiscuous mode
[  597.222553][T11644] device syzkaller0 entered promiscuous mode
[  597.439282][T11652] fuse: Unknown parameter 'user_id00000000000000000000'
[  597.572982][T11659] device bridge_slave_0 left promiscuous mode
[  597.579402][T11659] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.590274][T11659] bond0: (slave bridge_slave_1): Releasing backup interface
[  597.599753][T11659] bond0: (slave bond_slave_0): Releasing backup interface
[  597.609505][T11659] bond0: (slave bond_slave_1): Releasing backup interface
[  597.635102][T11659] team0: Port device team_slave_0 removed
[  597.649404][T11659] team0: Port device team_slave_1 removed
[  597.656112][T11659] batman_adv: batadv0: Removing interface: batadv_slave_0
[  597.672265][T11659] batman_adv: batadv0: Removing interface: batadv_slave_1
[  597.679914][T11659] batman_adv: batadv0: Interface deactivated: macsec0
[  597.687229][T11659] batman_adv: batadv0: Removing interface: macsec0
[  597.821357][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  597.829906][T11594] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  597.981201][ T4282] Bluetooth: hci1: command 0x0c1a tx timeout
[  597.981220][ T4278] Bluetooth: hci5: command 0x0c1a tx timeout
[  597.981261][ T4278] Bluetooth: hci4: command 0x0c1a tx timeout
[  597.987234][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout
[  598.184895][T11688] device syzkaller0 entered promiscuous mode
[  598.324051][T11694] fuse: Bad value for 'fd'
[  598.426379][T11696] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1994'.
[  598.456776][T11696] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1994'.
[  598.508674][T11696] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1994'.
[  599.047957][T11711] ax25_connect(): syz.6.1999 uses autobind, please contact jreuter@yaina.de
[  599.287151][T11710] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  599.293650][T11710] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  599.299981][T11710] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  599.306186][T11710] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  599.312287][T11710] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  599.760027][T11724] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2004'.
[  599.771187][ T4332] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  599.771959][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  599.792738][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  599.800254][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  599.819422][T11724] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2004'.
[  599.834151][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  599.846814][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  599.854963][T11724] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  599.923006][T11726] fuse: Bad value for 'fd'
[  599.952824][ T4332] usb 7-1: config 0 has an invalid interface number: 23 but max is 0
[  599.964431][ T4332] usb 7-1: config 0 has no interface number 0
[  599.979458][ T4332] usb 7-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  600.005910][ T4332] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.024854][ T4332] usb 7-1: Product: syz
[  600.029204][ T4332] usb 7-1: Manufacturer: syz
[  600.034686][ T4332] usb 7-1: SerialNumber: syz
[  600.038019][T11728] device syzkaller0 entered promiscuous mode
[  600.043468][ T4332] usb 7-1: config 0 descriptor??
[  600.068920][ T4332] ftdi_sio 7-1:0.23: FTDI USB Serial Device converter detected
[  600.083438][ T4332] usb 7-1: Detected SIO
[  600.088727][ T4332] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  600.131543][T11730] device syzkaller0 entered promiscuous mode
[  600.287194][T11735] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2008'.
[  600.657559][T11356] usb 7-1: USB disconnect, device number 3
[  600.718947][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  600.779390][T11356] ftdi_sio 7-1:0.23: device disconnected
[  601.111102][ T4280] Bluetooth: hci0: command 0x0c1a tx timeout
[  601.117281][T11708] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  601.249483][T11735] bridge0: port 2(bridge_slave_1) entered disabled state
[  601.257909][T11735] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.341050][ T4278] Bluetooth: hci1: command 0x0c1a tx timeout
[  601.341103][ T4280] Bluetooth: hci4: command 0x0c1a tx timeout
[  601.347155][ T4278] Bluetooth: hci5: command 0x0c1a tx timeout
[  601.353254][ T4279] Bluetooth: hci2: command 0x0c1a tx timeout
[  602.814922][T11735] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  602.948272][T11735] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  603.111477][T11764] fuse: Bad value for 'fd'
[  603.181021][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[  603.181033][ T4282] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  604.230178][T11735] device geneve0 left promiscuous mode
[  604.260392][T11735] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  604.290843][T11735] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  604.335606][T11735] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  604.381679][T11735] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  604.731372][T11735] device vlan3 left promiscuous mode
[  604.751420][T11737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2008'.
[  604.770816][T11737] device hsr_slave_0 left promiscuous mode
[  604.812542][T11737] device hsr_slave_1 left promiscuous mode
[  604.930307][T11766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2017'.
[  604.941445][T11766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2017'.
[  605.134569][T11771] device syzkaller0 entered promiscuous mode
[  605.260986][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  605.913230][ T4310] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  605.928045][T11790] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2027'.
[  605.928994][T11786] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2026'.
[  605.942665][T11790] netlink: 'syz.4.2027': attribute type 1 has an invalid length.
[  606.132588][ T4310] usb 2-1: config 0 has an invalid interface number: 23 but max is 0
[  606.151147][ T4310] usb 2-1: config 0 has no interface number 0
[  606.172135][ T4310] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  606.221086][ T4310] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.229127][ T4310] usb 2-1: Product: syz
[  606.251537][ T4310] usb 2-1: Manufacturer: syz
[  606.256205][ T4310] usb 2-1: SerialNumber: syz
[  606.277209][ T4310] usb 2-1: config 0 descriptor??
[  606.291329][ T4310] ftdi_sio 2-1:0.23: FTDI USB Serial Device converter detected
[  606.303079][ T4310] usb 2-1: Detected SIO
[  606.309785][ T4310] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  606.400234][T11802] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2031'.
[  606.429021][T11802] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2031'.
[  606.803987][T11356] usb 2-1: USB disconnect, device number 10
[  606.837133][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  606.918545][T11356] ftdi_sio 2-1:0.23: device disconnected
[  607.645203][ T4282] Bluetooth: hci0: command 0x0c1a tx timeout
[  607.872958][T11834] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2040'.
[  608.492600][T11851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  608.515812][T11851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  608.572076][T11851] batman_adv: batadv0: Adding interface: macsec1
[  608.593097][T11851] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  608.655359][T11851] batman_adv: batadv0: Interface activated: macsec1
[  609.865662][T11882] device syzkaller0 entered promiscuous mode
[  610.106003][T11892] loop4: detected capacity change from 0 to 128
[  611.901284][T11914] fuse: Unknown parameter '0x0000000000000003'
[  612.496226][T11921] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2067'.
[  612.710081][T11931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2072'.
[  612.906101][T11941] loop5: detected capacity change from 0 to 512
[  612.959230][T11942] loop6: detected capacity change from 0 to 128
[  613.541494][T11941] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  613.804264][T11941] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  613.814479][T11941] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  613.824747][T11941] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.2071: Failed to acquire dquot type 1
[  614.140857][T11941] EXT4-fs (loop5): 1 truncate cleaned up
[  614.146668][T11941] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  614.344644][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  616.370714][T11972] fuse: Unknown parameter '0x0000000000000003'
[  616.478562][T11981] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2085'.
[  617.320448][T11990] loop6: detected capacity change from 0 to 128
[  617.571203][ T6141] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  617.762975][ T6141] usb 5-1: config 0 has an invalid interface number: 23 but max is 0
[  617.788507][ T6141] usb 5-1: config 0 has no interface number 0
[  617.817608][ T6141] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  617.860833][ T6141] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.893675][ T6141] usb 5-1: Product: syz
[  617.914725][ T6141] usb 5-1: Manufacturer: syz
[  617.932758][ T6141] usb 5-1: SerialNumber: syz
[  617.973448][ T6141] usb 5-1: config 0 descriptor??
[  618.067288][ T6141] ftdi_sio 5-1:0.23: FTDI USB Serial Device converter detected
[  618.083037][ T6141] usb 5-1: Detected SIO
[  618.093084][ T6141] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  619.146510][ T6141] usb 5-1: USB disconnect, device number 7
[  619.193744][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  619.262532][ T6141] ftdi_sio 5-1:0.23: device disconnected
[  619.427816][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  619.447495][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  619.467264][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  619.578857][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  619.589842][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  619.598430][T12021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  621.172787][T12055] loop5: detected capacity change from 0 to 256
[  621.234370][T12055] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  621.344342][T12055] overlayfs: filesystem on './file0' not supported
[  621.592739][T12064] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2113'.
[  621.981184][ T4310] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  622.068094][T12042] loop6: detected capacity change from 0 to 40427
[  622.264832][ T4310] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  622.361667][ T4310] usb 1-1: config 0 has no interface number 0
[  622.436872][T12042] F2FS-fs (loop6): invalid crc value
[  622.483008][ T4310] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  622.493048][ T4310] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.502411][ T4310] usb 1-1: Product: syz
[  622.506686][ T4310] usb 1-1: Manufacturer: syz
[  622.511423][ T4310] usb 1-1: SerialNumber: syz
[  622.531723][ T4310] usb 1-1: config 0 descriptor??
[  622.542192][ T4310] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  622.550138][T12042] F2FS-fs (loop6): Found nat_bits in checkpoint
[  622.555908][ T4310] usb 1-1: Detected SIO
[  622.585695][ T4310] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  622.624688][T12076] loop4: detected capacity change from 0 to 128
[  622.684232][ T6310] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  622.725766][T12042] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  623.056138][ T6141] usb 1-1: USB disconnect, device number 7
[  623.080550][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  623.147531][ T6141] ftdi_sio 1-1:0.23: device disconnected
[  623.323275][T12085] bond0: (slave vlan5): Enslaving as an active interface with an up link
[  623.356757][ T6149] syz-executor: attempt to access beyond end of device
[  623.356757][ T6149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  624.143357][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.149699][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  624.216349][T12105] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2124'.
[  626.110455][T12143] device syzkaller1 entered promiscuous mode
[  626.131010][ T4310] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  626.334172][ T4310] usb 7-1: config 0 has an invalid interface number: 23 but max is 0
[  626.370822][ T4310] usb 7-1: config 0 has no interface number 0
[  626.493687][ T4310] usb 7-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  626.591885][ T4310] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.673543][ T4310] usb 7-1: Product: syz
[  626.678022][ T4310] usb 7-1: Manufacturer: syz
[  626.740621][ T4310] usb 7-1: SerialNumber: syz
[  626.857963][ T4310] usb 7-1: config 0 descriptor??
[  626.917425][ T4310] ftdi_sio 7-1:0.23: FTDI USB Serial Device converter detected
[  626.991326][ T4310] usb 7-1: Detected SIO
[  626.996837][ T4310] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  627.115204][T12153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2139'.
[  627.442221][T11356] usb 7-1: USB disconnect, device number 4
[  627.450509][T12157] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2142'.
[  627.485636][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  627.509198][T11356] ftdi_sio 7-1:0.23: device disconnected
[  628.395730][T12184] device syzkaller1 entered promiscuous mode
[  629.038167][T12206] device veth0 entered promiscuous mode
[  629.049636][T12206] bond0: (slave vlan4): Enslaving as an active interface with an up link
[  629.827627][T12216] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.835316][T12216] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.546198][T12216] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  630.591626][T12216] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  630.994562][T12216] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  631.009795][T12216] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  631.020317][T12216] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  631.044588][T12216] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  631.155067][T12220] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  631.258620][T12221] device syzkaller0 entered promiscuous mode
[  631.277757][T12221] tipc: Resetting bearer <eth:syzkaller0>
[  631.468601][   T11] tipc: Resetting bearer <eth:syzkaller0>
[  631.478621][T12211] tipc: Resetting bearer <eth:syzkaller0>
[  632.190427][ T4310] tipc: Node number set to 252434557
[  634.364564][T12211] tipc: Disabling bearer <eth:syzkaller0>
[  634.624638][T12272] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2177'.
[  634.744621][T12276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: macsec1
[  634.758099][T12276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  637.470308][T12296] bond0: (slave vlan4): Opening slave failed
[  637.580784][T12307] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2186'.
[  637.776792][T12314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: macsec1
[  637.823609][T12314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  638.088300][T12327] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2195'.
[  643.432273][T12437] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2229'.
[  643.480626][T12437] Bluetooth: MGMT ver 1.22
[  644.979341][T12468] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2240'.
[  645.151646][T12474] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2243'.
[  645.338012][T12482] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2247'.
[  645.601292][ T4282] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  645.605741][ T4278] Bluetooth: hci2: command 0x0401 tx timeout
[  645.905139][T12503] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2256'.
[  646.447610][T12521] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  646.517244][T12519] tipc: Disabling bearer <eth:syzkaller0>
[  647.457368][T12389] Set syz1 is full, maxelem 65536 reached
[  647.566872][T12534] device syzkaller0 entered promiscuous mode
[  648.388859][T12547] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2269'.
[  648.408906][T12548] device syzkaller1 entered promiscuous mode
[  649.690693][T12587] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2285'.
[  650.676848][T12599] device syzkaller1 entered promiscuous mode
[  650.908382][T12606] loop5: detected capacity change from 0 to 512
[  650.924211][T12606] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  651.111059][T12606] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  651.121589][T12606] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  651.131691][T12606] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.2288: Failed to acquire dquot type 1
[  651.149282][T12606] EXT4-fs (loop5): 1 truncate cleaned up
[  651.155222][T12606] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  651.364403][T12611] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  651.559272][T12604] tipc: Disabling bearer <eth:syzkaller0>
[  651.587035][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  654.972232][T12668] loop4: detected capacity change from 0 to 512
[  655.009009][T12668] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  655.049777][T12666] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2308'.
[  655.198671][T12668] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  655.209243][T12668] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  655.219327][T12668] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.2304: Failed to acquire dquot type 1
[  655.235552][T12668] EXT4-fs (loop4): 1 truncate cleaned up
[  655.241420][T12668] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  655.310532][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  657.836632][T12720] overlayfs: missing 'lowerdir'
[  658.430539][T12722] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2322'.
[  659.121378][ T4310] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  659.398331][ T4310] usb 6-1: config 0 has an invalid interface number: 23 but max is 0
[  659.523301][ T4310] usb 6-1: config 0 has no interface number 0
[  659.555522][ T4310] usb 6-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  659.626706][ T4310] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.681168][ T4310] usb 6-1: Product: syz
[  659.695695][ T4310] usb 6-1: Manufacturer: syz
[  659.700348][ T4310] usb 6-1: SerialNumber: syz
[  659.751870][ T4310] usb 6-1: config 0 descriptor??
[  659.791977][ T4310] ftdi_sio 6-1:0.23: FTDI USB Serial Device converter detected
[  659.821451][ T4310] usb 6-1: Detected SIO
[  659.829317][ T4310] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  659.840529][T12755] netlink: 'syz.1.2332': attribute type 10 has an invalid length.
[  659.875357][T12755] 8021q: adding VLAN 0 to HW filter on device team0
[  659.894369][T12755] bond0: (slave team0): Enslaving as an active interface with an up link
[  660.308346][ T6141] usb 6-1: USB disconnect, device number 5
[  660.349238][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  660.380821][ T6141] ftdi_sio 6-1:0.23: device disconnected
[  660.399511][T12772] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2338'.
[  660.480428][T12774] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2339'.
[  660.798499][T12782] device syzkaller0 entered promiscuous mode
[  665.427768][T12831] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2358'.
[  665.500505][T12833] batman_adv: batadv0: Interface deactivated: macsec1
[  667.449320][T12877] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2374'.
[  670.357349][T12909] device syzkaller0 entered promiscuous mode
[  671.763795][T12930] loop4: detected capacity change from 0 to 40427
[  671.799076][T12930] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  671.809009][T12930] F2FS-fs (loop4): invalid crc value
[  671.839769][T12930] F2FS-fs (loop4): Found nat_bits in checkpoint
[  671.906665][T12930] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  671.927658][   T26] audit: type=1800 audit(1761892508.395:32): pid=12930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2391" name="bus" dev="loop4" ino=10 res=0 errno=0
[  672.684924][ T4269] syz-executor: attempt to access beyond end of device
[  672.684924][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  674.932018][T12966] loop4: detected capacity change from 0 to 40427
[  674.945120][T12966] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  674.977652][T12966] F2FS-fs (loop4): invalid crc value
[  675.010027][T12966] F2FS-fs (loop4): Found nat_bits in checkpoint
[  675.055157][T12966] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  675.107336][T12980] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2406'.
[  675.116705][T12980] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  675.842310][   T26] audit: type=1800 audit(1761892511.775:33): pid=12966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2402" name="bus" dev="loop4" ino=10 res=0 errno=0
[  676.189065][T12991] loop5: detected capacity change from 0 to 512
[  676.222812][ T4269] syz-executor: attempt to access beyond end of device
[  676.222812][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  676.246152][T12991] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  676.371142][T12991] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  676.382654][T12991] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  676.393026][T12991] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.2408: Failed to acquire dquot type 1
[  676.420745][T12991] EXT4-fs (loop5): 1 truncate cleaned up
[  676.452170][T12991] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  676.893800][ T6142] EXT4-fs (loop5): unmounting filesystem.
[  677.186967][T13022] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2418'.
[  678.478481][T13028] loop4: detected capacity change from 0 to 40427
[  678.492498][T13028] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  678.504028][T13028] F2FS-fs (loop4): invalid crc value
[  678.574247][T13028] F2FS-fs (loop4): Found nat_bits in checkpoint
[  678.615007][T13028] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  678.631994][   T26] audit: type=1800 audit(1761892515.105:34): pid=13028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2421" name="bus" dev="loop4" ino=10 res=0 errno=0
[  678.932280][T13053] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2430'.
[  679.431763][ T4269] syz-executor: attempt to access beyond end of device
[  679.431763][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  680.383593][T13084] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2441'.
[  680.814190][T13089] loop4: detected capacity change from 0 to 40427
[  680.822565][T13089] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  680.832802][T13089] F2FS-fs (loop4): invalid crc value
[  680.853894][T13089] F2FS-fs (loop4): Found nat_bits in checkpoint
[  680.898299][T13089] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  680.918930][   T26] audit: type=1800 audit(1761892517.385:35): pid=13089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2443" name="bus" dev="loop4" ino=10 res=0 errno=0
[  681.721631][ T4269] syz-executor: attempt to access beyond end of device
[  681.721631][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  681.887895][T13112] device syzkaller0 entered promiscuous mode
[  684.814203][T13116] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2448'.
[  684.834372][T13129] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2452'.
[  685.399015][T13148] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2460'.
[  685.513097][T13154] loop6: detected capacity change from 0 to 512
[  685.560062][T13154] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  685.583606][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  685.590348][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  685.688658][T13160] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2465'.
[  685.699011][T13154] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  685.709476][T13154] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  685.719610][T13154] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.2463: Failed to acquire dquot type 1
[  686.264755][T13154] EXT4-fs (loop6): 1 truncate cleaned up
[  686.270550][T13154] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  686.330361][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  686.730414][T13188] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2470'.
[  687.108917][T13199] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2475'.
[  687.241323][T13203] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  687.248813][T13203] device syzkaller0 entered promiscuous mode
[  687.281048][T13203] tipc: Resetting bearer <eth:syzkaller0>
[  688.071270][T13197] tipc: Resetting bearer <eth:syzkaller0>
[  688.486006][T13197] tipc: Disabling bearer <eth:syzkaller0>
[  689.027279][T13235] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2484'.
[  689.039855][T13238] netlink: 51 bytes leftover after parsing attributes in process `syz.0.2485'.
[  689.350356][T13250] overlayfs: missing 'workdir'
[  690.442000][T13272] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993
[  690.531302][T13278] bridge0: port 1(batadv1) entered blocking state
[  690.558935][T13278] bridge0: port 1(batadv1) entered disabled state
[  690.600707][T13278] device batadv1 entered promiscuous mode
[  690.662449][T13281] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2499'.
[  691.031228][ T5349] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  691.040747][ T5349] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  691.079497][T13287] loop5: detected capacity change from 0 to 256
[  691.138732][T13287] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  691.174234][T13287] fuse: Bad value for 'fd'
[  692.200781][T13294] overlayfs: missing 'workdir'
[  693.450293][T13307] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  693.685895][T13251] Set syz1 is full, maxelem 65536 reached
[  693.958674][T13319] device syzkaller0 entered promiscuous mode
[  697.598473][T13264] Set syz1 is full, maxelem 65536 reached
[  703.478442][T13415] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2525'.
[  703.650741][T13430] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2528'.
[  705.811092][T13460] loop6: detected capacity change from 0 to 512
[  705.849771][T13460] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  705.892308][T13459] device syzkaller0 entered promiscuous mode
[  705.996511][T13460] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  706.006882][T13460] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  706.017271][T13460] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.2536: Failed to acquire dquot type 1
[  706.030449][T13460] EXT4-fs (loop6): 1 truncate cleaned up
[  706.036247][T13460] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  706.265070][T13467] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  706.285836][T13472] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2539'.
[  706.451449][T13463] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  706.529982][T13482] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2544'.
[  706.584630][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  708.238315][T13506] loop6: detected capacity change from 0 to 256
[  708.275727][T13506] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  708.316760][T13504] fuse: Bad value for 'fd'
[  708.551000][T13509] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2552'.
[  708.903144][T13516] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2555'.
[  709.165032][T13520] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2556'.
[  709.656940][ T4317] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  709.862534][ T4317] usb 6-1: config 0 has an invalid interface number: 23 but max is 0
[  709.870668][ T4317] usb 6-1: config 0 has no interface number 0
[  709.893657][ T4317] usb 6-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  709.910592][ T4317] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.929303][ T4317] usb 6-1: Product: syz
[  709.939494][ T4317] usb 6-1: Manufacturer: syz
[  709.949634][ T4317] usb 6-1: SerialNumber: syz
[  709.970631][ T4317] usb 6-1: config 0 descriptor??
[  710.014172][ T4317] ftdi_sio 6-1:0.23: FTDI USB Serial Device converter detected
[  710.030509][ T4317] usb 6-1: Detected SIO
[  710.047197][ T4317] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  710.191744][T13534] device syzkaller0 entered promiscuous mode
[  710.522339][T11356] usb 6-1: USB disconnect, device number 6
[  710.546948][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  710.603319][T11356] ftdi_sio 6-1:0.23: device disconnected
[  711.714964][T13549] device syzkaller0 entered promiscuous mode
[  712.031314][T13561] loop6: detected capacity change from 0 to 256
[  712.065698][T13561] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  712.116605][T13561] fuse: Bad value for 'fd'
[  713.677943][T13580] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2578'.
[  714.055381][T13567] loop4: detected capacity change from 0 to 40427
[  714.091026][    T7] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  714.119687][T13567] F2FS-fs (loop4): invalid crc value
[  714.429733][T13567] F2FS-fs (loop4): Found nat_bits in checkpoint
[  714.902699][    T7] usb 2-1: config 0 has an invalid interface number: 23 but max is 0
[  714.910829][    T7] usb 2-1: config 0 has no interface number 0
[  714.923316][    T7] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  714.959084][T13567] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  714.970970][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.019323][    T7] usb 2-1: Product: syz
[  715.034096][    T7] usb 2-1: Manufacturer: syz
[  715.044218][    T7] usb 2-1: SerialNumber: syz
[  715.080076][    T7] usb 2-1: config 0 descriptor??
[  715.116405][    T7] ftdi_sio 2-1:0.23: FTDI USB Serial Device converter detected
[  715.199328][    T7] usb 2-1: Detected SIO
[  715.226797][    T7] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  716.067720][ T4269] syz-executor: attempt to access beyond end of device
[  716.067720][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  716.637183][T13620] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2591'.
[  716.743695][T13623] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2593'.
[  717.092653][T13634] loop4: detected capacity change from 0 to 512
[  717.115519][T13634] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  717.127249][T11356] usb 2-1: USB disconnect, device number 11
[  717.141750][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  717.181759][T11356] ftdi_sio 2-1:0.23: device disconnected
[  717.203847][T13634] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  717.214064][T13634] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  717.224284][T13634] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.2585: Failed to acquire dquot type 1
[  717.244388][T13634] EXT4-fs (loop4): 1 truncate cleaned up
[  717.250091][T13634] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  718.006552][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  718.515710][T13668] device syzkaller0 entered promiscuous mode
[  718.532871][T13669] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2608'.
[  718.905766][T13684] loop6: detected capacity change from 0 to 512
[  718.915263][T13684] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  718.991099][ T4310] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  719.058823][T13684] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  719.070391][T13684] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  719.080440][T13684] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.2612: Failed to acquire dquot type 1
[  719.100520][T13684] EXT4-fs (loop6): 1 truncate cleaned up
[  719.107103][T13684] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  719.718959][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  719.843180][ T4310] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  719.873051][ T4310] usb 1-1: config 0 has no interface number 0
[  719.912775][ T4310] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  719.939714][ T4310] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  719.966732][ T4310] usb 1-1: Product: syz
[  719.971506][ T4310] usb 1-1: Manufacturer: syz
[  719.976139][ T4310] usb 1-1: SerialNumber: syz
[  719.985726][ T4310] usb 1-1: config 0 descriptor??
[  720.002187][ T4310] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  720.010461][ T4310] usb 1-1: Detected SIO
[  720.040152][ T4310] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  720.253405][T13711] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2623'.
[  720.511531][T11356] usb 1-1: USB disconnect, device number 8
[  720.538755][T13715] device syzkaller0 entered promiscuous mode
[  720.556564][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  720.588799][T11356] ftdi_sio 1-1:0.23: device disconnected
[  720.614422][T13715] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  722.294839][T13760] device bridge_slave_0 left promiscuous mode
[  722.308297][T13760] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.336569][T13760] device bridge_slave_1 left promiscuous mode
[  722.351629][T13760] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.371330][T13760] bond0: (slave bond_slave_0): Releasing backup interface
[  722.391289][T13760] bond0: (slave bond_slave_1): Releasing backup interface
[  722.417570][T13760] team0: Port device team_slave_0 removed
[  722.432953][T13760] team0: Port device team_slave_1 removed
[  722.439839][T13760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  722.455701][T13760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  722.471925][T13760] device batadv1 left promiscuous mode
[  722.483489][T13760] bridge0: port 3(batadv1) entered disabled state
[  722.499564][T13760] bond0: (slave vlan4): Releasing backup interface
[  722.542152][T13765] netlink: 51 bytes leftover after parsing attributes in process `syz.4.2642'.
[  722.938943][T13784] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2652'.
[  722.964895][T13784] device macvtap1 entered promiscuous mode
[  722.972604][T13784] device gretap0 entered promiscuous mode
[  723.885291][T13798] device syzkaller0 entered promiscuous mode
[  724.305336][T13811] loop6: detected capacity change from 0 to 256
[  724.387586][T13800] bond0 (unregistering): Released all slaves
[  724.458946][T13811] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  724.553596][T13811] overlayfs: filesystem on './file0' not supported
[  725.320362][T13822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2665'.
[  725.446529][T13822] device macvtap1 entered promiscuous mode
[  725.456781][T13822] device gretap0 entered promiscuous mode
[  725.989478][T13827] loop5: detected capacity change from 0 to 128
[  726.717260][T13841] device syzkaller1 entered promiscuous mode
[  726.866826][T13845] netlink: 'syz.5.2673': attribute type 3 has an invalid length.
[  726.876695][T13845] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2673'.
[  727.342038][T13856] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2679'.
[  729.166218][T13865] loop5: detected capacity change from 0 to 128
[  729.573146][T13431] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  729.791519][T13878] device syzkaller1 entered promiscuous mode
[  730.275544][T13888] loop5: detected capacity change from 0 to 40427
[  730.285693][T13888] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  730.299244][T13888] F2FS-fs (loop5): invalid crc value
[  730.323756][T13888] F2FS-fs (loop5): Found nat_bits in checkpoint
[  730.368616][T13888] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  730.392491][   T26] audit: type=1800 audit(1761892566.865:36): pid=13888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2692" name="bus" dev="loop5" ino=10 res=0 errno=0
[  731.164589][ T6142] syz-executor: attempt to access beyond end of device
[  731.164589][ T6142] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  731.519348][T13917] device syzkaller0 entered promiscuous mode
[  731.692260][T13921] device syzkaller1 entered promiscuous mode
[  731.985284][T13930] loop5: detected capacity change from 0 to 128
[  733.536924][T13943] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2710'.
[  733.690997][T13941] loop5: detected capacity change from 0 to 40427
[  733.702444][T13941] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  733.712372][T13941] F2FS-fs (loop5): invalid crc value
[  733.760748][T13941] F2FS-fs (loop5): Found nat_bits in checkpoint
[  733.806969][T13941] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  733.834821][   T26] audit: type=1800 audit(1761892570.305:37): pid=13941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2709" name="bus" dev="loop5" ino=10 res=0 errno=0
[  734.563553][ T6142] syz-executor: attempt to access beyond end of device
[  734.563553][ T6142] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  735.132426][T13965] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2718'.
[  735.736163][T13947] loop6: detected capacity change from 0 to 40427
[  736.224483][T13947] F2FS-fs (loop6): invalid crc value
[  736.264902][T13947] F2FS-fs (loop6): Found nat_bits in checkpoint
[  736.378591][T13947] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  736.594568][T13992] device syzkaller1 entered promiscuous mode
[  736.699804][T13997] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2724'.
[  736.906741][ T6149] syz-executor: attempt to access beyond end of device
[  736.906741][ T6149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  737.097924][T14007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2729'.
[  737.162805][T14007] device macvtap1 entered promiscuous mode
[  737.189923][T14007] device erspan0 entered promiscuous mode
[  738.548790][T14039] device syzkaller0 entered promiscuous mode
[  739.617892][T14050] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2742'.
[  739.648001][T14050] device macvtap1 entered promiscuous mode
[  739.660714][T14050] device erspan0 entered promiscuous mode
[  739.674256][T14050] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap1: link becomes ready
[  739.751004][T11356] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  739.961458][ T8124] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap1: link becomes ready
[  739.967556][T11356] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  740.001138][T11356] usb 1-1: config 0 has no interface number 0
[  740.020461][T11356] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  740.081699][T11356] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.089730][T11356] usb 1-1: Product: syz
[  740.131029][T11356] usb 1-1: Manufacturer: syz
[  740.141914][T11356] usb 1-1: SerialNumber: syz
[  740.157450][T14070] device syzkaller0 entered promiscuous mode
[  740.165792][T11356] usb 1-1: config 0 descriptor??
[  740.191574][T11356] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  740.200040][T11356] usb 1-1: Detected SIO
[  740.236864][T11356] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  740.704775][T11356] usb 1-1: USB disconnect, device number 9
[  740.745377][T11356] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  740.793749][T11356] ftdi_sio 1-1:0.23: device disconnected
[  741.825088][T14088] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2757'.
[  741.869291][T14088] device macvtap2 entered promiscuous mode
[  741.917330][T14092] device syzkaller0 entered promiscuous mode
[  742.209903][T14102] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2761'.
[  742.276287][T14104] device syzkaller0 entered promiscuous mode
[  743.048334][T14123] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2769'.
[  743.392721][T14129] device syzkaller0 entered promiscuous mode
[  743.828443][T14140] loop6: detected capacity change from 0 to 256
[  743.920286][T14140] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  744.068498][T14140] overlayfs: filesystem on './file0' not supported
[  744.491778][T14141] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2777'.
[  744.655141][T14146] device syzkaller0 entered promiscuous mode
[  744.763236][T14151] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2780'.
[  746.280689][T14175] device syzkaller0 entered promiscuous mode
[  746.744805][T14188] device syzkaller0 entered promiscuous mode
[  747.024170][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  747.030601][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  747.963080][T14208] loop6: detected capacity change from 0 to 512
[  747.970344][T14208] EXT4-fs: Ignoring removed mblk_io_submit option
[  748.015094][T14208] EXT4-fs (loop6): orphan cleanup on readonly fs
[  748.038288][T14208] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  748.071553][T14208] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  748.081224][T14208] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.2800: Failed to acquire dquot type 1
[  748.113442][T14213] device syzkaller0 entered promiscuous mode
[  748.130379][T14208] EXT4-fs (loop6): 1 truncate cleaned up
[  748.183385][T14208] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  748.244777][T14216] device syzkaller0 entered promiscuous mode
[  748.302008][ T6149] EXT4-fs (loop6): unmounting filesystem.
[  749.736763][T14261] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  750.505071][T14263] loop4: detected capacity change from 0 to 40427
[  750.640791][T14275] loop6: detected capacity change from 0 to 128
[  750.726077][T14263] F2FS-fs (loop4): invalid crc value
[  750.832380][T14263] F2FS-fs (loop4): Found nat_bits in checkpoint
[  751.183429][T14263] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  751.252465][T14263] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  751.303175][T13522] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  751.471611][ T4269] syz-executor: attempt to access beyond end of device
[  751.471611][ T4269] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  752.131200][ T4310] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  752.412801][ T4310] usb 6-1: config 0 has an invalid interface number: 23 but max is 0
[  752.461467][ T4310] usb 6-1: config 0 has no interface number 0
[  752.482864][ T4310] usb 6-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  752.553410][ T4310] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.574088][T14316] futex_wake_op: syz.1.2827 tries to shift op by -1; fix this program
[  752.582212][ T4310] usb 6-1: Product: syz
[  752.637464][ T4310] usb 6-1: Manufacturer: syz
[  752.653524][ T4310] usb 6-1: SerialNumber: syz
[  752.677985][ T4310] usb 6-1: config 0 descriptor??
[  752.699451][ T4310] ftdi_sio 6-1:0.23: FTDI USB Serial Device converter detected
[  752.713656][ T4310] usb 6-1: Detected SIO
[  752.719499][ T4310] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  752.806347][T14324] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2830'.
[  753.215264][    T7] usb 6-1: USB disconnect, device number 7
[  753.250776][    T7] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  753.264005][T14329] loop4: detected capacity change from 0 to 256
[  753.279213][    T7] ftdi_sio 6-1:0.23: device disconnected
[  753.326912][T14329] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  753.394161][T14329] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  753.421223][T14329] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  753.438923][T14329] UDF-fs: Scanning with blocksize 512 failed
[  753.467449][T14329] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  753.492162][T14329] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  755.125011][T14352] loop4: detected capacity change from 0 to 512
[  755.143973][T14352] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  755.307620][T14352] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  755.318382][T14352] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  755.328521][T14352] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.2838: Failed to acquire dquot type 1
[  755.347051][T14352] EXT4-fs (loop4): 1 truncate cleaned up
[  755.353543][T14352] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  755.843419][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  755.876562][ T4278] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  755.887093][ T4278] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  755.895859][ T4278] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  755.903729][ T4278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  755.912190][ T4278] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  755.922133][ T4278] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  756.037086][T14371] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2841'.
[  756.263018][T14378] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2842'.
[  756.765828][T14363] chnl_net:caif_netlink_parms(): no params data found
[  756.805769][T14387] loop4: detected capacity change from 0 to 256
[  756.826851][T14387] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  756.844898][T14387] fuse: Bad value for 'fd'
[  757.486080][ T8116] tipc: Left network mode
[  757.580664][T14363] bridge0: port 1(bridge_slave_0) entered blocking state
[  757.589242][T14363] bridge0: port 1(bridge_slave_0) entered disabled state
[  757.669830][T14363] device bridge_slave_0 entered promiscuous mode
[  757.981212][ T4282] Bluetooth: hci0: command 0x0409 tx timeout
[  758.002685][T14363] bridge0: port 2(bridge_slave_1) entered blocking state
[  758.009923][T14363] bridge0: port 2(bridge_slave_1) entered disabled state
[  758.050320][ T4332] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  758.061038][T14363] device bridge_slave_1 entered promiscuous mode
[  758.101263][T14363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  758.232208][T14363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  758.243400][ T4332] usb 7-1: config 0 has an invalid interface number: 23 but max is 0
[  758.262894][ T4332] usb 7-1: config 0 has no interface number 0
[  758.292637][ T4332] usb 7-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  758.328310][ T4332] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.340545][ T4332] usb 7-1: Product: syz
[  758.367037][ T4332] usb 7-1: Manufacturer: syz
[  758.380931][ T4332] usb 7-1: SerialNumber: syz
[  758.387597][ T4332] usb 7-1: config 0 descriptor??
[  758.403356][ T4332] ftdi_sio 7-1:0.23: FTDI USB Serial Device converter detected
[  758.413330][ T4332] usb 7-1: Detected SIO
[  758.418551][ T4332] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  758.439564][T14412] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2851'.
[  758.564088][T14363] team0: Port device team_slave_0 added
[  758.723202][T14363] team0: Port device team_slave_1 added
[  758.837073][T14363] batman_adv: batadv0: Adding interface: batadv_slave_0
[  758.876855][T14363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  758.914463][ T6141] usb 7-1: USB disconnect, device number 5
[  758.957380][ T6141] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  759.000907][T14363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  759.008364][ T6141] ftdi_sio 7-1:0.23: device disconnected
[  759.112323][T14363] batman_adv: batadv0: Adding interface: batadv_slave_1
[  759.119304][T14363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  759.168308][T14363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  759.323698][T14426] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2854'.
[  759.616884][T14363] device hsr_slave_0 entered promiscuous mode
[  759.641745][T14363] device hsr_slave_1 entered promiscuous mode
[  759.811956][ T8116] IPVS: stopping backup sync thread 9270 ...
[  759.986140][ T6141] general protection fault, probably for non-canonical address 0xdffffc0000000026: 0000 [#1] PREEMPT SMP KASAN
[  759.997901][ T6141] KASAN: null-ptr-deref in range [0x0000000000000130-0x0000000000000137]
[  760.006336][ T6141] CPU: 0 PID: 6141 Comm: kworker/0:7 Not tainted syzkaller #0
[  760.013817][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  760.023891][ T6141] Workqueue: events l2cap_info_timeout
[  760.029463][ T6141] RIP: 0010:__lock_acquire+0xe8/0x7c50
[  760.034940][ T6141] Code: 42 0f b6 04 00 84 c0 0f 85 53 65 00 00 83 3d 22 a1 bc 0c 00 0f 84 c0 27 00 00 83 3d 31 8b 3c 0b 00 74 29 48 89 d8 48 c1 e8 03 <42> 80 3c 00 00 74 12 48 89 df e8 f9 06 6e 00 49 b8 00 00 00 00 00
[  760.054540][ T6141] RSP: 0018:ffffc90003c67680 EFLAGS: 00010002
[  760.060593][ T6141] RAX: 0000000000000026 RBX: 0000000000000130 RCX: 1ffff9200078cef4
[  760.068541][ T6141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000130
[  760.076491][ T6141] RBP: ffffc90003c678d0 R08: dffffc0000000000 R09: 0000000000000000
[  760.084449][ T6141] R10: fffffbfff1c3ed56 R11: 1ffffffff1c3ed55 R12: ffff888027288000
[  760.092430][ T6141] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  760.100404][ T6141] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  760.109319][ T6141] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  760.115907][ T6141] CR2: 0000200000090000 CR3: 000000007ac32000 CR4: 00000000003506f0
[  760.123871][ T6141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  760.131828][ T6141] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  760.139777][ T6141] Call Trace:
[  760.143055][ T6141]  <TASK>
[  760.145978][ T6141]  ? __lock_acquire+0x7c50/0x7c50
[  760.150989][ T6141]  ? __rwlock_init+0x140/0x140
[  760.155777][ T6141]  ? __lock_acquire+0x13c0/0x7c50
[  760.160783][ T6141]  ? do_raw_spin_unlock+0x11d/0x230
[  760.166053][ T6141]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  760.171949][ T6141]  ? verify_lock_unused+0x140/0x140
[  760.177147][ T6141]  ? debug_object_assert_init+0x1ed/0x2f0
[  760.183032][ T6141]  ? __timer_delete+0x6c/0x220
[  760.187785][ T6141]  lock_acquire+0x1b4/0x490
[  760.192409][ T6141]  ? l2cap_sock_ready_cb+0x41/0x120
[  760.197677][ T6141]  ? read_lock_is_recursive+0x10/0x10
[  760.203040][ T6141]  ? __cancel_work+0x1f4/0x2d0
[  760.207791][ T6141]  ? lockdep_hardirqs_on+0x94/0x140
[  760.213494][ T6141]  ? __cancel_work+0x26f/0x2d0
[  760.218240][ T6141]  lock_sock_nested+0x44/0x100
[  760.222983][ T6141]  ? l2cap_sock_ready_cb+0x41/0x120
[  760.228164][ T6141]  l2cap_sock_ready_cb+0x41/0x120
[  760.233172][ T6141]  l2cap_conn_start+0x7d7/0xe90
[  760.238006][ T6141]  ? l2cap_conn_update_id_addr+0x250/0x250
[  760.243793][ T6141]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  760.249754][ T6141]  ? read_lock_is_recursive+0x10/0x10
[  760.255106][ T6141]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  760.261021][ T6141]  ? _raw_spin_unlock+0x40/0x40
[  760.265860][ T6141]  ? _raw_spin_unlock_irq+0x1f/0x40
[  760.271042][ T6141]  ? process_one_work+0x7a1/0x1160
[  760.276133][ T6141]  process_one_work+0x898/0x1160
[  760.281053][ T6141]  ? worker_detach_from_pool+0x240/0x240
[  760.286670][ T6141]  ? _raw_spin_lock_irq+0xab/0xe0
[  760.291678][ T6141]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  760.297050][ T6141]  ? kthread_data+0x4b/0xc0
[  760.301643][ T6141]  worker_thread+0xaa2/0x1250
[  760.306315][ T6141]  ? __kthread_parkme+0x162/0x1c0
[  760.311337][ T6141]  kthread+0x29d/0x330
[  760.315530][ T6141]  ? worker_clr_flags+0x1a0/0x1a0
[  760.320538][ T6141]  ? kthread_blkcg+0xd0/0xd0
[  760.325113][ T6141]  ret_from_fork+0x1f/0x30
[  760.329538][ T6141]  </TASK>
[  760.332554][ T6141] Modules linked in:
[  760.336445][ T6141] ---[ end trace 0000000000000000 ]---
[  760.341897][ T6141] RIP: 0010:__lock_acquire+0xe8/0x7c50
[  760.347357][ T6141] Code: 42 0f b6 04 00 84 c0 0f 85 53 65 00 00 83 3d 22 a1 bc 0c 00 0f 84 c0 27 00 00 83 3d 31 8b 3c 0b 00 74 29 48 89 d8 48 c1 e8 03 <42> 80 3c 00 00 74 12 48 89 df e8 f9 06 6e 00 49 b8 00 00 00 00 00
[  760.367037][ T6141] RSP: 0018:ffffc90003c67680 EFLAGS: 00010002
[  760.373092][ T6141] RAX: 0000000000000026 RBX: 0000000000000130 RCX: 1ffff9200078cef4
[  760.381051][ T6141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000130
[  760.389003][ T6141] RBP: ffffc90003c678d0 R08: dffffc0000000000 R09: 0000000000000000
[  760.396955][ T6141] R10: fffffbfff1c3ed56 R11: 1ffffffff1c3ed55 R12: ffff888027288000
[  760.404927][ T6141] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  760.412882][ T6141] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  760.421816][ T6141] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  760.428396][ T6141] CR2: 0000200000090000 CR3: 000000007ac32000 CR4: 00000000003506f0
[  760.436402][ T6141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  760.444367][ T6141] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  760.452338][ T6141] Kernel panic - not syncing: Fatal exception
[  760.458778][ T6141] Kernel Offset: disabled
[  760.463098][ T6141] Rebooting in 86400 seconds..